W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2002

Re: Request-URI for CONNECT

From: Scott Lawrence <lawrence@world.std.com>
Date: Fri, 19 Jul 2002 09:34:30 -0400
To: ietf-http-wg@w3.org, Joe Orton <joe@manyfish.co.uk>
Message-Id: <SQQKKJDA42RLF0KI432VIDB0E0KGHF4.3d381566@study>

7/18/2002 5:10:39 PM, Joe Orton <joe@manyfish.co.uk> wrote:

>Is the :port segment intended to be optional in the request-URI used in
>a CONNECT request? The text in RFC 2817 implies it is always used, but
>it is actually optional in an 'authority' segment according to RFC 2396.

As you point out, it isn't a good idea for the client to treat it as optional. 

Formally, I don't think that it would be a good idea for the proxy to treat it 
as optional either, but for backward compatibility with older clients, one 
might choose to do so.

When we incorporated the specification of CONNECT from the original Netscape I-
D into what became 2817, our intent was explicitly to specify it as a general 
(not SSL-specific) mechanism.  In that context, making the port specification 
optional makes little sense.

>(I tried a couple of proxies and they behave differently if the :port is
>ommitted: Traffic-Server assumes port 80, Squid assumes 443)

Most seem to assume 443; I've also run into some that connect to 443 regardless 
of what is specified.

Since each scheme also implies a default port, I would treat that as 
authoritative (if the CONNECT request-uri is 'http:', then 80, if it's 
'https:', then 443).
Received on Friday, 19 July 2002 09:36:53 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:19 GMT