- From: Giovanni Campagna <scampa.giovanni@gmail.com>
- Date: Fri, 20 Mar 2009 18:59:52 +0100
- To: Anne van Kesteren <annevk@opera.com>
- Cc: public-webapps <public-webapps@w3.org>
2009/3/19 Anne van Kesteren <annevk@opera.com>: > On Thu, 19 Mar 2009 20:37:50 +0100, Giovanni Campagna > <scampa.giovanni@gmail.com> wrote: >> >> Actually both of them are invalid per RFC2616 and thus should raise >> SYNTAX_ERR. > > I do not want to enforce validity in the XMLHttpRequest API. That seems > inconsistent with other APIs, e.g. the DOM API. (It also seems complex and > impossible as not all headers are known.) You may just enforce validity of known or possibly unsafe headers (Content-Type being the most important) > >> Or actually, they don't per current spec, but I think they should. >> (and anyway RFC2616 is not very clear about the field-value production) > > How is it unclear? > field-value is a sequence of field-content, separated by linear white space. The problem is that field-content is a sequence of TEXT (any char) or token, separators and quoted-string. This means that any sequence of chars, quoted or un quoted, tokenized or not, is a valid field-content, and thus a valid field-value. This is probably because each header enforces its own syntaxes, but I don't feel much use in referencing field-value. > > -- > Anne van Kesteren > http://annevankesteren.nl/ > Giovanni
Received on Friday, 20 March 2009 18:02:46 UTC