- From: Ross Patterson <Ross_Patterson@ns.reston.vmd.sterling.com>
- Date: Thu, 26 Jun 97 17:31:56 EDT
- To: http-wg@cuckoo.hpl.hp.com
- Cc: Ross_Patterson@ns.reston.vmd.sterling.com
Hallam-Baker <hallam@ai.mit.edu> writes: >When I originally wrote that spec bookmarks did not exist... People used to >compile a personal home page with relevant info on it. I use a browser (Charlotte, for VM/CMS systems) that does exactly that to store its bookmarks. Bookmark references come through with "Referer: file:///HOTLIST.HTML.A1", which wouldn't make my company's access control very happy but is still quite correct. >Really the bug is that we never specified a URL space for client use. FILE: comes sort of close, though, as it has an somewhat opaque meaning if you can't read the user's filesystem. >I don't think that supporting these peoples restrictions is a sufficient >reason not to make the change... Nor do I. So long as REFERER is still a part of HTTP, and not deprecated, I'm happy. Our customers who use REFERER will either do so or not depending on what makes sense for their business, and we will continue to provide the capability for them to do so. > "Hints" imply that they can at best ensure SHOULD compliance and >not a MUST. While the restriction could not be introduced as a MUST a >future protocol revision might make it one. Agreed, if a URL's response says "don't identify me as a REFERER", we can't make it a MUST at this time, but we can require that any client that understands the "don't tell on me" header field MUST comply. And naturally, some sites will respond with "Sorry bub, I need to know who told you about me." Ross Patterson Sterling Software, Inc. VM Software Division
Received on Thursday, 26 June 1997 14:44:32 UTC