httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Maik Mueller <maik...@hw1464.wdf.sap-ag.de>
Subject Re: Patches and Enhancements for a SSL-Proxy Based on Apache 2.0 (mod_ssl, mod_proxy, mod_headers)
Date Fri, 14 Feb 2003 13:56:43 GMT
Hello Graham,

Friday, February 14, 2003, 12:17:23 PM, you wrote:

GL> Looking at this further, the header value is defined as TEXT. TEXT is
GL> defined as OCTETs that are not control characters. An OCTET is an 8 bit
GL> character. As far as I can see it should be up to the entity putting
GL> data into the header to make sure it does not contain control
GL> characters. In your case, base64 would thus be safe.

RFC2616:
> The TEXT rule is only used for descriptive field contents and values
> that are not intended to be interpreted by the message parser. Words
> of *TEXT MAY contain characters from character sets other than ISO-
> 8859-1 [22] only when encoded according to the rules of RFC 2047
> [14].
>
>      TEXT           = <any OCTET except CTLs,
>                       but including LWS>

>> What do you think about my proposal to add the "E" option with the
described
>> behavior to the Header and RequestHeader directive?
>> Keeping in mind that HTTP 1.0 still warns:
>>
>>>However, folding of header lines is not expected by some
>>>applications, and should not be generated by HTTP/1.0 applications.

GL> HTTP 1.0 is obsolete - Apache follows HTTP/1.1, defined in RFC2616.

Why not providing a way to put arbitrary data base64 encoded in a
single-line header?

--
Best regards,
 Maik


Mime
View raw message