Re: [w3ctag/design-reviews] Signed Exchanges (#235) from Andrew Betts on 2018-04-07 (public-webapps-github@w3.org from April 2018)

From: Andrew Betts <notifications@github.com>
Date: Sat, 07 Apr 2018 02:01:41 +0000 (UTC)
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/235/379424440@github.com>

In [3.2.1](https://tools.ietf.org/html/draft-yasskin-http-origin-signed-responses-03#section-3.2.1), the example uses a full URL in the request line and no `Host` header:

```
GET https://example.com/ HTTP/1.1
Accept: */*

HTTP/1.1 200
Content-Type: text/html
Digest: SHA-256=20addcf7368837f616d549f035bf6784ea6d4bf4817a3736cd2fc7a763897fe3
Signed-Headers: "content-type", "digest"
```

That seems like invalid HTTP/1.1 to me.  Is there a rationale for that?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/235#issuecomment-379424440

Received on Saturday, 7 April 2018 02:02:48 UTC