[html5] r1235 - /

whatwg at whatwg.org whatwg at whatwg.org
Wed Feb 20 11:26:39 PST 2008


Author: ianh
Date: 2008-02-20 11:26:38 -0800 (Wed, 20 Feb 2008)
New Revision: 1235

Modified:
   index
   source
Log:
[g] (2) Let's try a new strategy for ping=''.

Modified: index
===================================================================
--- index	2008-02-20 06:40:26 UTC (rev 1234)
+++ index	2008-02-20 19:26:38 UTC (rev 1235)
@@ -31757,20 +31757,40 @@
    third-party URIs).
 
   <p>For URIs that are HTTP URIs, the requests must be performed using the
-   POST method (with an empty entity body in the request). The request must
-   include a <code title="">Referer</code> HTTP header with the exact value
-   "<code title="">#PING</code>". All relevant cookie and HTTP authentication
-   headers must be included in the request. In addition, if the document
-   containing the hyperlink being audited was not retrieved over an encrypted
-   connection, or if both the URI of that document <em>and</em> the ping URI
-   have the same <a
-   href="#origin0">origin</a><!-- XXX xref, and check that _URIs_ can have
-  origins -->,
-   then the request must also include a <code title="">Ping-From</code> HTTP
-   header with, as its value, the location of the document containing the
-   hyperlink, and a <code title="">Ping-To</code> HTTP header with, as its
-   value, the address of the target of the hyperlink.
+   POST method (with an empty entity body in the request). All relevant
+   cookie and HTTP authentication headers must be included in the request.
+   Which other headers are required depends on the URIs involved.
 
+  <dl class=switch>
+   <dt>If both the URI of the document containing the hyperlink being audited
+    and the ping URI have the same <a href="#origin0">origin</a><!-- XXX
+   xref, and check that _URIs_ can have origins -->
+
+   <dd>The request must include a <code title="">Ping-From</code> HTTP header
+    with, as its value, the location of the document containing the
+    hyperlink, and a <code title="">Ping-To</code> HTTP header with, as its
+    value, the address of the target of the hyperlink. The request must not
+    include a <code title="">Referer</code> HTTP header.
+
+   <dt>Otherwise, if the origins are different, but the document containing
+    the hyperlink being audited was not retrieved over an encrypted
+    connection
+
+   <dd>The request must include a <code title="">Referer</code> HTTP header
+    [sic] with, as its value, the location of the document containing the
+    hyperlink, a <code title="">Ping-From</code> HTTP header with the same
+    value, and a <code title="">Ping-To</code> HTTP header with, as its
+    value, the address of the target of the hyperlink.
+
+   <dt>Otherwise, the origins are different and the document containing the
+    hyperlink being audited was retrieved over an encrypted connection
+
+   <dd>The request must a <code title="">Ping-To</code> HTTP header with, as
+    its value, the address of the target of the hyperlink. The request must
+    neither include a <code title="">Referer</code> HTTP header nor include a
+    <code title="">Ping-From</code> HTTP header.
+  </dl>
+
   <p class=note>To save bandwidth, implementors might also wish to consider
    omitting optional headers such as <code>Accept</code> from these requests.
 

Modified: source
===================================================================
--- source	2008-02-20 06:40:26 UTC (rev 1234)
+++ source	2008-02-20 19:26:38 UTC (rev 1235)
@@ -29302,20 +29302,47 @@
   URIs).</p>
 
   <p>For URIs that are HTTP URIs, the requests must be performed using
-  the POST method (with an empty entity body in the request). The
-  request must include a <code title="">Referer</code> HTTP header
-  with the exact value "<code title="">#PING</code>".  All relevant
-  cookie and HTTP authentication headers must be included in the
-  request. In addition, if the document containing the hyperlink being
-  audited was not retrieved over an encrypted connection, or if both
-  the URI of that document <em>and</em> the ping URI have the same
-  <span>origin</span><!-- XXX xref, and check that _URIs_ can have
-  origins -->, then the request must also include a <code
-  title="">Ping-From</code> HTTP header with, as its value, the
-  location of the document containing the hyperlink, and a <code
-  title="">Ping-To</code> HTTP header with, as its value, the address
-  of the target of the hyperlink.</p>
+  the POST method (with an empty entity body in the request). All
+  relevant cookie and HTTP authentication headers must be included in
+  the request. Which other headers are required depends on the URIs
+  involved.</p>
 
+  <dl class="switch">
+
+   <dt>If both the URI of the document containing the hyperlink being
+   audited and the ping URI have the same <span>origin</span><!-- XXX
+   xref, and check that _URIs_ can have origins --></dt>
+
+   <dd>The request must include a <code title="">Ping-From</code> HTTP
+   header with, as its value, the location of the document containing
+   the hyperlink, and a <code title="">Ping-To</code> HTTP header
+   with, as its value, the address of the target of the hyperlink. The
+   request must not include a <code title="">Referer</code> HTTP
+   header.</dd>
+
+   <dt>Otherwise, if the origins are different, but the document
+   containing the hyperlink being audited was not retrieved over an
+   encrypted connection</dt>
+
+   <dd>The request must include a <code title="">Referer</code> HTTP
+   header [sic] with, as its value, the location of the document
+   containing the hyperlink, a <code title="">Ping-From</code> HTTP
+   header with the same value, and a <code title="">Ping-To</code>
+   HTTP header with, as its value, the address of the target of the
+   hyperlink.</dd>
+
+   <dt>Otherwise, the origins are different and the document
+   containing the hyperlink being audited was retrieved over an
+   encrypted connection</dt>
+
+   <dd>The request must a <code title="">Ping-To</code> HTTP header
+   with, as its value, the address of the target of the hyperlink. The
+   request must neither include a <code title="">Referer</code> HTTP
+   header nor include a <code title="">Ping-From</code> HTTP
+   header.</dd>
+
+  </dl>
+
   <p class="note">To save bandwidth, implementors might also wish to
   consider omitting optional headers such as <code>Accept</code> from
   these requests.</p>




More information about the Commit-Watchers mailing list