With the ABNF changes and explicit whitespace in the -06 drafts, the editors believe that issue #30 is addressed. Specifically; 1. Is LWS permitted between the field-name and colon? No, because this is a security issue. Relevant text from p1: > No whitespace is allowed between the header field-name and colon. > For security reasons, any request message received containing such > whitespace MUST be rejected with a response code of 400 (Bad > Request) and any such whitespace in a response message MUST be > removed. 2. What about LWS before the field-name? Not allowed in the proposed grammar. -- Mark Nottingham http://www.mnot.net/Received on Monday, 6 April 2009 09:58:49 UTC
This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:19 UTC