Re: draft-ietf-httpbis-header-structure-00 for general structured data

In message <>, Amos Jeffries 

>AFAICS for most of the headers that will benefit from generic syntax
>parsing instead of custom parsers the desirable behavour is to normalize
>foo;o=X;o=y down to just foo;o=y to prevent foo;o=X vs foo;o=y
>interpretation differences by various recipients and nasty values being
>smuggled through middleware.
>If we can avoid having parameter name duplication, that would be a good
>step towards uniform handling of these smuggling protections.

I have deliberately not written that dictionaries cannot have duplication,
but smuggling prevention is a good reason to require that.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

Received on Saturday, 24 December 2016 07:43:48 UTC