Re: XHR2 and Sec-* headers from Anne van Kesteren on 2011-02-22 (public-ietf-w3c@w3.org from February 2011)

From: Anne van Kesteren <annevk@opera.com>
Date: Tue, 22 Feb 2011 09:32:07 +0100
To: public-ietf-w3c <public-ietf-w3c@w3.org>, "Mark Nottingham" <mnot@mnot.net>
Message-ID: <op.vrapzsh564w2qv@anne-van-kesterens-macbook-pro.local>

On Mon, 21 Feb 2011 23:38:03 +0100, Mark Nottingham <mnot@mnot.net> wrote:
> A HTTPbis WG member noticed that the XHR2 draft gives special status to  
> HTTP headers starting with Sec-* and Proxy-*:
>
> <http://www.w3.org/TR/XMLHttpRequest2/#the-setrequestheader-method>
>
> """
> Terminate these steps if header is a case-insensitive match for one of  
> the following headers … or if the start of header is a case-insensitive  
> match for Proxy- or Sec- (including when header is just Proxy- or Sec-).
> """
>
> This really needs to be coordinated, for a few reasons.

For the record, this has been in XMLHttpRequest for a long time (February  
2008) and has been through multiple Last Calls for which the HTTP WG has  
been notified. This is not a new Level 2 feature.


-- 
Anne van Kesteren
http://annevankesteren.nl/

Received on Tuesday, 22 February 2011 08:32:45 UTC