Re: CORS performance proposal

On Sat, Feb 21, 2015 at 11:18 PM, Anne van Kesteren <annevk@annevk.nl> wrote:
> On Sat, Feb 21, 2015 at 10:17 AM, Martin Thomson
> <martin.thomson@gmail.com> wrote:
>> On 21 February 2015 at 20:43, Anne van Kesteren <annevk@annevk.nl> wrote:
>>> High-byte of what? A URL is within ASCII range when it reaches the
>>> server. This is the first time I hear of this.
>>
>> Apparently, all sorts of muck floats around the Internet.  When we did
>> HTTP/2 we were forced to accept that header field values (URLs in
>> particular) were a sequence of octets.  Those are often interpreted as
>> strings in various interesting ways.
>
> But in this particular case it must be the browser that generates said
> muck, no? Other than Internet Explorer (and that's a couple versions
> ago, so wouldn't support this protocol anyway), there's no browser
> that does this as far as I know.

All browsers support sending %xx stuff to the server. Decoding those
is likely more often than not happening in a server-specific way
still. Despite specs defining how they should do it.

/ Jonas

Received on Monday, 23 February 2015 19:00:09 UTC