- From: Albert Lunde <atlunde@panix.com>
- Date: Sun, 1 Mar 2009 10:25:13 -0500
- To: ietf-http-wg@w3.org
On Sun, Mar 01, 2009 at 12:19:57PM +0100, Julian Reschke wrote:
> Reminder: if we *did* want to relax this in HTTPbis, we will need to
> investigate whether relaxing the value range can break existing code.
It's going to break existing web applications that do equality
tests on Referer for (weak) security, or to prevent deep linking
into web sites. Say, substring matches on hostname, won't be affected.
(All these things have to allow for the case that Referer
is not sent, but they can be brittle in other respects.)
So the effect will be breakage of unspecified sites by the first browser
to adopt it.
--
Albert Lunde albert-lunde@northwestern.edu
atlunde@panix.com (new address for personal mail)
albert-lunde@nwu.edu (old address)
Received on Sunday, 1 March 2009 15:25:46 UTC