Daniel DuBois writes: > In fact, if we are going to design browsers that allow the user the > *option* of following the business card auth scheme, we might as well > design browsers to allow the user the *option* of sending out the 'From:' > field, and, if a server really wanted to, it could alter its output based > on whether or not a From: field exists. Some browsers do exactly that already. Emacs-w3 and I think one other, can't remember right now, allow you to selectively turn off the sending of various parts of the HTTP/1.0 request, including Referer, From, and certain information about the operating system you are running on in the User-Agent field. The HTTP/1.0 specification actually encourages this behaviour (or used to, haven't read the new spec in about 3 weeks) in its addendum about security and privacy related issues. -Bill P.Received on Tuesday, 18 July 1995 09:43:44 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:38:36 GMT