Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clean up unused references and non-ascii characters #2973

Merged
merged 1 commit into from
Dec 20, 2024
Merged

Clean up unused references and non-ascii characters #2973

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 6 additions & 20 deletions draft-ietf-httpbis-rfc6265bis.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,24 +112,10 @@ informative:
RFC3986:
RFC6265:
RFC4648:
RFC5895:
RFC6265:
RFC7034:
RFC9113:
RFC9114:
UTS46:
target: http://unicode.org/reports/tr46/
title: "Unicode IDNA Compatibility Processing"
seriesinfo:
UNICODE: "Unicode Technical Standards # 46"
date: 2016-06
author:
-
ins: M. Davis
name: Mark Davis
-
ins: M. Suignard
name: Michel Suignard
CSRF:
target: http://portal.acm.org/citation.cfm?id=1455770.1455782
title: Robust Defenses for Cross-Site Request Forgery
Expand Down Expand Up @@ -2295,10 +2281,10 @@ redirections.
Understanding how and when a request is considered same-site is also important
in order to properly design a site for SameSite cookies. For example, if a
cross-site top-level request is made to a sensitive page that request will be
considered cross-site and `SameSite=Strict` cookies wont be sent; that pages
considered cross-site and `SameSite=Strict` cookies won't be sent; that page's
sub-resources requests, however, are same-site and would receive `SameSite=Strict`
cookies. Sites can avoid inadvertently allowing access to these sub-resources
by returning an error for the initial page request if it doesnt include the
by returning an error for the initial page request if it doesn't include the
appropriate cookies.

Developers are strongly encouraged to deploy the usual server-side defenses
Expand Down Expand Up @@ -2512,7 +2498,7 @@ overwriting cookies with this flag. ({{storage-model}})

* Limits maximum values for max-age and expire. ({{ua-attribute-expires}} and {{ua-attribute-max-age}})

* Includes the host-only-flag as part of a cookies uniqueness computation.
* Includes the host-only-flag as part of a cookie's uniqueness computation.
({{storage-model}})

* Considers potentially trustworthy origins as "secure". ({{storage-model}})
Expand Down Expand Up @@ -2547,9 +2533,9 @@ errata 4148 by updating the day-of-month, year, and time grammar, and errata
# Acknowledgements
{:numbered="false"}
RFC 6265 was written by Adam Barth. This document is an update of RFC 6265,
adding features and aligning the specification with the reality of todays
deployments. Here, were standing upon the shoulders of a giant since the
majority of the text is still Adams.
adding features and aligning the specification with the reality of today's
deployments. Here, we're standing upon the shoulders of a giant since the
majority of the text is still Adam's.

Thank you to both Lily Chen and Steven Englehardt, editors emeritus, for their
significant contributions improving this draft.
Loading