Re: Today's call: summary on user agent compliance

Roy,

Maybe it would help us all if you would give us an example of what you
consider to be a non-compliant field?

Here are two examples - which one is sending a non compliant header?

This one?

HTTP_USER_AGENT=[Mozilla/5.0 (Macintosh; Intel Mac OS X
10.7; rv:13.0) Gecko/20100101 Firefox/13.0]

HTTP_USER_AGENT=
[Mozilla/5.0]
[(Macintosh;]
[Intel]
[Mac]
[OS]
[X]
[10.7;]
[rv:13.0)]
[Gecko/20100101]
[Firefox/13.0]

HTTP_FROM=[]

Start of CGI environment variables...

GATEWAY_INTERFACE="CGI/1.1"HTTP_ACCEPT="text/html,application/xhtml+xml,app
lication/xml;q=0.9,*/*;q=0.8"
HTTP_ACCEPT_ENCODING="gzip, deflate"
HTTP_ACCEPT_LANGUAGE="en-us,en;q=0.5"
HTTP_CONNECTION="keep-alive"
HTTP_DNT="1"


Or this one?

HTTP_USER_AGENT=[Mozilla/5.0 (Macintosh; Intel Mac OS X
10.7; rv:13.0) Gecko/20100101 Firefox/13.0]
 
HTTP_USER_AGENT=
[Mozilla/5.0]
[(Macintosh;]
[Intel]
[Mac]
[OS]
[X]
[10.7;]
[rv:13.0)]
[Gecko/20100101]
[Firefox/13.0]
 

HTTP_FROM=[]
 
Start of CGI environment variables...
 

GATEWAY_INTERFACE="CGI/1.1"HTTP_ACCEPT="text/html,application/xhtml+xml,app
lication/xml;q=0.9,*/*;q=0.8"
HTTP_ACCEPT_ENCODING="gzip, deflate"
HTTP_ACCEPT_LANGUAGE="en-us,en;q=0.5"
HTTP_CONNECTION="keep-alive"
HTTP_DNT="1"







Peter
___________________________________
Peter J. Cranstone
720.663.1752








On 6/12/12 5:13 PM, "Roy T. Fielding" <fielding@gbiv.com> wrote:

>On Jun 12, 2012, at 3:18 PM, Rigo Wenning wrote:
>
>> On Monday 11 June 2012 15:14:34 Roy T. Fielding wrote:
>>> No, it means I have ignored a header field because it came in
>>> with another header field that matches a non-compliant UA.
>>> Since I have stated that I will not honor DNT when set by
>>> that UA, I have done exactly what I said I would do.  If you
>>> have chosen to spoof the User-Agent header field for some other
>>> UA, then I take that as an instruction that you want all of
>>> the same behavior that I would have delivered for that UA,
>>> including ignoring the DNT signal.
>> 
>> If you chose to not honor a valid DNT request, that's an issue that
>> goes beyond what W3C can define as sanctions. But telling that you
>> discriminate one user agent even though it has sent a valid DNT
>> header even according to the criteria that are consensus in the WG
>> means you're putting yourself outside of DNT.
>
>As I said, the WG has defined the header field.  If it is set by
>default, that setting is non-compliant according to the WG.
>Valid HTTP is defined by both syntax and semantics.
>
>What I do with a non-compliant field is none of your business.
>
>> Discriminating against
>> a user agent only because of the user agent, whatever the user does
>> with that agent is a bold move. A move against the "one web
>> principle" and a move against a standards driven Web for all.
>
>On the contrary, this move is intended to preserve a standard.
>
>Apache has a long history of preserving HTTP in the face of
>anti-competitive behavior by companies that attempted to
>subvert the standards process for their own financial gain or
>to disadvantage their competitors.  In fact, the reason
>we still have one Web is because of that history -- certainly
>not through any action by the spineless W3C.
>
>....Roy
>
>
>

Received on Wednesday, 13 June 2012 00:06:25 UTC