Re: SETTINGS_MAX_HEADER_LIST_SIZE, was: Last Call: <draft-ietf-httpbis-http2-16.txt> (Hypertext Transfer Protocol version 2) to Proposed Standard from Martin Thomson on 2015-01-13 (ietf-http-wg@w3.org from January to March 2015)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 12 Jan 2015 16:01:15 -0800
To: "Jason T. Greene" <jason.greene@redhat.com>
Cc: Julian Reschke <julian.reschke@gmx.de>, Amos Jeffries <squid3@treenet.co.nz>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CABkgnnViUMpULTsjgNGBtckmF+ExAc-s-t7H0NO5x_7NcyTQ2Q@mail.gmail.com>

On 12 January 2015 at 15:44, Jason T. Greene <jason.greene@redhat.com> wrote:
> Wouldn't it be useful for a browser's XHR implementation? That way just the respective bit of JS fails (with a handleable error) as opposed to potentially interfering with other resources being loaded on the same connection.

Yes, good point.  After all, it is the attack platform of choice.

Received on Tuesday, 13 January 2015 00:01:43 UTC