RE: Overlapping ranges

On Mon, 13 Oct 2008, Brian Smith wrote:

> Yves Lafon wrote:
>> On Sun, 12 Oct 2008, Stefanos Harhalakis wrote:
>> In the same vein, refusing overlapping range request that
>> would be bigger than exporting the whole document (and
>> serving the document instead) seems to be a sane
>> implementation choice, but the spec shouldn't cover all
>> those corner cases, IMHO.
>
> I agree that the specification doesn't need to be ammended to allow the
> server to refuse these requests since the server can already refuse them.
> However, it should be mentioned in the security considerations.

Agreed. and it's the case for all known security issues.

-- 
Baroula que barouleras, au tiéu toujou t'entourneras.

         ~~Yves

Received on Tuesday, 14 October 2008 14:37:24 UTC