- From: Dave Kristol <dmk@bell-labs.com>
- Date: Tue, 09 Dec 1997 16:32:34 -0500
- To: John Franks <john@math.nwu.edu>
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
John Franks wrote: > > On Tue, 9 Dec 1997, Dave Kristol wrote: > > > I still feel my one objection about proxy-added headers is substantive > > and unresolved. Briefly, an origin server might omit headers that get > > figured into the entity-digest calculation. A proxy might subsequently > > add those headers. The client sees a message *with* the headers, > > calculates an entity-digest that figures them in, and gets a different > > answer from what the origin server calculated. > [...] > I agree that there is an issue here. The current spec says the > proxy MUST not add these headers. If I recall you suggested the > MUST be changed to SHOULD. I am not sure how this helps beyond > making the proxy technically "legal." It doesn't materially affect > the problem. Ummm... I think my "MUST -> SHOULD" had to do with a proxy's changing the content of headers. I think I see the words to which you're referring (end of p.13), and they mention Content-Length explicitly but don't mention Date. And there's a potential problem with Content-Length: suppose a proxy eats chunked data and wants to create a complete entity *with* Content-Length. Is it hereby forced to forward the entity as "chunked" because it's forbidden to add Content-Length? > > What should a proxy do in this situation? It seems it must either > not add headers or break the entity-digest. I agree it's a dilemma. An option is to require that clients send Content-Length and (perhaps) not Date, and forbid proxies to add either within this context. Dave Kristol
Received on Tuesday, 9 December 1997 13:19:47 UTC