W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2009

Re: HTTP/1.1 CONNECT request without Host header

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Thu, 18 Jun 2009 12:26:11 +0200
To: Adrien de Croy <adrien@qbik.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <1245320771.15069.419.camel@localhost.localdomain>
ons 2009-06-17 klockan 10:26 +1200 skrev Adrien de Croy:

> Strictly speaking this is a violation of RFC2616 correct?  I'm sure it 
> states all 1.1 messages MUST include a Host header, and a server 
> receiving such a message MUST respond with 400.

Correct, but at the same time a very stupid requirement when it comes to
proxy request as proxies also SHOULD discard the Host header...
(request-URI is authoritative, and outgoing request MUST match
request-URI)

I have already voiced my opinion that this no longer needs to be a MUST
requirement, and should be downgraded to a SHOULD (or in case of
requests sent to proxies perhaps even a MAY as it's completely redundant
there).

The MUST requirements has played it's role in getting major acceptance
for the use of Host...

Regards
Henrik
Received on Thursday, 18 June 2009 10:26:54 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:04 GMT