- From: Foteos Macrides <MACRIDES@sci.wfbr.edu>
- Date: Wed, 07 Jan 1998 11:57:30 -0500 (EST)
- To: masinter@parc.xerox.com
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Larry Masinter <masinter@parc.xerox.com> wrote: >(revised slightly from previous draft) >[...] >Issue PROTECTION-SPACE: People are happy with the current language, but >current implementations don't behave as specified; the spec doesn't >break any existing implementation. We'll go forward with the current >language in rev-01. Note that the current revision still does not address the issue of the implied protection space for Basic proxy authentication (all Request-URIs via the proxy). >[...] >State Management: >[...] >Following the slide presentation, there was discussion on the privacy >considerations in the draft. Ted Hardie: In Comment-URL, the URL could >potentially be a non-HTTP URL, and this issue needs to be addressed. I am puzzled by this statement. In early drafts, there was no restriction on the scheme for CommentURLs. For security reasons, the Lynx field test implementation limited them to server-based schemes (e.g., http(s), gopher, ftp, wais). Subsequent drafts explicitly limited CommentURLs to http (and https by implication :) and the implementation in the recent Lynx v2.7.2 release so restricts them. Isn't this a closed issue? Fote ========================================================================= Foteos Macrides Worcester Foundation for Biomedical Research MACRIDES@SCI.WFBR.EDU 222 Maple Avenue, Shrewsbury, MA 01545 =========================================================================
Received on Wednesday, 7 January 1998 09:15:14 UTC