Re: Rejecting messages with illegal characters in header fields (was Re: h2 header field names)

On 4 September 2014 11:26, Julian Reschke <> wrote:
> On 2014-09-04 20:20, Martin Thomson wrote:
>> On 3 September 2014 23:53, Julian Reschke <> wrote:
>>> Wait! Percent-Encoded?
>> OK, then we treat header field values containing forbidden characters
>> as malformed?  That invalidates a non-zero number of requests that our
>> various test runs have detected, I think.  Are we OK with that?  I am,
>> but I'm not as naturally conservative as some folks here.
> I believe it's strictly better than rewriting to something the recipient
> doesn't exist...

I'm not sure about the strictly part, but if others are OK with this,
or I don't hear any objections, that's what I'll do.

An experiment might settle this, but I'm not sure if it's worthwhile.

Received on Thursday, 4 September 2014 18:29:20 UTC