- From: Mark Nottingham <mnot@mnot.net>
- Date: Fri, 10 Feb 2017 18:47:38 +1100
- To: Ashok Kumar <ashokkumarj@gmail.com>
- Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
If you're worried about a middlebox and the connection isn't encrypted, it's really game over; they can modify anything. Cheers, > On 10 Feb 2017, at 5:26 pm, Ashok Kumar <ashokkumarj@gmail.com> wrote: > > Hi All, > > rfc7230#section-4.4 talks about the Trailer header for Chunked T-E. > > I need some clarity on expected behavior from server, > > When a User-Agent sends a POST request with Chunked body and includes a Trailer header (say with value content-md5) in the request headers, but doesn't include any trailers after the zero chunk in the POST body. > > Should this be an error or can this be ignored? > > Since none of the mandatory headers can be present, I feel that this can be ignored, > > But on the other hand, content-md5 not getting generated could be some middle box modifying the content and stripping off the trailer? > > > Thanks in advance, > Ashok -- Mark Nottingham https://www.mnot.net/
Received on Friday, 10 February 2017 07:48:12 UTC