- From: Mark Nottingham <mnot@mnot.net>
- Date: Thu, 4 Sep 2014 10:27:56 +0300
- To: "Julian F. Reschke" <julian.reschke@gmx.de>
- Cc: Martin Thomson <martin.thomson@gmail.com>, Roy Fielding <fielding@gbiv.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 4 Sep 2014, at 9:53 am, Julian Reschke <julian.reschke@gmx.de> wrote: > On 2014-09-03 21:36, Martin Thomson wrote: >> ... >> Characters in header field values that are not valid according to the >> "field-content" rule (see [RFC7230], Section 3.2), SHOULD be percent- >> encoded before translated into HTTP/1.1 header field values. >> >> I hate using SHOULD, but it seems like if I made that a MUST, it would >> be immediately ignored. >> ... > > Wait! Percent-Encoded? > > If we can't transport the field value, we really shouldn't alter it in a way the recipient isn't going to understand (reminder: percent encoding isn't really a feature of field values!). > > SO I think it would be much better to reject these, optimally on the HTTP/2 layer as well. +1 on “What… what?” -- Mark Nottingham http://www.mnot.net/
Received on Thursday, 4 September 2014 07:28:28 UTC