- From: Mark Nottingham <mnot@mnot.net>
- Date: Tue, 22 Feb 2011 09:18:18 +1100
- To: Bjoern Hoehrmann <derhoermi@gmx.net>
- Cc: ietf-http-wg@w3.org
Thanks, Bjoern. I think the underlying issue is whether a W3C draft should unilaterally make such a declaration; it's kind of a one-time thing. I.e., if another use case comes along and declares *their* special prefix, it'll be impractical. I'll put on my liaison hat and bring it up with the W3C. Cheers, On 22/02/2011, at 8:14 AM, Bjoern Hoehrmann wrote: > Hi, > > Over in the hybi Working Group the issue of "Sec-*" headers came up. > The XMLHttpRequest draft says "Header names starting with Sec- are not > allowed to be set to allow new headers to be minted that are guaranteed > not to come from XMLHttpRequest." It seems to me that if "Sec-*" headers > are somehow special, that is something the core specifications needs to > mention, like in the header registration specification, but I could not > find anything there from a quick look. > > regards, > -- > Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de > Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de > 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ > -- Mark Nottingham http://www.mnot.net/
Received on Monday, 21 February 2011 22:18:50 UTC