- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Tue, 2 Jul 2013 10:25:49 -0700
- To: William Chan (陈智昌) <willchan@chromium.org>
- Cc: James M Snell <jasnell@gmail.com>, Sam Pullara <spullara@gmail.com>, Albert Lunde <atlunde@panix.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 2 July 2013 10:22, William Chan (陈智昌) <willchan@chromium.org> wrote:
> I don't understand why this proposal is an improvement.
Me too :)
> On Tue, Jul 2, 2013 at 10:15 AM, James M Snell <jasnell@gmail.com> wrote:
>> PUSH_PROMISE
>> :path = http://someother.example.com/some-other-content.js
>> push-authorization: {auth token of some sort}
>> Now, this is just a strawman example, but it demonstrates that we can
>> achieve the cross-domain push while still having the No :host or
>> :scheme in PUSH_PROMISE restriction.
This in particular makes me queasy. :scheme, :host and :path are so
simple. Please don't mess them up further.
>> In general, I have a challenge making statements like "make sure the
>> server is allowed to push" without defining (or referring to) any
>> means of actually performing that verification... but ah well...
That's OK, because we do define the rules. See Section 10.1:
http://tools.ietf.org/html/draft-unicorn-httpbis-http2-00#section-10.1
Received on Tuesday, 2 July 2013 17:26:17 UTC