- From: Yves Lafon <ylafon@w3.org>
- Date: Thu, 28 Aug 2008 15:19:07 -0400 (EDT)
- To: "William A. Rowe, Jr." <wrowe@rowe-clan.net>
- cc: Brian Smith <brian@briansmith.org>, 'Julian Reschke' <julian.reschke@gmx.de>, 'Dan Winship' <dan.winship@gmail.com>, ietf-http-wg@w3.org
On Thu, 28 Aug 2008, William A. Rowe, Jr. wrote:
> Yves Lafon wrote:
>>
>> On Wed, 27 Aug 2008, Brian Smith wrote:
>>
>>> field that is single-valued but erroneously repeated. If an intermediary
>>> combines two single-valued header fields together then it could change the
>>> meaning of the request/response if the combined value is also a legal
>>> value
>>> for that field (see http://tools.ietf.org/wg/httpbis/trac/ticket/93).
>>
>> If there an example of a repeated single-valued header that, once folded in
>> one list-valued header becomes legal?
>> Content-Length: 12
>> Content-Length: 42
>> is as illegal as
>> Content-Length: 12,42
>>
>> (and more than likely to trigger a 400 reply)
>
> You understand that both representations MUST cause a 400 reply, of course?
> The folding is irrelevant to the underlying flaw/contradiction.
Yes, that was the point of my email, an error in two headers is still an
error once folded :)
The Location use case in interesting, as it depends if in the
implementation the folding is done before verification of the HTTP headers
structure, or at the same time, triggering different level of errors in
the application.
--
Baroula que barouleras, au tiéu toujou t'entourneras.
~~Yves
Received on Thursday, 28 August 2008 19:19:42 UTC