- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Sun, 10 Jul 2016 11:35:49 +0200
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Cc: Phil Hunt <phil.hunt@oracle.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 2016-07-10 11:09, Poul-Henning Kamp wrote: > -------- > In message <683f5f58-6046-d9fb-cc75-d0ab3890ce23@greenbytes.de>, Julian Reschke > writes: >> On 2016-07-10 10:04, Poul-Henning Kamp wrote: >>> ... >>>> FWIW, duplicate headers aren't really needed, when the header field was >>>> defined properly (so the only problem is Set-Cookie, see >>>> <https://greenbytes.de/tech/webdav/rfc7230.html#field.order>). >>> >>> I'll second the call for a blanket ban on repeat headers if they >>> use the new (JSON-)syntax. >>> ... >> >> But that's not what I said. > > No, that is what Phil asked for: > >> It would be nice if the JSON encoding handled arrays so that the demand for >> duplicate headers is removed. Signing could then be more successful and could >> even stipulate that the presence of a repeat header in a signed request is a >> failure condition. > > I would go as far to make all repeat header a failure condition under the > new format. I'm not sure how that would be helpful, nor how that would be legal wrt the base spec. Best regards, Julian
Received on Sunday, 10 July 2016 09:36:25 UTC