W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2009

Re: CONNECT command with message body

From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 5 May 2009 14:38:45 +0200 (CEST)
To: Adrien de Croy <adrien@qbik.com>
cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <alpine.DEB.2.00.0905051434460.15743@yvahk2.pbagnpgbe.fr>
On Wed, 6 May 2009, Adrien de Croy wrote:

> I think some of the wording of RFC2817 was contemplating HTTP being used 
> over the connection, which would explain some of the comments.  However I 
> don't know of any cases of this (raw HTTP over CONNECT, rather than over TLS 
> over CONNECT), and it's pretty much pointless since the normal proxy 
> semantics would achieve the same thing.  You therefore use CONNECT when you 
> want to use some protocol other than HTTP (e.g. SSL/TLS) over the 
> connection.

Pointless if the behavior is identical to everyone, yes.

I can think of many situations where you'd either just (A) CONNECT and send 
plain HTTP GET through, or the more complicated setup: (B) CONNECT, tunnel ssh 
over to a remote proxy, and then send HTTP GET over that tunnel, to avoid 
local proxy enforcements/filters/logs/prying eyes.

Of course I'm just blindly guessing here that proxies will treat the case (A) 
differently than a normal GET in such aspects. I know case (B) is widely used 
though.

-- 

  / daniel.haxx.se
Received on Tuesday, 5 May 2009 12:38:26 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:02 GMT