Closed
Bug 92768
Opened 24 years ago
Closed 19 years ago
be more careful when matching HTTP header values
Categories
(Core :: Networking: HTTP, defect)
Core
Networking: HTTP
Tracking
()
RESOLVED
DUPLICATE
of bug 325808
People
(Reporter: darin.moz, Unassigned)
Details
From brendan's comments on bug 92598:
> Just curious, not picking nits or asking for changes: why PL_strcasestr rather
> than PL_strcasecmp, or perhaps something more complicated that strips leading
> and trailing whitespace (tho I'd hope that PeekHeader does that for you)? Are
> all the values guaranteed not to be substrings of other legal values? Can you
> have random garbage around the no-store and get the desired results, according
> to the spec?
>
> /be
it's possible that future versions of HTTP might define header values which
would "overlap" with existing HTTP/1.1 header values. it is also likely that
servers could send us garbage, which could be mistaken for a HTTP/1.1 header value.
Comment 1•24 years ago
|
||
I've seen servers send Cache-Control: "no-cache", so we have to be a bit flexible.
I don't have an example url which springs to mind, though.
Reporter | ||
Updated•23 years ago
|
Target Milestone: --- → Future
Reporter | ||
Comment 2•19 years ago
|
||
-> default owner
Assignee: darin → nobody
QA Contact: benc → networking.http
Target Milestone: Future → ---
Comment 3•19 years ago
|
||
fixed by bug 325808 afaict
*** This bug has been marked as a duplicate of 325808 ***
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•