Hi,
We haven't changed anything related to the From header. Are you
suggesting that "From"
should be removed from the restricted list also?
- Michael
On 11/10/2018, 23:17, Thomas Lußnig wrote:
Hi,
i did an quick check of the change:
From:
- E-Mail-Adresse des Nutzers, der die Anfrage stellte (heute
unüblich). RFC 2616 <https://tools.ietf.org/html/rfc2616> sagt hierzu,
dass der |From:| /nicht/ ohne ausdrückliche Genehmigung des Nutzers
gesendet werden darf.
Why this is now allowed to be sent? Is it not possible that some
server require it for authentication in B2B scenarios?
With the other header i would agree since they are technical or like
"Warning" not really used i think.
Gruß Thomas
On 11.10.2018 14:58:02, Daniel Fuchs wrote:
Looks good to me Michael.
You should be able to easily add new test cases for Origin and
Referer to test/jdk/java/net/SpecialHeadersTest.java too.
best regards,
-- daniel
On 11/10/2018 13:28, Michael McMahon wrote:
Could I get the following fix reviewed please?
http://cr.openjdk.java.net/~michaelm/8203850/webrev.1/
Thanks,
Michael
