- From: Henrik Nordstrom <henrik@henriknordstrom.net>
- Date: 2008年11月14日 23:33:37 +0100
- To: Jamie Lokier <jamie@shareable.org>
- Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
- Message-Id: <1226702017.26491.34.camel@henriknordstrom.net>
On fre, 2008年11月14日 at 22:27 +0000, Jamie Lokier wrote: > Henrik Nordstrom wrote: > > On tor, 2008年11月13日 at 18:06 -0800, Mark Nottingham wrote: > > > Yes; we looked at disallowing it, but implementations that support > > > folding do already support whitespace-only lines. > > > > Some. Many fail, misreading it as end-of-headers... > > Last time I looked, I think Mozilla was in that category. Still? There was a security whitepaper on this some years ago which made a lot of people jump.. (or actually two with about a year inbetween, one looking at responses, one at requests) Regards Henrik
Received on Friday, 14 November 2008 22:34:19 UTC