Re: XHR's setRequestHeader and the Do Not Track (DNT) header

On Tue, May 8, 2012 at 9:34 PM, Ian Melven <imelven@mozilla.com> wrote:
> i'd like to propose that the Do Not Track header (see http://www.w3.org/TR/tracking-dnt/#dnt-header-field) "DNT"
> be added to the list of request headers not allowed to be set via XHR's setRequestHeader method (see
> http://dvcs.w3.org/hg/xhr/raw-file/tip/Overview.html#the-setrequestheader%28%29-method)

That shouldn't be a problem. I wonder, should we remove the "Sec-"
handling? That was suggested at some point as we are special casing
header naming, but it does not appear to be used. And given that
updating this magic list is not really a big problem and browsers are
updated quick enough maybe that is just as well.


-- 
Anne — Opera Software
http://annevankesteren.nl/
http://www.opera.com/

Received on Thursday, 10 May 2012 01:24:58 UTC