[Webkit-unassigned] [Bug 147445] Validation in isValidHTTPHeaderValue is too sensitive.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jul 30 08:53:36 PDT 2015
https://bugs.webkit.org/show_bug.cgi?id=147445
--- Comment #1 from youenn fablet <youennf at gmail.com> ---
(In reply to comment #0)
> The changes for Bug 128593 were made to make the validation of the HTTP
> header tighter as per suggestions RFC 7230.
> Looking at the changes made, extra validation has been implement namely
> classing a single SPACE character as invalid.
> RFC 7230 doesn't not specify that this is an invalid value.
Looking at https://tools.ietf.org/html/rfc2616#section-4.2, it seems RFC 2616 is fine with a " " header value.
Looking at https://tools.ietf.org/html/rfc7230#section-3.2, field-value is expected to start with a character, not a whitespace.
That said, IIRC, XHR spec is referencing RFC 2616.
Do you know what other browsers are doing?
> I am reporting this since we utilites the ablility to set the "Content-Type"
> to a space character and these changes have broken our site.
Has CT: " " a special meaning for that server?
What about using application/octet-stream instead?
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150730/d87fe80f/attachment.html>
More information about the webkit-unassigned
mailing list