W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2019

Re: Fwd: draft-richsalz-httpbis-https-downgrade-00.txt

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Wed, 13 Mar 2019 05:06:12 +1300
To: ietf-http-wg@w3.org
Message-ID: <8f50043b-2c8c-5349-e907-215ae2223afe@treenet.co.nz>
On 13/03/19 12:44 am, Alessandro Ghedini wrote:
> Hello,
> On Mon, Mar 11, 2019 at 10:52:55PM -0400, Erik Nygren wrote:
> 3. "Protocol-To-Origin: cleartext" header: this makes sense I think. I imagine
>    browsers are unlikely to add a special error for this, so it would end-up
>    being treated like plaintext HTTP requests, which might encourage people to
>    try to fix this. Are there other clients that could use this?
>    But to be able to do this the header should be standardized. Is a BCP
>    enough for this? Until there's an actual standard header, it doesn't seem
>    like it would be possible to implement.

We already have the Forwarded header defined for this use.

CDN's typically erase such headers to hide their internal structures.
Making yet another header to expose the details will not change that
behaviour, only conflate the set of rarely used headers.

Received on Tuesday, 12 March 2019 16:06:52 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 12 March 2019 16:06:53 UTC