W3C home > Mailing lists > Public > public-webapi@w3.org > March 2008

Re: XHR setRequestHeader("connection", "close") is bogusly rejected

From: Bjoern Hoehrmann <derhoermi@gmx.net>
Date: Fri, 07 Mar 2008 05:48:09 +0100
To: Morgan L <morganl.webkit@yahoo.com>
Cc: public-webapi@w3.org
Message-ID: <ikh1t39971sh1628ma9geumo2a6nghjrjq@hive.bjoern.hoehrmann.de>

* Morgan L wrote:
>In section 2 of http://www.w3.org/TR/XMLHttpRequest/,
>it says that setRequestHeader should reject the
>connection header.

The purpose of these restrictions is to remind implementers that the
user agent has to control certain headers for protocol integrity or
other reasons, in other words, implementations should not blindy pass
to the server whatever value a script might have set there.

It should be perfectly permissable if the implementation instead of
ignoring the attempt at setting some value takes the attempt under
advisement when making its own decisions what to set the header to,
in other words, the browser might well list close among the tokens
after a script tried to set the header.

I agree the current text does not convery this very well, do you have
a suggestion how to editorially improve it? We can't simply "allow"
this particular case as simply sending "Connection: close" can be wrong
in many cases (see e.g. RFC 2616, section 13.5.1).
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 
Received on Friday, 7 March 2008 04:59:54 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 7 March 2008 04:59:54 GMT