Looking around I see only a couple nerds wondering about this, about as many as in 2005 were wondering why HTML forms don't support PUT or DELETE. But it's at the intersection of two trends: growing interest in putting metadata in HTTP headers, and growing interest in not using MD5. Has anyone else wanted to send a non-MD5 checksum in HTTP headers? If nobody says anything I'm going to go ahead and make a X-Content-SHA1.
Uh, and in keeping with the peurile theme established by the previous entry, here's my current favorite wacky faqs.org comment.
![[Comments]](/nb//themes/Default/comments.png "1 comment")
(1) Fri Sep 19 2008 13:02 Content-MD5:
I'm a little surprised that the HTTP standard defines a Content-MD5 header rather than a generic Content-Hash header that supports different hashing algorithms and provides a method for extension. That's how other HTTP headers work when there are a lot of ways to do something and there might be more in the future (Authorization, Cache, Accept-Encoding, TE). It's a little less surprising given that Content-MD5 is taken wholesale from a different RFC, one with only one wacky comment at the bottom of its faqs.org page.
- Comments:
Posted by Nathaniel at Fri Sep 19 2008 15:10
Why not X-Content-Hash: sha1,BLAH; etc.?
