- From: Alex Rousskov <rousskov@measurement-factory.com>
- Date: Thu, 1 May 2003 11:53:22 -0600 (MDT)
- To: Scott Lawrence <scott-http@skrb.org>
- cc: ietf-http-wg@w3.org
Scott,
I have two comments, both from HTTP proxies point of view:
> 3.3 Acceptance of Upgrade Request
> Server Sends
> 101 Switching Protocols
> Upgrade: TLS/1.0, HTTP/1.1
> Connection: Upgrade
Please note that support for forwarding of 1xx responses in proxies is
poor. Most of the proxies we tested has violated at least one test
case related to 1xx acceptance and forwarding. For a typical example,
see http://nagoya.apache.org/bugzilla/show_bug.cgi?id=19442
While tested vendors are fixing these now-known problems, it will take
a while for changes to be implemented and to propagate. Poor support
in intermediaries means that even compliant clients and servers will
not be able to work in many real-world environments if they rely on
1xx responses.
> ================ Proxy Servers
>
> Section Proxy Feature
>
> 5.2 CONNECT to port 443
>
> 5.2 CONNECT to port 80 prior to upgrade request
> Client Sends
> CONNECT www.example.com:80 HTTP/1.1
> Host: www.example.com:80
> Proxy establishes origin server connection, switches to
> tunnel mode and responds with some 2xx response.
>
> 5.3 CONNECT through chained proxies
> Client Sends
> CONNECT www.example.com:80 HTTP/1.1
> Host: www.example.com:80
> Proxy Sends to next proxy toward origin server
> CONNECT www.example.com:80 HTTP/1.1
> Host: www.example.com:80
> and forwards response appropriately
I believe the above are fairly well supported in decent proxies
because they often must handle SSL/TLS tunneling (or terminating) as a
part of the infrastructure. I know that Squid proxy cache, for
example, supports CONNECT requests well.
HTH,
Alex.
--
| HTTP performance - Web Polygraph benchmark
www.measurement-factory.com | HTTP compliance+ - Co-Advisor test suite
| all of the above - PolyBox appliance
Received on Thursday, 1 May 2003 14:13:56 UTC