Re: Rev81: COMMENT: 5.2 The Resource Identified by a Request

At 10:54 AM 6/3/96 -0700, Shel Kaphan wrote:
> > o	Host request-headers are required in HTTP/1.1 requests.
>Sorry if I'm being dense here or repeating past arguments, but...
>If a client has determined that a given server speaks HTTP 1.1, should
>it really be considered illegal to omit the HOST header if an absolute
>URI is included in the request?

I'll quote myself:

At 04:33 PM 4/24/96 EDT, Dave Kristol wrote:
>Words to that effect appear in Sect. 8 and App.D.1.  They should say,
>instead, that either an absoluteURI or Host request-header must
>accompany all HTTP/1.1 requests.

For now it's probably safer to require that Host: appear on ALL 1.1
requests, regardless of whether or not the Request-URI includes the Host
information.  there's more assurance this way that some people won't screw
it up.

More importantly: consider what happens if ClientFoo does not send the
Host:, instead deciding to send absoluteURI, and ClientFoo is talking to a
proxy.  If that proxy is old, it will strip the host info out of the
Reqest-URI and pass it on.  Now our 1.1 origin server gets no Host: and no
absoluteURI.  Sure - we could make special case language saying "You have to
send Host:, unless you are talking to a 1.1 server you dont have to, but you
do have to if your talking to a proxy."  What was it JG was saying?:
"Protocols can only stand so many special purpose hacks."

As such, I think we have good reason, and rough consensus, for Host: header
to be mandatory on all 1.1 requests.  Which is why the issue was closed, and
the language exists in the spec.

Daniel DuBois, Software Animal          

Received on Monday, 3 June 1996 11:04:37 UTC