I had the same concern, and we discussed it[1] at the f2f and agreed
on the same syntactical limitations you described. Unfortunately, it
doesn't look like anybody took an action to fix the text. Want to
propose something?
We didn't discuss the other considerations you mentioned, nor do I
personally think we need to, but again, feel free to propose
something.
[1] http://www.w3.org/2006/05/01-webapi-minutes.html#item09 (member access)
Mark.
On 5/1/06, Cameron McCormack <[EMAIL PROTECTED]> wrote:
[re: setRequestHeader]
> 2) Nothing must be done if the header or value arguments contain any U
> +000A LINE FEED or U+000D CARRIAGE RETURN characters, or if the
> header argument contains any U+0020 SPACE or U+003A COLON charecters.
What if headers or values contain other inappropriate characters?
Headers should contain only ASCII characters in the range 33--126 minus
these:
[]()<>@,;:\"/?={}
and values can contain only ASCII characters in the range 32--126, plus
tab.
If you don't want to restrict the headers to be valid in terms of the
characters sent (and mind you there are other validity constraints, such
as only allowing multiple same headers for those that are defined to
take comma-separated lists, or enforcing proper quoting for those that
take quoted-strings), then at least it should be defined as to what
should happen when strings are passed that contain characters outside of
ASCII.
--
Cameron McCormack ICQ: 26955922
cam (at) mcc.id.au MSN: cam (at) mcc.id.au
http://mcc.id.au/ JBR: heycam (at) jabber.org
