The empty string is rejected as header values #115
Comments
|
That's a good point. I changed to |
Probably. Mentioning that (the previous definition of header value, if we interpret them using RFC 7230) or " |
|
Correction: " |
|
We are going to update the header value checks. |
|
Yes. I'm working on integrating Fetch into HTML at the moment, which is taking its time. Will probably get back to Fetch after that. Alternatively, if you want, you are encouraged to provide PRs. |
|
@hiroshige-g do you mind if I wait with updating this until Chrome has updated its implementation? I'd like to know if this is compatible or if we need to do something else. |
|
FWIW - empty header fields do happen, but our (HTTPWG folks') anecdotal experience, their handling (in lots of places) is very unreliable. As a result, our usual advice is to avoid them (e.g., Foo: 1 if necessary). YMMV (and not saying that you shouldn't do this). |
|
Oh, sorry I missed the comment #115 (comment). As for this issue of the empty header values, Chromium implementation accepts empty values since long time ago. Also Firefox seems to accept the empty header values in Fetch API. Updating header values checks to RFC 7230 (#99 and #100) is another issue, and Chromium implementation hasn't yet follow the spec update. |
|
I'm duplicating this against #332 as that has considerable more information on the standards situation. |
Header value definition is updated (#99 and #100) as:
But this change rejects the empty string as header values (as well as whitespace-only header values before normalization), because field-content in RFC 7230 doesn't match the empty string.
According to web-platform-tests/wpt#2045, it seems we expect to accept the empty string and whitespace-only strings as setRequestHeader() etc., so should we modify header value concept to accept the empty string?
The text was updated successfully, but these errors were encountered: