Ignore:
Timestamp:
Dec 7, 2012, 11:45:40 PM (7 years ago)
Author:
fielding@…
Message:

Parsing obs-fold is necessary for backwards compat; addresses #409

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p1-messaging.xml

    r2038 r2039  
    12961296   In the past, differences in the handling of such whitespace have led to
    12971297   security vulnerabilities in request routing and response handling.
    1298    Any received request message that contains whitespace between a header
    1299    field-name and colon &MUST; be rejected with a response code of 400
    1300    (Bad Request).  A proxy &MUST; remove any such whitespace from a response
    1301    message before forwarding the message downstream.
     1298   A server &MUST; reject any received request message that contains
     1299   whitespace between a header field-name and colon with a response code of
     1300   <x:ref>400 (Bad Request)</x:ref>. A proxy &MUST; remove any such whitespace
     1301   from a response message before forwarding the message downstream.
    13021302</t>
    13031303<t>
     
    13151315   folding except within the message/http media type
    13161316   (<xref target="internet.media.type.message.http"/>).
    1317    HTTP senders &MUST-NOT; generate messages that include line folding
     1317   Senders &MUST-NOT; generate messages that include line folding
    13181318   (i.e., that contain any field-value that matches the obs-fold rule) unless
    13191319   the message is intended for packaging within the message/http media type.
    1320    HTTP recipients &SHOULD; accept line folding and replace any embedded
     1320   Recipients &MUST; accept line folding and replace any embedded
    13211321   obs-fold whitespace with either a single SP or a matching number of SP
    13221322   octets (to avoid buffer copying) prior to interpreting the field value or
Note: See TracChangeset for help on using the changeset viewer.