W3C home > Mailing lists > Public > www-validator@w3.org > September 2003

Re: Validator https problem?

From: Liam Quinn <liam@htmlhelp.com>
Date: Wed, 3 Sep 2003 21:53:54 -0400 (EDT)
To: Norbert Veber <nveber@pyre.virge.net>
Cc: www-validator@w3.org
Message-ID: <Pine.LNX.4.44.0309032152390.30367-100000@localhost.localdomain>

On Wed, 3 Sep 2003, Norbert Veber wrote:

> On Mon, Sep 01, 2003 at 11:00:00PM -0400, Liam Quinn wrote:
> > Linking to <http://validator.w3.org/check/referer> depends on the browser 
> > to send the Referer header, which browsers generally don't send when 
> > requesting an insecure page from a secure one.
> 
> Ah, I didnt know that.  Is this documented further someplace?  I just
> wonder what the rationale is..

Yes, it's in the HTTP/1.1 specification:

   Clients SHOULD NOT include a Referer header field in a (non-secure)
   HTTP request if the referring page was transferred with a secure
   protocol.

http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html#sec15.1.3

-- 
Liam Quinn
Received on Wednesday, 3 September 2003 21:52:30 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 25 April 2012 12:14:09 GMT