- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Fri, 07 Mar 2008 05:48:09 +0100
- To: Morgan L <morganl.webkit@yahoo.com>
- Cc: public-webapi@w3.org
* Morgan L wrote: >In section 2 of http://www.w3.org/TR/XMLHttpRequest/, >it says that setRequestHeader should reject the >connection header. The purpose of these restrictions is to remind implementers that the user agent has to control certain headers for protocol integrity or other reasons, in other words, implementations should not blindy pass to the server whatever value a script might have set there. It should be perfectly permissable if the implementation instead of ignoring the attempt at setting some value takes the attempt under advisement when making its own decisions what to set the header to, in other words, the browser might well list close among the tokens after a script tried to set the header. I agree the current text does not convery this very well, do you have a suggestion how to editorially improve it? We can't simply "allow" this particular case as simply sending "Connection: close" can be wrong in many cases (see e.g. RFC 2616, section 13.5.1). -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de 68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
Received on Friday, 7 March 2008 04:59:54 UTC