- From: Anne van Kesteren <annevk@opera.com>
- Date: Tue, 13 Feb 2007 17:02:28 +0100
- To: "Julian Reschke" <julian.reschke@gmx.de>
- Cc: "Web API WG (public)" <public-webapi@w3.org>
On Tue, 13 Feb 2007 16:59:12 +0100, Julian Reschke <julian.reschke@gmx.de> wrote: > I think the spec needs to be carefully checked for usage of > RFC2119/BCP14 terminology. For instance > (<http://dev.w3.org/cvsweb/~checkout~/2006/webapi/XMLHttpRequest/Overview.html?content-type=text/html;%20charset=utf-8#dfn-setrequestheader>): > > "For security reasons nothing SHOULD be done if the header argument > matches one of the following headers case-insensitively:" > > I think I understand what the intent is, but maybe it should be > rephrased to: > > "For security reasons, a server SHOULD ignore any attempt to modify any > of the headers below (header names being matched case-insensitively):" I don't understand this suggestion. Are you sure you understand what the section is about? -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
Received on Tuesday, 13 February 2007 16:02:33 UTC