- changed status to open
user-agent header requirement is not a security feature
“shall send User-Agent header that identifies the client, e.g., User-Agent: Intuit/1.2.3 Mint/4.3.1; and” The note says that this is not a security feature. It is dangerous to depend on it. It is just FYI. The "shall" should be changed to "should".
Comments (12)
-
reporter -
-
reporter No problem. I just merged it.
-
reporter - changed status to resolved
Fixed
#65: user-agent header requirement is not a security feature→ <<cset 880d55029730>>
-
reporter Fixed
#65: user-agent header requirement is not a security feature→ <<cset 880d55029730>>
-
reporter Fixed
#65. Merged in Nat/fixed-65-useragent-header-requirement-is-1486017508729 (pull request #8)Fixed
#65: user-agent header requirement is not a security feature→ <<cset 906c79634fc4>>
-
reporter Fixed
#65. Merged in Nat/fixed-65-useragent-header-requirement-is-1486017508729 (pull request #8)Fixed
#65: user-agent header requirement is not a security feature→ <<cset 906c79634fc4>>
-
reporter - changed component to Part 1: Baseline
-
reporter - changed component to FAPI 1 - Part 1: Baseline
-
reporter - changed component to FAPI 1 – Part 1: Baseline
-
reporter - changed component to FAPI 1 – Baseline
-
reporter - changed component to FAPI 1: Baseline
- Log in to comment
WG discussed this in the call and agreed to drop it from this part and move it to Part 4 where we can further discuss whether we should even keep it there.