W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2012

Re: XHR's setRequestHeader and the Do Not Track (DNT) header

From: Anne van Kesteren <annevk@annevk.nl>
Date: Wed, 9 May 2012 23:38:56 +0200
Message-ID: <CADnb78iQe4Q3cHCiqOpwK7ZUr_8HRo8XrKSMYXT_OUzyOoqXtA@mail.gmail.com>
To: Ian Melven <imelven@mozilla.com>
Cc: public-webapps@w3.org, Sid Stamm <sid@mozilla.com>, Tom Lowenthal <tom@mozilla.com>, Adam Barth <w3c@adambarth.com>
On Tue, May 8, 2012 at 9:34 PM, Ian Melven <imelven@mozilla.com> wrote:
> i'd like to propose that the Do Not Track header (see http://www.w3.org/TR/tracking-dnt/#dnt-header-field) "DNT"
> be added to the list of request headers not allowed to be set via XHR's setRequestHeader method (see
> http://dvcs.w3.org/hg/xhr/raw-file/tip/Overview.html#the-setrequestheader%28%29-method)

That shouldn't be a problem. I wonder, should we remove the "Sec-"
handling? That was suggested at some point as we are special casing
header naming, but it does not appear to be used. And given that
updating this magic list is not really a big problem and browsers are
updated quick enough maybe that is just as well.

Anne — Opera Software
Received on Thursday, 10 May 2012 01:24:58 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:26:40 UTC