W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: h2 header field names

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Fri, 05 Sep 2014 02:28:20 +1200
Message-ID: <54087704.8020705@treenet.co.nz>
To: ietf-http-wg@w3.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 5/09/2014 1:23 a.m., Willy Tarreau wrote:
> On Thu, Sep 04, 2014 at 03:18:56PM +0200, Julian Reschke wrote:
>> On 2014-09-04 14:07, Mark Nottingham wrote:
>>> 
>>> On 4 Sep 2014, at 3:02 pm, Poul-Henning Kamp
>>> <phk@phk.freebsd.dk> wrote:
>>> 
>>>> But I havn't seen *anybody* say that need to be able to put
>>>> NUL, STX or ANSI-escape sequences in HTTTP headers, so I
>>>> don't understand why can't we outlaw them in HTTP/2.0, even
>>>> if we don't settle the ASCII/UTF-8 question yet ?
>>>> 
>>>> IMO nothing *in* the headers should contain 0x00-0x1f or
>>>> 0x7f.
>>>> 
>>>> What makes that decision impossible ?
>>> 
>>> Didn?t say it was. What do people think?
>> 
>> They are disallowed in HTTP/1.1 (MUST NOT send...), so I think it
>> would be good to disallow them in HTTP/2 (hard fail?) as well.
> 
> +1

+1

Amos

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJUCHcEAAoJELJo5wb/XPRjrisIAMY0VAkPqKTvWOHXdm9zIUfQ
YKDiCR+H1tr3RIMP6q9HaRvz965NS6mB1t3wggzeYKKsapAclG4cOH5gqxgU270T
eBpfFUaU2asmYxoDQcc+PhonH5m5m3r3eeVGW6wTe/KixPESqRCb+TzvixbSxdWp
padm7S+kFvrj8H4m6CSlOWuhLU0FsAmS9CJBnTeSAmOXCvuNHfoGKsre1qEAlrqf
X503HYbg75FmjHX21FMQf7kbBSg3gcDNfG8FYNOHGYaTzptTtD2TGwW7sh8VEAzN
MENWZW2XkHbILPX0kg4NEef61RBPo4aiff+nupy+krt+J8hp8z4vi6GlST+q5CM=
=9ZX6
-----END PGP SIGNATURE-----
Received on Thursday, 4 September 2014 14:28:56 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:10 UTC