W3C home > Mailing lists > Public > public-webappsec@w3.org > August 2015

Re: [clear-site-data] header field syntax

From: Mike West <mkwst@google.com>
Date: Mon, 10 Aug 2015 11:48:03 +0200
Message-ID: <CAKXHy=fFbJzBjb-wtsFrNPcHX8FVq5ENj0zqoyHvFZVFxXtgdQ@mail.gmail.com>
To: Julian Reschke <julian.reschke@gmx.de>
Cc: Martin Thomson <martin.thomson@gmail.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Mon, Aug 10, 2015 at 8:40 AM, Julian Reschke <julian.reschke@gmx.de>
wrote:

> I'd follow the httpbis definition model and only define the field *value*
> in the ABNF, and also keep the distinction between "option" and "parameter"
> in the names so it's easier to discuss in prose:
>
>   Clear-Site-Data = 1#option
>   option = key-value *( OWS ";" [ OWS parameter ] )
>   key-value = token [ BWS "=" BWS word ]
>   parameter = token [ BWS "=" BWS word ]
>   word = token / quoted-string
>

I've taken a stab at this in
https://w3c.github.io/webappsec/specs/clear-site-data/#header
(unfortunately-hard-to-parse diff:
https://github.com/w3c/webappsec/commit/65a99f888eb8c40ca8e9fb40e1b213bc1586b68e
).

WDYT?

the ability to use '*' to mean "clear everything". I suppose we can
>> easily replace that with an "clear-everything-no-really-i-mean-it"
>> keyword.
>>
>
> The string "*" is an allowed token; see <
> http://greenbytes.de/tech/webdav/rfc7230.html#rfc.iref.g.34>.


Hooray, thanks!

-mike
Received on Monday, 10 August 2015 09:48:50 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:14 UTC