W3C home > Mailing lists > Public > www-talk@w3.org > January to February 2009

Re: Origin vs Authority; use of HTTPS (draft-nottingham-site-meta-01)

From: Ian Hickson <ian@hixie.ch>
Date: Thu, 12 Feb 2009 01:00:14 +0000 (UTC)
To: Breno de Medeiros <breno@google.com>
Cc: Adam Barth <w3c@adambarth.com>, Eran Hammer-Lahav <eran@hueniverse.com>, "www-talk@w3.org" <www-talk@w3.org>
Message-ID: <Pine.LNX.4.62.0902120058560.952@hixie.dreamhostps.com>

On Wed, 11 Feb 2009, Breno de Medeiros wrote:
> >
> > > 2. This technique may prevent legitimate uses of the spec by 
> > > developers who do not have the ability to set the appropriate 
> > > header.
> >
> > Many developers can control Content-Type headers using .htaccess files 
> > (and their ilk).
> 
> And many others cannot. This is particularly irksome in outsourcing 
> situations where you have only partial control of the hosting 
> environment or depend on non-technical users to perform administrative 
> tasks.

Note that if the spec says that UAs are to ignore the Content-Type header, 
this is a violation of the HTTP and MIME specifications. If this is 
intentional, then the HTTP or MIME specs should be changed.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
Received on Thursday, 12 February 2009 01:01:05 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 October 2010 18:14:30 GMT