* Morgan L wrote:
>In section 2 of http://www.w3.org/TR/XMLHttpRequest/,
>it says that setRequestHeader should reject the
>connection header.

The purpose of these restrictions is to remind implementers that the
user agent has to control certain headers for protocol integrity or
other reasons, in other words, implementations should not blindy pass
to the server whatever value a script might have set there.

It should be perfectly permissable if the implementation instead of
ignoring the attempt at setting some value takes the attempt under
advisement when making its own decisions what to set the header to,
in other words, the browser might well list close among the tokens
after a script tried to set the header.

I agree the current text does not convery this very well, do you have
a suggestion how to editorially improve it? We can't simply "allow"
this particular case as simply sending "Connection: close" can be wrong
in many cases (see e.g. RFC 2616, section 13.5.1).
Björn Höhrmann · mailto:[EMAIL PROTECTED] · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 

Reply via email to