Re: #273: HTTP-Version should be redefined as fixed length pair of DIGIT . DIGIT from Amos Jeffries on 2011-06-25 (ietf-http-wg@w3.org from April to June 2011)

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Sat, 25 Jun 2011 17:11:32 +1200
To: ietf-http-wg@w3.org
Message-ID: <4E056E04.3030100@treenet.co.nz>

On 25/06/11 10:14, Willy Tarreau wrote:
> Hi Julian,
>
> On Fri, Jun 24, 2011 at 10:16:26PM +0200, Julian Reschke wrote:
>>     The HTTP version number consists of two non-negative decimal digits
>
> Since "integer" was changed to "digits" here, maybe we can remove the
> "non-negative" precision ?

The text above is also overriding the possibility of double-digit major 
versions. Implying "the version" only contains 2 digits in total.

How about:
   consists of two sequences of decimal digits separated by one dot

Followed by clarification on the size limits of those sequences.

>
> Otherwise the rest is OK to me.
>
>> I also checked for examples that use multiple digits and couldn't find any.
>
> I did a few quick checks on some sources I have here (some being quite outdated) :
>    - thttpd : only checks if version string == HTTP/1.0, everything else is 1.1
>    - mini-httpd : same
>    - tux : checks for minor == 1 (first digit)
>    - varnish : compares version string with "HTTP/1.0" and "HTTP/1.1", everything
>         else is 0.9.
>    - haproxy : sets 1.1 when length == 8 and ((major>  1) or (major == 1 and
>         minor>= 1)) (one digit for each part). So 1.10 reports 1.0.
>    - apache : does sscanf("%u.%u") and accepts minors up to 999.
>    - teepeedee : makes use of strtoul() on both major and minor
>    - squid : does sscanf("%d.%d"). Not sure what it does with negatives. This
>      was a pretty old version however (2.5-stable12), that might not count.

squid-2 all do that same sscanf. negative numbers get an 4xx error page.

squid-3 use isdigit() for any length numeric as per the spec. rejects 
with 505 on anything other than 1.0 or 1.1.


>    - lighttpd : uses strtol() on both major and minor (so might accept negatives)
>         but checks for major==1 and minor==1 (or minor==0) to report 1.1 or 1.0
>         respectively, the rest being rejected.
>    - nginx : I was not sure
>
> Given the diversity of methods, I think it's really nice that we can
> simplify the parsing.

I disagree that the parsing is complex here. Just plain wrong in several 
of those cases. It is a huge amount simpler to check for valid version 
than valid method.

AYJ

Received on Saturday, 25 June 2011 05:12:38 UTC