- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Fri, 06 Jan 2012 10:01:53 +0100
- To: Anne van Kesteren <annevk@opera.com>
- CC: "WebApps WG (public-webapps@w3.org)" <public-webapps@w3.org>, "Hill, Brad" <bhill@paypal-inc.com>
On 2012-01-06 09:49, Anne van Kesteren wrote: > On Fri, 06 Jan 2012 00:26:25 +0100, Hill, Brad <bhill@paypal-inc.com> > wrote: >> As this behavior is at least partially formally documented in >> http://tools.ietf.org/html/rfc3875#section-4.1.18 , and very widely >> implemented, the algorithm for XHR should be updated to at least >> consider "_", and possibly all non-alphanumeric characters, as >> equivalent to "-" for purposes of comparison to the blacklisted header >> set. > > We do not consider this to be an issue. (If it's an issue at all, it's > an issue with those libraries.) > > http://lists.w3.org/Archives/Public/public-webapps/2009OctDec/thread.html#msg1349 See also the thread starting <http://lists.w3.org/Archives/Public/ietf-http-wg/2011OctDec/0317.html>. If people are concerned by this, I'd recommend submitting an erratum for RFC 3050. Best regards, Julian
Received on Friday, 6 January 2012 09:09:26 UTC