- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Fri, 26 Apr 2013 13:12:58 -0700
- To: James M Snell <jasnell@gmail.com>
- Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
The requirement for HEADERS+PRIORITY should only apply to the HTTP request/response exchange, not everything. Tier 3 and all that. On 26 April 2013 11:47, James M Snell <jasnell@gmail.com> wrote: > In the current draft (-02), under the definition of HEADERS+PRIORITY, > we say that the frame "MUST be used for each stream that is created".. > > Is this really true? This is inconsistent with other parts of the spec... > > Elsewhere we say that streams are created by sending any frame that > references an unused stream ID. > > We also say that PUSH_PROMISE frames are followed up by a HEADERS > frame (not HEADERS+PRIORITY). > > I believe the intent here is that streams ought only to be created > when sending a HEADERS, HEADERS+PRIORITY or PUSH_PROMISE frame that > references an unused stream ID. > > A DATA frame that references a previously unused Stream ID ought to > result in a PROTOCOL_ERROR. > > (which brings up an interesting question: what happens if I receive an > RST_STREAM that references a previously unused stream id? Based on the > rules so far, that would mean the stream ID would be closed before > there is ever a chance to use it... possible DOS vector?) >
Received on Friday, 26 April 2013 20:13:25 UTC