Hi Dmitry, On Tue, Nov 29, 2011 at 10:35:18AM +0400, Dmitry Kurochkin wrote: (...) > > The smuggling risk only rises where conflicting or incorrect values are > > sent, which is the case described in item #3. > > > > Indeed. So even if proxy does not remove the duplicate CL values, it > still must correctly determine the message length per item #4 because > item #3 does not apply here. In this case, "prior to determining the > message-body length" part in the paragraph 4 seems unneeded. I think the "prior to determining..." part comes from a general handling of multiple headers. For numerical values, it is not a problem. However some headers will have a different meaning when folded. For instance, an Expires header that would be split between the day of week and the rest could be valid only once folded : Expires: Tue Expires: 29 Nov 2011 06:40:52 GMT vs Expires: Tue, 29 Nov 2011 06:40:52 GMT In my opinion, having such guidelines in the spec is better than leaving it to the implementer to guess them. For those who're unsure, they'll write more reliable code. If you know what you're doing and are able to guess that in your case the "prio to" is unneeded, then that's fine. Regards, WillyReceived on Tuesday, 29 November 2011 06:44:26 UTC
This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:26 UTC