15 Security Considerations  
 
 
This section is meant to inform application developers, information providers, and users of the security limitations in HTTP/1.1 as described by this document. The discussion does not include definitive solutions to the problems revealed, though it does make some suggestions for reducing security risks.  
1.      Personal Information ... 15.1  
1.   Abuse of Server Log Information ... 15.1.1  
2.   Transfer of Sensitive Information ... 15.1.2  
3.   Encoding Sensitive Information in URI's ... 15.1.3  
4.   Privacy Issues Connected to Accept Headers ... 15.1.4  
2.   Attacks Based On File and Path Names ... 15.2  
3.   DNS Spoofing ... 15.3  
4.   Location Headers and Spoofing ... 15.4  
5.   Content-Disposition Issues ... 15.5  
6.   Authentication Credentials and Idle Clients ... 15.6  
7.   Proxies and Caching ... 15.7  
1.   Denial of Service Attacks on Proxies ... 15.7.1