Re: Origin vs Authority; use of HTTPS (draft-nottingham-site-meta-01)

On Wed, Feb 11, 2009 at 5:00 PM, Ian Hickson <ian@hixie.ch> wrote:

> On Wed, 11 Feb 2009, Breno de Medeiros wrote:
> > >
> > > > 2. This technique may prevent legitimate uses of the spec by
> > > > developers who do not have the ability to set the appropriate
> > > > header.
> > >
> > > Many developers can control Content-Type headers using .htaccess files
> > > (and their ilk).
> >
> > And many others cannot. This is particularly irksome in outsourcing
> > situations where you have only partial control of the hosting
> > environment or depend on non-technical users to perform administrative
> > tasks.
>
> Note that if the spec says that UAs are to ignore the Content-Type header,
> this is a violation of the HTTP and MIME specifications. If this is
> intentional, then the HTTP or MIME specs should be changed.


The spec is letting applications decide what to do. It is not mandating
anything.


>
>
> --
> Ian Hickson               U+1047E                )\._.,--....,'``.    fL
> http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
> Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
>



-- 
--Breno

+1 (650) 214-1007 desk
+1 (408) 212-0135 (Grand Central)
MTV-41-3 : 383-A
PST (GMT-8) / PDT(GMT-7)

Received on Thursday, 12 February 2009 01:05:17 UTC