- From: Eliot Lear <lear@cisco.com>
- Date: 2013年9月27日 14:13:57 +0200
- To: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
- Message-ID: <52457685.9040103@cisco.com>
The no-transform directive forever has said that proxies MUST NOT touch payload. Situation: Suppose there is malware on a web site and a proxy resides between the client and server. Questions: 1. Why would the malware distributor NOT want to issue the no-transform directive? After all, they don't want their malware removed. 2. Why would a proxy honor the directive, knowing that there is malware? My point: I wonder if the MUST is a bit too strong or whether a caveat should be added around this. (Maybe there is such a caveat and I've just missed it?) Eliot
Received on Friday, 27 September 2013 12:14:32 UTC