- From: Roy T. Fielding <fielding@kiwi.ICS.UCI.EDU>
- Date: Tue, 01 Jul 1997 14:23:09 -0700
- To: Henrik Frystyk Nielsen <frystyk@w3.org>
- Cc: http-wg@cuckoo.hpl.hp.com, w3c-http@w3.org
>One problem using the OPTIONS method is that it has to be forwarded to an >origin server. Nope. OPTIONS * HTTP/1.1 Host: blah is never forwarded. Besides, even if you include a full URL to test the whole proxy chain, the OPTIONS method is still safe. In general, there is no way to modify HTTP such that an invisible broken proxy can be detected. The only hope is to perform a safe action as a test and get a broken response if they are in the loop, and to abuse those developers who think they can implement network software without reading the specs. BTW, I suggest including a mini-app that can perform an OPTIONS and TRACE and save the result to a file. If nothing else, it will make diagnosing network configuration problems easier. ....Roy
Received on Tuesday, 1 July 1997 15:06:27 UTC