Re: HTTP/2.0 -04 candidate

+1

On 2013-07-02, at 1:22 AM, Sam Pullara <spullara@gmail.com> wrote:

> It looks like that this could be an issue:
> 
>    The header fields in PUSH_PROMISE MUST include the ":scheme", ":host"
>    and ":path" header fields that identify the resource that is being
>    pushed.  A PUSH_PROMISE always implies an HTTP method of GET.  If a
>    client receives a PUSH_PROMISE that does not include these header
>    fields, or a value for the ":method" header field, it MUST respond
>    with a stream error (Section 5.4.2) of type PROTOCOL_ERROR.
> 
> I suggest that you limit to same origin and remove the :schema and the :host. It is quite probable that a different host, even if could be served from the same IP address, actually resolves to a different IP address when the client resolves it. Even the same :host could resolve to a different IP address. Also, do you really want the resource to use a different scheme than the original request? My suggestion on this is to limit PUSH_PROMISE to same origin and require only the :path header field to be set. Simplifies things quite a bit and the client should already know the :schema and :host header.
> 
> Sam
> 
> On Jul 1, 2013, at 9:37 PM, Martin Thomson <martin.thomson@gmail.com> wrote:
> 
>> Thanks, this was a bit rushed in parts so I potentially botched a few edits. Pull requests much appreciated, especially for the small stuff.
>> 
>> On Jul 1, 2013 9:30 PM, "Shigeki Ohtsu" <ohtsu@iij.ad.jp> wrote:
>> Thanks for your great work.
>> 
>> I've just read through the draft and submited a PR for some editrial fixes againt a layering branch.
>> https://github.com/http2/http2-spec/pull/157
>> Please review it. If the PR to the branch is not good for fix, pelase let me know it.
>> 
>> Regards,
>> 
>> (2013/07/02 9:23), Martin Thomson wrote:
>> Those people who volunteered to contribute to the layering work in the
>> SF interim have come up with something.  This includes a restructuring
>> of the content.
>> 
>> Since the changes are large in scope, we're not submitting this as
>> draft-ietf-httpbis-http2-04.  I've put this up as an individual
>> submission so that people can comment on structure, text, omissions:
>> 
>>   http://tools.ietf.org/html/draft-unicorn-httpbis-http2-00
>> 
>> Note: This is a proposal for the content of the
>> draft-ietf-httpbis-http2-04.  Please let us know - as soon as possible
>> - if the idea of this becoming a -04 offends you somehow.
>> 
>> This draft includes resolutions to all the issues on our milestone,
>> with the exception of two (#75: default priorities, #17: opaque data
>> in GOAWAY and RST_STREAM), which I plan to address tomorrow.
>> 
>> Now, most of the final pass is my fault (with a little help from the
>> github unicorn), so blame me for all the bad stuff and praise Jeff and
>> James for providing all the good stuff.
>> 
>> 
>> 
> 

_________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair

Received on Tuesday, 2 July 2013 12:53:11 UTC