- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Thu, 4 Oct 2018 17:29:56 +0200
- To: Eric Lawrence <Eric.Lawrence@microsoft.com>, Ricardo Iramar dos Santos <riramar@gmail.com>, WebAppSec WG <public-webappsec@w3.org>
On 9/25/2018 4:42 PM, Eric Lawrence wrote: > Anecdotally, I’ve never seen a browser itself specify a > Transfer-Encoding on a **request**. What if the request body size is unknown beforehand? > The use of Content-Encoding: gzip on certain uploads has been proposed > at various points (and possible via e.g. Flash, IIRC) but it suffers > from the general challenge that there’s no good way to understand > whether the server will accept such encoding (and protect itself from > Zip bombs attacks, etc). -> <https://greenbytes.de/tech/webdav/rfc7694.html> Best regards, Julian
Received on Thursday, 4 October 2018 15:30:25 UTC