- From: Cameron McCormack <cam@mcc.id.au>
- Date: Wed, 5 Apr 2006 18:20:37 +1000
- To: "Web APIs WG (public)" <public-webapi@w3.org>
Cameron McCormack: > >I don't see any reason (except for the stated goal of finding a common > >baseline on all implementations) to exclude some HTTP headers. Anne van Kesteren: > You mean methods? What about methods other specifications are introducing? Sorry, yes, methods. What's the possible reason for restricting the method sent at all? Are there any security implications for allowing any syntactically valid method and just leave it up to the server to decide what is appropriate (given same-host connection restrictions)? Maybe CONNECT's potential for bad outweighs the good... -- Cameron McCormack ICQ: 26955922 cam (at) mcc.id.au MSN: cam (at) mcc.id.au http://mcc.id.au/ JBR: heycam (at) jabber.org
Received on Wednesday, 5 April 2006 08:20:46 UTC