- From: Mark Nottingham <mnot@mnot.net>
- Date: Tue, 23 Apr 2013 17:22:37 +1000
- To: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
p2 5.1.1.1 explains the semantics of 100-continue: "If the origin server responds with a final status code, it must not have performed the request method and may either close the connection or continue to read and discard the rest of the request." In my (admittedly quick) testing, pretty much nobody does this, at least by default; i.e., if I send a GET to a server with Expect: 100-continue, it's going to give me a 200 or 30x, not a 417. Sure, they might send 417 for a request with a body, but as written pretty much no one is conformant. One thing we could do would be to only place requirements upon proxies and servers when Expect: 100-continue is on a request with a body. Stepping back, though, I have to wonder if it's reasonable to only allow 100 (Continue) or, effectively, an error (since the request can't be "applied") in the presence of Expect: 100-continue. I've seen many implementations that purposefully ignore Expect: 100-continue and send back 200 (OK) responses to avoid the interop problems that expect/continue brings. OTOH if we do maintain the notion that a final response to an Expect: 100-continue request needs to NOT be applied on the server, we should use more specific terminology (i.e., say that it needs to be a 4xx or 5xx response status, not just a "final response."). Thoughts? -- Mark Nottingham http://www.mnot.net/
Received on Tuesday, 23 April 2013 07:23:06 UTC