Re: NEW ISSUE: Transfer-Encoding in 1.0 messages

On fre, 2007-11-23 at 18:23 +0100, Bjoern Hoehrmann wrote:

> Your reading of the specification requires to assume that it does not
> explicitly discuss this case for a reason. However, it might just not
> discuss it because the case has been overlooked, and some would see
> the conflicting implementation behavior as security problem. I disagree
> that doing nothing about this in the specification is the best course of
> action.

I am fine with adding yet another comment mentioning that for
interoperbility reasons HTTP/1.1 implementations SHOULD follow the
HTTP/1.1 specifications even if seeing HTTP/1.0 messages except where
specifically noted in the HTTP/1.1 specifications.  HTTP/1.1 clients or
servers SHOULD NOT downgrade their implementation to the informal
HTTP/1.0 specification when seeing an HTTP/1.0 message but continue
processing that message according to the rules defined in the HTTP/1.1

Would that solve your concerns in terms of specifications?


Received on Friday, 23 November 2007 22:18:02 UTC