Re: Legal tokens (Koen Holtman) writes:

    Well, when I say legal I mean legal according to what is written in
    the specifications.  Your examples are clearly strange, but the
    specifications do not disallow these strange examples, so they are

Just to clarify: when we were writing the HTTP/1.1 spec, we made
a decision not to specifically list all of the possible non-compliant
combinations of headers and directives, because the combinatorics
would result in a huge list.

(Please try to use words like "compliant" instead of "legal.")

So there are definitely cases which the spec does not explicitly
say "you MUST NOT do this", yet which any reasonable person who
understood the spec would realize that these cases don't comply
with the intentions behind the spec.

In general, if you aren't sure that the spec allows some combination,
then it's a bad idea to send it, since you have no idea whether
the person who wrote the implementation at the receiving end
understood things the same way that you did.


Received on Tuesday, 12 September 2000 11:35:26 UTC