- From: Anne van Kesteren <notifications@github.com>
- Date: Wed, 11 Jan 2017 06:18:18 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 11 January 2017 14:19:23 UTC
I think what I recommend is that we strip any leading and trailing 0x09, 0x0A, 0x0D, and 0x20. So a single 0x0A would not make us throw. Then, if value still contains 0x00, 0x0A, or 0x0D, throw. Then pass it through to the server unchanged. So a header value would be a byte sequence that does not have any leading or trailing HTTP whitespace bytes and does not contain 0x00, 0x0A, or 0x0D. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/332#issuecomment-271879535
Received on Wednesday, 11 January 2017 14:19:23 UTC