- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Tue, 27 May 2008 14:32:01 +0200
- To: Anne van Kesteren <annevk@opera.com>
- CC: Sunava Dutta <sunavad@windows.microsoft.com>, "public-webapi@w3.org" <public-webapi@w3.org>, Gideon Cohn <gidco@windows.microsoft.com>, Ahmed Kamel <Ahmed.Kamel@microsoft.com>, Zhenbin Xu <zhenbinx@windows.microsoft.com>, Doug Stamper <dstamper@exchange.microsoft.com>
Anne van Kesteren wrote:
>
> On Tue, 13 May 2008 10:40:16 +0200, Julian Reschke
> <julian.reschke@gmx.de> wrote:
>> Anne van Kesteren wrote:
>>> I see. (Your original message seemed to imply the list was not
>>> correct.) To be honest, and as I've stated in my reply to Julian, I'm
>>> not sure what the rationale is for some of them. Hopefully
>>> implementors can chime in on this thread and provide feedback for why
>>> each of the headers listed in setRequestHeader() is blocked.
>>
>> Right. On the other hand, if nobody can explain why a particular
>> header is on that list, it should be removed.
>
> All the headers on that list are better controlled by the user agent. I
> made the specification more clear on that.
>
> I also made it clear that the user agent is not to set any headers other
> than those on that list and those permitted to be set if the author has
> not set them (as explained under the send() algorithm).
So, why are the headers below on the list?
* Accept-Charset
* Accept-Encoding
* Expect
* Referer
* User-Agent
BR, Julian
Received on Tuesday, 27 May 2008 12:32:43 UTC