Re: The robustness principle, as view by user agent implementors (Re: Working Group Last Call: draft-ietf-httpbis-content-disp-02)

On 03.10.2010 23:03, Adam Barth wrote:
> ...
>>> Now, I'm fine with forbidding servers from generating %-encoded
>>> values.  In fact, I believe that would be desirable.  However, just
>>> because we forbid servers from generating the values does not mean
>>> that we must also forbid user agents from consuming them.
>> I'd be more than happy recommending something else, if there was a
>> "something else" we can recommend.
> You don't have to define what user agents do in this case.  That's
> fine.  I object to your requiring them to do something they aren't
> going to.
> ...

You misunderstood.

*If* we tell producers that they can't send literal % escapes without 
the risk of them being misinterpreted, then it would be good if we could 
suggest an alternative.

Right now there is none, because the clients that have the broken 
percent-handling also do not implement RFC2231/5987.

Best regards, Julian

Received on Monday, 4 October 2010 07:14:56 UTC