Short URL: http://html5.org/r/1235
| SVN | Bug | Comment | Time (UTC) |
|---|---|---|---|
| 1235 | 2008-02-20 19:26 |
Index: source =================================================================== --- source (revision 1234) +++ source (revision 1235) @@ -29302,20 +29302,47 @@ URIs).</p> <p>For URIs that are HTTP URIs, the requests must be performed using - the POST method (with an empty entity body in the request). The - request must include a <code title="">Referer</code> HTTP header - with the exact value "<code title="">#PING</code>". All relevant - cookie and HTTP authentication headers must be included in the - request. In addition, if the document containing the hyperlink being - audited was not retrieved over an encrypted connection, or if both - the URI of that document <em>and</em> the ping URI have the same - <span>origin</span><!-- XXX xref, and check that _URIs_ can have - origins -->, then the request must also include a <code - title="">Ping-From</code> HTTP header with, as its value, the - location of the document containing the hyperlink, and a <code - title="">Ping-To</code> HTTP header with, as its value, the address - of the target of the hyperlink.</p> + the POST method (with an empty entity body in the request). All + relevant cookie and HTTP authentication headers must be included in + the request. Which other headers are required depends on the URIs + involved.</p> + <dl class="switch"> + + <dt>If both the URI of the document containing the hyperlink being + audited and the ping URI have the same <span>origin</span><!-- XXX + xref, and check that _URIs_ can have origins --></dt> + + <dd>The request must include a <code title="">Ping-From</code> HTTP + header with, as its value, the location of the document containing + the hyperlink, and a <code title="">Ping-To</code> HTTP header + with, as its value, the address of the target of the hyperlink. The + request must not include a <code title="">Referer</code> HTTP + header.</dd> + + <dt>Otherwise, if the origins are different, but the document + containing the hyperlink being audited was not retrieved over an + encrypted connection</dt> + + <dd>The request must include a <code title="">Referer</code> HTTP + header [sic] with, as its value, the location of the document + containing the hyperlink, a <code title="">Ping-From</code> HTTP + header with the same value, and a <code title="">Ping-To</code> + HTTP header with, as its value, the address of the target of the + hyperlink.</dd> + + <dt>Otherwise, the origins are different and the document + containing the hyperlink being audited was retrieved over an + encrypted connection</dt> + + <dd>The request must a <code title="">Ping-To</code> HTTP header + with, as its value, the address of the target of the hyperlink. The + request must neither include a <code title="">Referer</code> HTTP + header nor include a <code title="">Ping-From</code> HTTP + header.</dd> + + </dl> + <p class="note">To save bandwidth, implementors might also wish to consider omitting optional headers such as <code>Accept</code> from these requests.</p>