1
0
mirror of https://github.com/moparisthebest/xeps synced 2024-11-21 16:55:07 -05:00

XEP-0363: Add a sentence about multiple same headers and case insensitivity

Thanks pep. for finding these issues!

Signed-off-by: Maxime “pep” Buquet <pep@bouah.net>
This commit is contained in:
Emmanuel Gil Peyrot 2021-12-28 15:42:44 +01:00 committed by Maxime “pep” Buquet
parent 7bffc70203
commit 2bdac32197
No known key found for this signature in database
GPG Key ID: DEDA74AEECA9D0F2

View File

@ -262,7 +262,7 @@
content-type='image/jpeg' /> content-type='image/jpeg' />
</iq>]]></example> </iq>]]></example>
<p>The upload service responds with both a PUT and a GET URL wrapped by a &lt;slot&gt; element. The service SHOULD keep the file name and especially the file ending intact. Using the same hostname for PUT and GET is OPTIONAL. The host MUST provide Transport Layer Security (&rfc5246;). Both HTTPS URLs MUST adhere to &rfc3986;. Non ASCII characters MUST be percent-encoded.</p> <p>The upload service responds with both a PUT and a GET URL wrapped by a &lt;slot&gt; element. The service SHOULD keep the file name and especially the file ending intact. Using the same hostname for PUT and GET is OPTIONAL. The host MUST provide Transport Layer Security (&rfc5246;). Both HTTPS URLs MUST adhere to &rfc3986;. Non ASCII characters MUST be percent-encoded.</p>
<p>The &lt;put&gt; element MAY also contain a number of &lt;header&gt; elements which correspond to HTTP header fields. Each &lt;header&gt; element MUST have a name-attribute and a content with the value of the header. Only the following header names are allowed: Authorization, Cookie, Expires. These headers MUST be included in the HTTP PUT request. Other header names MUST be ignored by the requesting entity and MUST NOT be included in the HTTP request. The requesting entity MUST strip any newline characters from the header name and value before performing the HTTP request.</p> <p>The &lt;put&gt; element MAY also contain a number of &lt;header&gt; elements which correspond to HTTP header fields. Each &lt;header&gt; element MUST have a name-attribute and a content with the value of the header. Only the following header names are allowed: Authorization, Cookie, Expires. These headers MUST be included in the HTTP PUT request. Other header names MUST be ignored by the requesting entity and MUST NOT be included in the HTTP request. The requesting entity MUST strip any newline characters from the header name and value before performing the HTTP request, but MUST keep the same order of headers in the request. Each header name MAY be present zero or more times, and are case insensitive (eXpires is the same as Expires).</p>
<example caption='The upload service responds with a slot'><![CDATA[ <example caption='The upload service responds with a slot'><![CDATA[
<iq from='upload.montague.tld' <iq from='upload.montague.tld'
id='step_03' id='step_03'