Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Editorial suggestions #32

Merged
merged 1 commit into from
Jan 22, 2024
Merged

Editorial suggestions #32

merged 1 commit into from
Jan 22, 2024

Conversation

mnot
Copy link
Member

@mnot mnot commented Jan 9, 2024

Happy to discuss any particular changes.

@mnot mnot requested review from sdatspun2 and dret as code owners January 9, 2024 03:54
sdatspun2
sdatspun2 reviewed Jan 13, 2024
View reviewed changes
draft-ietf-httpapi-idempotency-key-header.md

* Injection attacks-When the resource server does not validate the idempotency key in the client request and performs a idempotent cache lookup, there can be security attacks (primarily in the form of injection), compromising the server.
* Injection attacks - When the resources does not validate the idempotency key in the client request and performs a idempotent cache lookup, there can be security attacks (primarily in the form of injection), compromising the server.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When the resource

sdatspun2
sdatspun2 reviewed Jan 13, 2024
View reviewed changes
draft-ietf-httpapi-idempotency-key-header.md

If the `Idempotency-Key` request header is missing for a documented idempotent operation requiring this header, the resource server SHOULD reply with an HTTP `400` status code with body containing a link pointing to relevant documentation. Following examples shows an error response describing the problem using {{!RFC7807}}.
If the `Idempotency-Key` request header is missing for a documented idempotent operation requiring this header, the resource SHOULD reply with an HTTP `400` status code with body containing a link pointing to relevant documentation. Following examples shows an error response describing the problem using {{!RFC7807}}.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was old. Now it should refer RFC9457 :)

@sdatspun2
Copy link
Collaborator

Thanks @mnot for helping us prepare for the next step in the process.

@sdatspun2 sdatspun2 merged commit ef4814c into main Jan 22, 2024
0 of 2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sdatspun2 sdatspun2 sdatspun2 left review comments

@dret dret Awaiting requested review from dret dret is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mnot @sdatspun2