W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2007

Re: NEW ISSUE: Monitoring Connections text

From: Adrien de Croy <adrien@qbik.com>
Date: Thu, 22 Nov 2007 13:53:54 +1300
Message-ID: <4744D322.5020605@qbik.com>
To: Henrik Nordstrom <henrik@henriknordstrom.net>
CC: Bjoern Hoehrmann <derhoermi@gmx.net>, 'HTTP Working Group' <ietf-http-wg@w3.org>

Henrik Nordstrom wrote:
> Yes, and they are not alone, and if NTLM-clients would utilize this they
> would fare much better, but no one does even if specified..
For anyone's interest, it looks like MS deprecated in IE7 the (IMO 
bogus) methodology they had implemented in IE6 of sending a POST with 
Content-Length: 0 in the expectation of an NTLM challenge.  IE7 now 
sends the whole message body in all cases.

Unfortunately IE6 still is the most common browser (hitting our sites 

I think chunking uploads plus another optional header (maybe called 
"Chunked-Content-Length" or similar?) would be a good workaround in 
systems where the length is known,  and is needed by the receiver for 
policy reasons yet where chunking is desired for its capability to keep 
a connection alive.  I agree the existing Content-Length header is too 
entangled in the rest of HTTP to use in this case.

Being able to advertise an entitiy content length on chunked transfers 
would be useful in many cases (not just uploads).

>> I haven't seen a client that uses chunking for POST or PUT though
> Exactly. And not unsuprising. Chunked encoding of requests is a pretty
> unchartered area, and quite heavily discouraged by the specs for legacy
> reasons..
I think there will be many broken implementations that don't work with 
chunked sends from clients.  Just a gut feel.

>> But actually I believe in the end, the issue can't be properly addressed 
>> without a major protocol version change, one that then incorporates the 
>> concept of negotiating (i.e. obtaining mutual consent for) transfer of 
>> message bodies from client to server (as opposed to only having 
>> negotiation in the other direction).
> Sure it can. In fact it's already there in the form of 100 Continue and
> chunked encoding. Just that nearly nobody is using it.
> Client sends request header, waits for 100 Continue, gets a denial,
> sends last-chunk to terminate the request and moves on to the next..
> Problems:
> 1. Client only allowed to use chunked if it knows within reasonable
> doubt that the next-hop is HTTP/1.1.
This has major issues if the next hop is an HTTP/1.1 proxy.  The proxy 
then needs to either

a) maintain a database of versions of servers on the internet.
This is a heap of work, and can you guarantee that next hop will always 
have same capabilities?  Not with NLB you can't.

b) spool all chunked uploads, then send them to next hop not using 
chunked encoding. 
This has major issues with user responsiveness (i.e. upload to proxy is 
at LAN speed, then long wait with no progress while proxy uploads to 
next hop at internet connection speed).  This is another good use-case 
of my I-D for progress notifications.

various methodologies were proposed, such as getting the client to send 
a fake

> 2. Client recommended to time out waiting for 100 Continue, as it's not
> supported by HTTP/1.0 and there is no guarantee the path is fully
> HTTP/1.1.
This is another big problem with proxies.  By the time the client has 
given up waiting for a 100 continue, the proxy may still be trying to 
connect to the end server. 

I don't think the current implementation of 100 continue with a timeout 
is very good at all, which is why I originally proposed an interim 
response to enable a proxy to explicitly prevent a UA from sending 
message body until a subsequent 100 continue was transmitted (ended up 
being 103 Wait-for-continue).  As was pointed out, this breaks message 
semantics (i.e. message length indicated but body not transferred). 
Being able to advertise lengths for chunked transfers would solve this 
issue if people used chunking.

With NTLM, the only way for recovery from a commenced send that must be 
aborted, is if the client sends chunked data.  So lack of a capability 
to advertise sizes with chunking precludes the possibility of a proxy 
using NTLM and enforcing upload size limits efficiently.  I know how 
some people feel about NTLM, but we're stuck with it.

Currently we are forced to just swallow and dump data in such cases.  It 
has a large negative impact on the user experiences of people uploading 
large files.  We also have a lot of customers that use a proxy across a 
WAN, and this is even worse.  Chained proxies plus servers requiring 
auth makes it pretty much impossible for users.  I've seen cases where 
the message body on POSTs had to be sent 6 times every time. 3 times is 
very common.

so, the "properly addressed" method I was referring to would be where 
the client establishes credentials and permission through to the end 
server before sending the message (PUT/POST) that transfers the body.  
It may have to be a new verb for that, like the concept of the HEAD 
command for uploads.  It would be of most benefit for large uploads, so 
could be an optional thing.  Clients could for instance choose to use it 
only when uploading files over a certain size.



> So currently it's not often both conditions to use this negotiation is
> fulfilled.
> Regards
> Henrik

Adrien de Croy - WinGate Proxy Server - http://www.wingate.com
Received on Thursday, 22 November 2007 00:53:17 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:10:43 UTC