RFR [12]: 8203850: java.net.http HTTP client should allow specifying Origin and Referer headers
Thomas Lußnig
openjdk at suche.org
Thu Oct 11 22:17:48 UTC 2018
Hi,
i did an quick check of the change:
From:
- E-Mail-Adresse des Nutzers, der die Anfrage stellte (heute unüblich).
RFC 2616 <https://tools.ietf.org/html/rfc2616> sagt hierzu, dass der
|From:| /nicht/ ohne ausdrückliche Genehmigung des Nutzers gesendet
werden darf.
Why this is now allowed to be sent? Is it not possible that some server
require it for authentication in B2B scenarios?
With the other header i would agree since they are technical or like
"Warning" not really used i think.
Gruß Thomas
On 11.10.2018 14:58:02, Daniel Fuchs wrote:
> Looks good to me Michael.
>
> You should be able to easily add new test cases for Origin and
> Referer to test/jdk/java/net/SpecialHeadersTest.java too.
>
> best regards,
>
> -- daniel
>
> On 11/10/2018 13:28, Michael McMahon wrote:
>> Could I get the following fix reviewed please?
>>
>> http://cr.openjdk.java.net/~michaelm/8203850/webrev.1/
>>
>> Thanks,
>>
>> Michael
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/net-dev/attachments/20181012/d3c27d5a/attachment.html>
More information about the net-dev
mailing list