== Where to find specifications on HTTP POST behavior Some IP addresses (probably not friendly ones) have recently taken to making _POST_ submissions to various 'write comments' URLs here with a Content-Type of 'application/x-www-form-urlencoded; charset=UTF-8'. These get rejected by DWiki, because I was quite paranoid when I wrote the POST handling code and so DWiki is quite conservative on what it will accept. While I was pretty certain that I wasn't losing anything by rejecting these requests, I did get curious to find out if adding a character set to a form _POST_ content-type this way is actually legal, which meant that I wanted to run down where this is actually specified. (In general including a charset in the content-type on _POST_ is unambiguously allowed by the HTTP specification, so the only question is whether you are allowed to do it specifically in HTTP form _POST_s.) The primary specification of form POST behavior is in the [[HTML 4.01 specification http://www.w3.org/TR/1999/REC-html401-19991224/]], which should not have surprised me but did (I looked at the HTTP spec first). Section 17.13.3 describes the process of submitting a form, but you also need 17.13.4 and the definition of the _enctype_ attribute. Unfortunately this doesn't clearly answer the question, since the specification uses very general language. However, I think that adding a charset parameter has to be allowed by implication. Forms may specify that the server can accept more than one character encoding and leave it up to the client to decide which one to use (the _accept-charset_