Julian, I don't know, but RFC 2817 is pretty explicit about how to do a mandatory upgrade that applies to the connection and not to a particular resource: 3.2 Mandatory Upgrade If an unsecured response would be unacceptable, a client MUST send an OPTIONS request first to complete the switch to TLS/1.0 (if possible). OPTIONS * HTTP/1.1 Host: example.bank.com Upgrade: TLS/1.0 Connection: Upgrade I think that's the crux - "*" has a different semantic than "/", and in HTTP/1.x you can't pass an empty path on the request line. On Jul 25, 2014, at 9:19 AM, Julian Reschke <julian.reschke@gmx.de> wrote: > On 2014-07-25 06:59, Michael Sweet wrote: >> HTTP Upgrade > > And it couldn't have been "OPTIONS /"? > > There's nothing else in HTTP/1.1 that requires as many exceptions and special cases as the asterisk form... Cost/benefit etc. > > Best regards, Julian > _________________________________________________________ Michael Sweet, Senior Printing System Engineer, PWG Chair
This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:09 UTC