Peter Van Biesen wrote: > I've sent a patch doing the same some time ago, but it was not accepted > so don't get your hopes up ;-).
The big problem is that the code is starting to be so lenient it is getting silly. If a bogus header comes along (ie a header without a ":" in it) it is relatively safe and easy to throw it away and ignore that specific header. AFAIK there is code in there that already does that, and if it doesn't such a change should not be too hard to put in. However, the blank line after the headers is the key indicator that the headers are finished and the body is starting. If a server out there "forgets" this blank line, there is no way we can reliably tell that the headers have ended, which means we are probably going to be sending garbage to the downstream browser as a result anyway. The above two cases of brokenness are mutually exclusive. If a non-header is encountered when a header is expected, we have the choice of either assuming it's a header and ignoring it, or assuming the headers are over and starting the body. We cannot do both at the same time. What's more there is a feeling out there that it is Apache's responsiblity to "fix" all the broken servers out there. I believe it is not. It makes sense to be lenient in what we accept, but to accept any old rubbish given to us is just wrong. Hopefully this explains the reasons why some of the patches have not been committed. Regards, Graham -- ----------------------------------------- [EMAIL PROTECTED] "There's a moon over Bourbon Street tonight..."