Re: remove/deprecate User-Agent header? from Paul Wise on 2010-08-19 (ietf-http-wg@w3.org from July to September 2010)

From: Paul Wise <pabs3@bonedaddy.net>
Date: Thu, 19 Aug 2010 12:57:53 +0000
To: ietf-http-wg <ietf-http-wg@w3.org>
Message-ID: <1282222635.8568.76.camel@chianamo>

On Thu, 2010-08-19 at 14:38 +0200, Julian Reschke wrote:

> Clarifying: we aren't defining HTTP/1.2.

Hmmm, Ok.

> That doesn't mean there aren't good ones.

Do you have any examples? I'm unable to think of any.

> Independently of that, what *effect* do you think making it "illegal" has?

Hopefully to stop user-agents from sending the header at all, servers
from providing access to it in their logs or environment variables and
web applications and sites from using it in hacks to discriminate
against users of browsers from the wrong vendor.

If you mean at the protocol level, I would suggest servers return 400
Bad Request when a client sends User-Agent.

-- 
bye,
pabs

http://bonedaddy.net/pabs3/

Received on Thursday, 19 August 2010 13:06:14 UTC