* Julian Reschke wrote: >On 2012-01-09 01:25, Adam Barth wrote: >> On Sun, Jan 8, 2012 at 4:10 PM, Bjoern Hoehrmann<derhoe...@gmx.net> wrote: >>> It seems to me that all headers defined in RFC 2616 that allow para- >>> meteter lists of the `;name=value` form allow the value to be a quoted >>> string. >> >> This header isn't defined in RFC 2616 and many headers defined outside >> of RFC 2616 don't use quoted-string. >> ... > >In name/value pairs? Example? > >(As a matter of fact, not all header fields in 2616 are as consistent as >they should, but that's not an excuse for not trying to do better with >new header fields)
(FWIW, when I wrote my comment, I picked the RFCs that match /rfc2616/ and then filtered the remaining ones for /";"/ and then quickly scanned through the remaining ones, and only the `Cookie` RFCs stood out as ex- amples where this is not the case; not all headers are defined in RFCs, and my ad-hoc method would not necessarily find all instances in RFCS, but there were a number that matched RFC2616 in this, so I found it reasonable to make the argument. And no counter-examples have been pro- vided since, so it is probably fair to assume that this is the dominant pattern.) -- Björn Höhrmann · mailto:bjo...@hoehrmann.de · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ _______________________________________________ websec mailing list websec@ietf.org https://www.ietf.org/mailman/listinfo/websec
