- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Thu, 4 Sep 2014 11:28:52 -0700
- To: Julian Reschke <julian.reschke@gmx.de>
- Cc: "Roy T. Fielding" <fielding@gbiv.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 4 September 2014 11:26, Julian Reschke <julian.reschke@gmx.de> wrote: > On 2014-09-04 20:20, Martin Thomson wrote: >> >> On 3 September 2014 23:53, Julian Reschke <julian.reschke@gmx.de> wrote: >>> >>> Wait! Percent-Encoded? >> >> >> OK, then we treat header field values containing forbidden characters >> as malformed? That invalidates a non-zero number of requests that our >> various test runs have detected, I think. Are we OK with that? I am, >> but I'm not as naturally conservative as some folks here. > > > I believe it's strictly better than rewriting to something the recipient > doesn't exist... I'm not sure about the strictly part, but if others are OK with this, or I don't hear any objections, that's what I'll do. An experiment might settle this, but I'm not sure if it's worthwhile.
Received on Thursday, 4 September 2014 18:29:20 UTC