Murray S. Kucherawy wrote:
> 
> > From: Richard Barnes [mailto:rbar...@bbn.com]
> > 
> > Seems like it depends on your definitions of "abusive" and
> > "legitimate".  Do you have an example?
> 
> For a contrived example, let's say a registered HTTP header field
> that's only ever found to be present in web pages used by bad actors,
> but lots of them.

Such as "P3P:" ?   :-D

-Martin

http://www.h-online.com/security/news/item/Google-also-bypassed-cookie-settings-in-Internet-Explorer-1438781.html
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

Reply via email to