Re: [Technical Errata Reported] RFC7231 (4031)

On Tue, Jul 1, 2014 at 8:45 AM, Julian Reschke <> wrote:
> True, but what would be a bigger concern is the case where draconic error
> handling results in a *loss* of security (and that's not the case here,
> right?).

I could imagine this being the cause of a crucial subresource not
working. Cannot immediately think of an attack though.

> It would be awesome if the people working on Servo would have a look at
> <> and try
> to come up with some kind of library that makes it easier to create parsers
> for the notoriously hard to parse yet similar header fields (C-C, WWW-A,
> C-D, C-T ...)

It would be, but what we should be aiming for is not requiring
additional work as launching a new client is already very costly.


Received on Tuesday, 1 July 2014 06:59:30 UTC