Changeset 2039
- Timestamp:
- 08/12/12 07:45:40 (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p1-messaging.xml
r2038 r2039 1296 1296 In the past, differences in the handling of such whitespace have led to 1297 1297 security vulnerabilities in request routing and response handling. 1298 A ny received request message that contains whitespace between a header1299 field-name and colon &MUST; be rejected with a response code of 4001300 (Bad Request). A proxy &MUST; remove any such whitespace from a response1301 message before forwarding the message downstream.1298 A server &MUST; reject any received request message that contains 1299 whitespace between a header field-name and colon with a response code of 1300 <x:ref>400 (Bad Request)</x:ref>. A proxy &MUST; remove any such whitespace 1301 from a response message before forwarding the message downstream. 1302 1302 </t> 1303 1303 <t> … … 1315 1315 folding except within the message/http media type 1316 1316 (<xref target="internet.media.type.message.http"/>). 1317 HTTP senders &MUST-NOT; generate messages that include line folding1317 Senders &MUST-NOT; generate messages that include line folding 1318 1318 (i.e., that contain any field-value that matches the obs-fold rule) unless 1319 1319 the message is intended for packaging within the message/http media type. 1320 HTTP recipients &SHOULD; accept line folding and replace any embedded1320 Recipients &MUST; accept line folding and replace any embedded 1321 1321 obs-fold whitespace with either a single SP or a matching number of SP 1322 1322 octets (to avoid buffer copying) prior to interpreting the field value or
Note: See TracChangeset
for help on using the changeset viewer.