W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2008

Re: [XHR] Some comments on "charset" in the Content-Type header

From: Paul Downey <paul.s.downey@gmail.com>
Date: Fri, 19 Sep 2008 18:54:38 +0100
Message-Id: <F5E18262-9B8C-4107-92AF-CB252F3CF718@gmail.com>
To: public-webapps@w3.org

> > 4) As mentioned in
> >     <https://bugzilla.mozilla.org/show_bug.cgi?id=416178#c22> there
> >     are apparently hardware firewalls that reject entities with a
> >     charset parameter in the Content-Type (weird, yes, I know).  I'm
> >     trying to get more information on this, but we might need a way
> >     for authors to override this behavior somehow by forcing a  
> charset
> >     parameter to not be sent.

I reported this as a bug in Firefox 3.0/3.1 and can confirm there's an  
sending "; charset" to one firmware security device and in particular  
a single sign-on service implemented using CA Siteminder which accepts
HTML Form requests which send a Content-Type of
"application/x-www-form-urlencoded" but rejects the same requests
sent using XHR with "application/x-www-form-urlencoded; charset=UTF8".

We're not in a position to demand changing these servers for our XHR
use-case, and as we have no mechanism to prevent sending the "; charset"
will have to advise against using Firefox 3.0/3.1 for our application.
That's a harsh punishment for Firefox being early adopters of the spec.

> We could of course go back to not setting the charset parameter at all
> unless the author already set it using setRequestHeader()...

That would be a good idea for backwards compatibility.

Received on Sunday, 21 September 2008 01:36:01 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:12 UTC