Changeset 184
- Timestamp:
- 02/02/08 10:06:31 (14 years ago)
- Location:
- draft-ietf-httpbis/latest
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p2-semantics.html
r182 r184 583 583 <li class="tocline0">12. <a href="#security.considerations">Security Considerations</a><ul class="toc"> 584 584 <li class="tocline1">12.1 <a href="#security.sensitive">Transfer of Sensitive Information</a></li> 585 <li class="tocline1">12.2 <a href="#encoding.sensitive.information.in.uris">Encoding Sensitive Information in URI 's</a></li>585 <li class="tocline1">12.2 <a href="#encoding.sensitive.information.in.uris">Encoding Sensitive Information in URIs</a></li> 586 586 <li class="tocline1">12.3 <a href="#location.spoofing">Location Headers and Spoofing</a></li> 587 587 </ul> … … 846 846 <p id="rfc.section.8.3.p.4">The response to a GET request is cacheable if and only if it meets the requirements for HTTP caching described in <a href="#Part6" id="rfc.xref.Part6.3"><cite title="HTTP/1.1, part 6: Caching">[Part6]</cite></a>. 847 847 </p> 848 <p id="rfc.section.8.3.p.5">See <a href="#encoding.sensitive.information.in.uris" title="Encoding Sensitive Information in URI 's">Section 12.2</a> for security considerations when used for forms.848 <p id="rfc.section.8.3.p.5">See <a href="#encoding.sensitive.information.in.uris" title="Encoding Sensitive Information in URIs">Section 12.2</a> for security considerations when used for forms. 849 849 </p> 850 850 <div id="rfc.iref.h.1"></div> … … 1461 1461 </pre><p id="rfc.section.10.6.p.3">Example:</p> 1462 1462 <div id="rfc.figure.u.16"></div><pre class="text"> Referer: http://www.example.org/hypertext/Overview.html 1463 </pre><p id="rfc.section.10.6.p.5">If the field value is a relative URI, it <em class="bcp14">SHOULD</em> be interpreted relative to the Request-URI. The URI <em class="bcp14">MUST NOT</em> include a fragment. See <a href="#encoding.sensitive.information.in.uris" title="Encoding Sensitive Information in URI 's">Section 12.2</a> for security considerations.1463 </pre><p id="rfc.section.10.6.p.5">If the field value is a relative URI, it <em class="bcp14">SHOULD</em> be interpreted relative to the Request-URI. The URI <em class="bcp14">MUST NOT</em> include a fragment. See <a href="#encoding.sensitive.information.in.uris" title="Encoding Sensitive Information in URIs">Section 12.2</a> for security considerations. 1464 1464 </p> 1465 1465 <div id="rfc.iref.r.2"></div> … … 1538 1538 has no better mechanism. 1539 1539 </p> 1540 <h2 id="rfc.section.12.2"><a href="#rfc.section.12.2">12.2</a> <a id="encoding.sensitive.information.in.uris" href="#encoding.sensitive.information.in.uris">Encoding Sensitive Information in URI 's</a></h2>1540 <h2 id="rfc.section.12.2"><a href="#rfc.section.12.2">12.2</a> <a id="encoding.sensitive.information.in.uris" href="#encoding.sensitive.information.in.uris">Encoding Sensitive Information in URIs</a></h2> 1541 1541 <p id="rfc.section.12.2.p.1">Because the source of a link might be private information or might reveal an otherwise private information source, it is strongly 1542 1542 recommended that the user be able to select whether or not the Referer field is sent. For example, a browser client could -
draft-ietf-httpbis/latest/p2-semantics.xml
r182 r184 2045 2045 </section> 2046 2046 2047 <section title="Encoding Sensitive Information in URI 's" anchor="encoding.sensitive.information.in.uris">2047 <section title="Encoding Sensitive Information in URIs" anchor="encoding.sensitive.information.in.uris"> 2048 2048 <t> 2049 2049 Because the source of a link might be private information or might
Note: See TracChangeset
for help on using the changeset viewer.