- From: Aaron Kemp <kemp@google.com>
- Date: Sun, 6 Apr 2008 16:14:21 -0400
- To: "Francois Daoust" <fd@w3.org>
- Cc: public-bpwg-ct <public-bpwg-ct@w3.org>
Sorry this is so late, just digging out from vacation. On Tue, Mar 18, 2008 at 1:09 PM, Francois Daoust <fd@w3.org> wrote: > Should we rather use an affirmative form such as "Proxies MAY alter request > bodies, typically when [above blah]"? > Should we just say nothing? I guess I'd vote to either say they MAY or just note that it occurs in practice. > Just to make sure I understand: the form that uses GET is converted to a > form that uses POST when the HTTP response that contains the form is sent to > the user. The user thus issues a POST request which is then converted back > to a GET request by the CT-proxy. In other words, from the origin server's > point of view, the form still uses GET. Am I right? Exactly. The origin server doesn't notice because nothing changes. > That's more than "altering request body". It's "altering request method". > We may want to add that as well. Right. > Note that my second question would be: could you precise "a variety of > reasons"? I can think of URI that would become too long, although I remember > having had this problem six years ago, so I'm not sure it's still an issue > in practice in 2008. URIs definitely can become too long (phones are more limited than desktop browsers, as are the gateways in between sometimes). It's also to prevent casual snooping, and finally, we use our own URL parameters, so we'd have to ensure the user submitted form values didn't collide with ours. Aaron
Received on Sunday, 6 April 2008 20:15:03 UTC