- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Thu, 19 Aug 2010 15:12:39 +0200
- To: Paul Wise <pabs3@bonedaddy.net>
- CC: ietf-http-wg <ietf-http-wg@w3.org>
On 19.08.2010 14:57, Paul Wise wrote: > ... >> That doesn't mean there aren't good ones. > > Do you have any examples? I'm unable to think of any. > ... Sometimes it's necessary to do the Right Thing, although some UAs break when you attempt to. For instance, using RFC 2231 / RFC 5987 encoding in Content-Disposition (fails with IE/Safari/Chrome), or when sending a proper Vary response header (which causes all kinds of trouble in old IE versions). >> Independently of that, what *effect* do you think making it "illegal" has? > > Hopefully to stop user-agents from sending the header at all, servers > from providing access to it in their logs or environment variables and > web applications and sites from using it in hacks to discriminate > against users of browsers from the wrong vendor. > > If you mean at the protocol level, I would suggest servers return 400 > Bad Request when a client sends User-Agent. U-A is widely used for working around UA bugs. If we made it illegal we probably would need to replace it with something that provides that functionality. I'm not sure how that would be different from what we have today, nor how to deploy it in practice. Best regards, Julian
Received on Thursday, 19 August 2010 13:13:21 UTC