- From: Roy T. Fielding <fielding@gbiv.com>
- Date: Mon, 20 Feb 2012 10:23:12 -0800
- To: Matthias Schunter <mts@zurich.ibm.com>
- Cc: Tracking Protection Working Group <public-tracking@w3.org>
Yes, we can just reduce the characters allowed since we do not anticipate arbitrary input here. I do have a suggested use for these extensions similar to how I defined limitations for the tracking status resource response field. ....Roy On Feb 20, 2012, at 1:23 AM, Matthias Schunter <mts@zurich.ibm.com> wrote: > Hi Roy, > > thanks for pointing this out. > > Question: Is it easy to fix by contraining the characterset or > defining a transport encoding within JSON? > > If yes, I propose that you just fix it ;-) Drop me a line and I'll > create a correponding ACTION. > > Regards, > Matthias > > > On 2/16/2012 12:50 AM, Tracking Protection Working Group Issue Tracker > wrote: >> tracking-ISSUE-126: DNT-extension syntax includes characters not safe to embed in JSON [Tracking Preference Expression (DNT)] >> >> http://www.w3.org/2011/tracking-protection/track/issues/126 >> >> Raised by: Roy Fielding >> On product: Tracking Preference Expression (DNT) >> >> The definition of DNT-extension in the FPWD includes a very wide set of characters because we had not made any decisions about extensions. However, if the field-value is going to be echoed back to the client, as in the current proposal for the tracking status resource, then we should reduce the characters allowed to a safe set that can be easily embedded in a JSON string. >> >> >> >> >> >> > >
Received on Monday, 20 February 2012 18:23:41 UTC