- From: Arjan Veenstra <arjan@veenstra.cx>
- Date: Mon, 22 Sep 2014 20:24:59 +0200
- To: public-webappsec@w3.org
On 2014-09-21 11:13, Anne van Kesteren wrote: > On Sat, Sep 20, 2014 at 10:19 AM, Arjan Veenstra <arjan@veenstra.cx> > wrote: >> I'm also missing a description of how to handle scenarios where a >> resource >> might be available in multiple content types. > > https://wiki.whatwg.org/wiki/Why_not_conneg I'm not sure I agree with all the points mentioned there, mainly because it seems to assume the client is always a browser. But that isn't a discussion which belongs here... Even so, content negotiation exists and is being used, as such I think the standard should a least spend a few words on how to deal with that. I also think it can be supported trivially without any loss of functionality. Depending on the interpretation of the standard it might even be supported, but as it stands the standard isn't explicit about it. Even if you'd want to use this standard as a means to kill content-negotiation it should be explicit about allowing only a single content-type per element. Right now it's not clear, at least not to me. I guess it's clear I'd like to be specifically allowed to specify different hashes for different content-types. But when that won't be allowed, I feel that should be explicit. Regards, Arjan Veenstra
Received on Monday, 22 September 2014 18:25:24 UTC