Re: NEW ISSUE: Transfer-Encoding in 1.0 messages from Henrik Nordstrom on 2007-11-23 (ietf-http-wg@w3.org from October to December 2007)

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Fri, 23 Nov 2007 08:50:19 +0100
To: Bjoern Hoehrmann <derhoermi@gmx.net>
Cc: ietf-http-wg@w3.org
Message-Id: <1195804219.824.11.camel@henriknordstrom.net>

On tor, 2007-11-22 at 10:44 +0100, Bjoern Hoehrmann wrote:
> Hi,
> 
>   I could not find in RFC 2616 or the current drafts a discussion how to
> handle a Transfer-Encoding header in HTTP/1.0 messages. Implementations
> appear to either ignore it (Internet Explorer, Firefox) or process it as
> if this was a HTTP/1.1 message (libwww-perl, Opera, Apache 2.2). There
> may be other differences if there is also a Content-Length header. This
> is a bit of a problem since this might cause some applications (e.g. a
> crude intrusion detection system) to see different messages. Can we add
> a note or perhaps recommendation on dealing with this situation?

Who is sending transfer-encoding in HTTP/1.0 messages? Have never seen
that, and quite outside specifications.

I have seen transfer-encoding in response to HTTP/1.0 requests however,
even if that is a MUST NOT..

Regards
Henrik

Received on Friday, 23 November 2007 07:50:31 UTC