- From: Henrik Nordstrom <henrik@henriknordstrom.net>
- Date: Thu, 15 Feb 2007 04:06:05 +0100
- To: Adrien de Croy <adrien@qbik.com>
- Cc: ietf-http-wg@w3.org
- Message-Id: <1171508765.18603.30.camel@henriknordstrom.net>
tor 2007-02-15 klockan 12:39 +1300 skrev Adrien de Croy: > We may have to leave proper (end to end) flow control for HTTP/2.0 then And stop calling it flow control. Abandoning the body transfer when one is indicated is not flow control. > Unless we ban it if there's a via header, but many proxies do not insert > these for security reasons. Well.. specs says they MUST. Nothing except for the HTTP version numbers contained therein needs to mean anything however.. > So if we go back to chunking then, so that any intermediaries can be > satisified as to request being completed, then > we could still possibly do something about the issue of > connection-oriented auth? Yes. The scheme I outlined earlier should work in nearly all situations. The exception being if the capability of the forwarding path changes drastically if the client disconnects and tries again after the initial dummy auth challenge. But even then at least for PUT/POST it should fail gracefully. For other methods which MAY have a request-body (for example GET) the analysis is not so easy, but thankfully a chunked body can not be misread as a valid HTTP request so the likelyhood for bad things to happen as result of a chunked request being sent to a HTTP/1.0 proxy/server is quite distant.. The problem with NTLM auth is not so much the 100 Continue timer, but the fact that the connection MUST be kept persistent once the client "challenge"/capability-negotiation packet has been sent and therefore the request body MUST be transmitted. RFC2616 only allows this when using chunked (8.2.2 Monitoring Connections for Error Status Messages) so to comply with RFC2616 transmission requirements any session using NTLM auth MUST use chunked during the handshake until the final credentials is sent. Regards Henrik
Received on Thursday, 15 February 2007 03:06:12 UTC