Amos, "http://some.host" does not have an empty path, it has the default path of "/". Also, you aren't always doing TLS upgrade with the origin server, you are doing it with whomever you are connected, e.g., a proxy. On Jul 28, 2014, at 11:15 AM, Amos Jeffries <squid3@treenet.co.nz> wrote: > On 29/07/2014 1:15 a.m., Michael Sweet wrote: >> Julian, >> >> I don't know, but RFC 2817 is pretty explicit about how to do a mandatory upgrade that applies to the connection and not to a particular resource: >> >> 3.2 Mandatory Upgrade >> >> If an unsecured response would be unacceptable, a client MUST send an >> OPTIONS request first to complete the switch to TLS/1.0 (if >> possible). >> >> OPTIONS * HTTP/1.1 >> Host: example.bank.com >> Upgrade: TLS/1.0 >> Connection: Upgrade >> >> I think that's the crux - "*" has a different semantic than "/", and in HTTP/1.x you can't pass an empty path on the request line. > > > On 24 July 2014 03:34, Kari Hurtta wrote: >> OPTIONS http://some.host HTTP/1.1 > > > Amos > _________________________________________________________ Michael Sweet, Senior Printing System Engineer, PWG Chair
This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:09 UTC