httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <>
Subject Re: Patches and Enhancements for a SSL-Proxy Based on Apache 2.0 (mod_ssl, mod_proxy, mod_headers)
Date Fri, 14 Feb 2003 11:17:23 GMT
Maik Mueller wrote:

> Putting arbitrary 8bit characters into headers makes me feel a bit uneasy
> but I couldn't find a quote that this is forbidden.

Looking at this further, the header value is defined as TEXT. TEXT is 
defined as OCTETs that are not control characters. An OCTET is an 8 bit 
character. As far as I can see it should be up to the entity putting 
data into the header to make sure it does not contain control 
characters. In your case, base64 would thus be safe.

> What do you think about my proposal to add the "E" option with the described
> behavior to the Header and RequestHeader directive?
> Keeping in mind that HTTP 1.0 still warns:
>>However, folding of header lines is not expected by some
>>applications, and should not be generated by HTTP/1.0 applications.

HTTP 1.0 is obsolete - Apache follows HTTP/1.1, defined in RFC2616.

-----------------------------------------		"There's a moon
					over Bourbon Street

View raw message