- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Tue, 1 Jul 2014 08:09:48 +0200
- To: Mark Nottingham <mnot@mnot.net>
- Cc: Barry Leiba <barryleiba@computer.org>, "Julian F. Reschke" <julian.reschke@greenbytes.de>, RFC Errata System <rfc-editor@rfc-editor.org>, Roy Fielding <fielding@gbiv.com>, Pete Resnick <presnick@qti.qualcomm.com>, HTTP Working Group <ietf-http-wg@w3.org>
On Tue, Jul 1, 2014 at 5:20 AM, Mark Nottingham <mnot@mnot.net> wrote: > Anne, is there security impact here? Rendering Content-Type:text/html; vs showing some kind of error is one of the issues here. > I could see us starting work on a "Tolerant HTTP Header Field Parsing" spec if there's sufficient interest; it's a pretty thankless task, but personally I think it'd be worthwhile, and would contribute. We can spend a few minutes in Toronto on this if anyone else is interested... Exhaustive parsing rules for HTTP clients would be good. Having them differ is a big end user transition problem and can slow development on new clients, such as Servo. -- http://annevankesteren.nl/
Received on Tuesday, 1 July 2014 06:10:15 UTC