Re: treating invalid parameters in Content-Disposition

On Sun, Oct 3, 2010 at 12:28 PM, Eric J. Bowman <> wrote:
> Adam Barth wrote:
>> That's the interesting question for folks who wish to generate the
>> header.  The question for folks who want to consume the header is
>> different.  The operative question is "what single semantic theory
>> captures the intended semantics of the largest number of messages
>> generated in practice?"  These two things are quite likely to be
>> different in this case.  (I'm writing up a longer message explaining
>> this statement.)
> I understand what you mean perfectly well.  I still don't see the
> relevance of that dichotomy to HTTP.  Why should C-D generation be
> defined in terms of handling syntax that was never specified?

No one is proposing that.

>  Why should such implementation details even be included in HTTP?

No one is proposing that.

>  Why *isn't* 99% interoperability of the conformant syntax good enough?

In general, browsers aim for somewhere between 99.99% and 99.999%
compatibility.  There are two ways to think about what 99%
compatibility would be like:

1) The browser does the wrong thing on 1% of all page views.  That
means users will be seeing the browser do wrong things on a daily, or
at least weekly, basis (based on statistics about the distribution of
number of page views).  That more than enough to drive potential
customers away.

2) The browser does the wrong thing on 1% of all web sites.  Which of
the Alex top 100 web sites would you like your browser to be
incompatible with?  Let's try the 100th ranked one:  If I
checked in a change that broke compatibility with NewEgg, I'm pretty
sure I'd have to fix it.

Even with all the effort that browsers put into compatibility, "not
compatible enough" is a top reason for user attrition according to
uninstall surveys.  This stuff really matters.

Why 99.99% to 99.999%?  Well, now the user can use the browser for a
year without seeing compatibility problems and I've broken  Now, I'm sure has an
audience that will be sad about that, but I can't please everyone.

>> > I do not see the relevance of user agent implementation concerns, to
>> > HTTP defining what constitutes conformant messaging syntax.
>> Indeed.  It's precisely this lack of caring about the concerns of user
>> agent implementors that's causing the problem.
> Browser vendors.  If addressing your concerns means that all user
> agents are expected to behave like browsers, then my perspective is
> that it would reflect a lack of caring about the concerns of anyone
> else implementing HTTP.  What's right for browsers isn't necessarily
> right for wget/curl, in fact the diverse re-use of those two user
> agents is evidence that it would be impossible to come to consensus on
> HTTP if its scope were to include implementation instructions for user
> agents.  Some things are best left unspecified, rather than impossibly
> overspecified.

That's all fine.  What I'm asking for is that the Content-Disposition
spec not forbid browsers from doing things they're going to do anyway.


Received on Sunday, 3 October 2010 20:10:14 UTC