----- Original Message ---- > From: John Kemp <j...@jkemp.net> > To: Brian Eaton <bea...@google.com> > Cc: o...@gryb.info; oauth@ietf.org > Sent: Tue, August 3, 2010 10:24:19 AM > Subject: Re: [OAUTH-WG] Is User Agent Profile Secure in OAuth 2.0? > HTTP URIs should not, when participating in the HTTP protocol, send the >fragment, as this is not included in HTTP implementation parsing of the URI >(according to the specification). That's interesting, so if somebody puts a fragment to Location header, which is a part of HTTP protocol, it will be a violation of the protocol and can be considered as a server side bug? See 14.2 in http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html. Location = "Location" ":" absoluteURI _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
- Re: [OAUTH-WG] Is User Agent P... Brian Eaton
- Re: [OAUTH-WG] Is User Agent P... Yoav Nir
- Re: [OAUTH-WG] Is User Agent P... Marius Scurtescu
- Re: [OAUTH-WG] Is User Agent P... Yoav Nir
- Re: [OAUTH-WG] Is User Agent P... Marius Scurtescu
- Re: [OAUTH-WG] Is User Agent P... Brian Eaton
- Re: [OAUTH-WG] Is User Agent P... Brian Eaton
- Re: [OAUTH-WG] Is User Agent P... Marius Scurtescu
- Re: [OAUTH-WG] Is User Agent P... Oleg Gryb
- Re: [OAUTH-WG] Is User Agent P... John Kemp
- Re: [OAUTH-WG] Is User Agent P... Oleg Gryb
- Re: [OAUTH-WG] Is User Agent P... Eran Hammer-Lahav
- Re: [OAUTH-WG] Is User Agent P... John Kemp
- Re: [OAUTH-WG] Is User Agent P... Oleg Gryb
- Re: [OAUTH-WG] Is User Agent P... John Kemp
- Re: [OAUTH-WG] Is User Agent P... Oleg Gryb
- Re: [OAUTH-WG] Is User Agent P... Eran Hammer-Lahav
- Re: [OAUTH-WG] Is User Agent Profi... Eran Hammer-Lahav
- Re: [OAUTH-WG] Is User Agent Profile Secure in OAuth 2.0... Oleg Gryb
- Re: [OAUTH-WG] Is User Agent Profile Secure in OAut... Luke Shepard
- Re: [OAUTH-WG] Is User Agent Profile Secure in ... Marius Scurtescu
