W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: draft-ietf-httpbis-http2-latest, 8.1.2.1 Request Header Fields | Re: draft-ietf-httpbis-http2-latest, 8.1.2.1 Request Header Fields | Re: draft-ietf-httpbis-http2-latest, 5.5 Extending HTTP/2

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Tue, 29 Jul 2014 03:15:45 +1200
Message-ID: <53D66921.8030405@treenet.co.nz>
To: ietf-http-wg@w3.org
On 29/07/2014 1:15 a.m., Michael Sweet wrote:
> Julian,
> 
> I don't know, but RFC 2817 is pretty explicit about how to do a mandatory upgrade that applies to the connection and not to a particular resource:
> 
>    3.2 Mandatory Upgrade
> 
>    If an unsecured response would be unacceptable, a client MUST send an
>    OPTIONS request first to complete the switch to TLS/1.0 (if
>    possible).
> 
>        OPTIONS * HTTP/1.1
>        Host: example.bank.com
>        Upgrade: TLS/1.0
>        Connection: Upgrade
> 
> I think that's the crux - "*" has a different semantic than "/", and in HTTP/1.x you can't pass an empty path on the request line.


On 24 July 2014 03:34, Kari Hurtta wrote:
> OPTIONS http://some.host HTTP/1.1


Amos
Received on Monday, 28 July 2014 15:16:21 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:09 UTC