- From: Amit Klein <aksecurity@gmail.com>
- Date: Thu, 11 Sep 2008 22:11:13 +0200
- To: ietf-http-wg@w3.org
The way I see it, double Content-Length is an instance of a more generic failure to follow RFC 2616 section 4.2, which reads: Multiple message-header fields with the same field-name MAY be present in a message if and only if the entire field-value for that header field is defined as a comma-separated list [i.e., #(values)]. It MUST be possible to combine the multiple header fields into one "field-name: field-value" pair, without changing the semantics of the message, by appending each subsequent field-value to the first, each separated by a comma. The order in which header fields with the same field-name are received is therefore significant to the interpretation of the combined field value, and thus a proxy MUST NOT change the order of these field values when a message is forwarded. Now, since Content-Length's field-value is not a comma separated list, it follows that Content-Length should never be sent twice. As well as many other headers. Perhaps it's simply worth mentioning explicitly in the RFC?! -Amit
Received on Thursday, 11 September 2008 19:07:15 UTC