W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2013

Re: SETTINGS error handling

From: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date: Wed, 17 Jul 2013 00:32:11 +0900
Message-ID: <CAPyZ6=J=jumG=+aKyjuDNiB5oVAGEJ7axjQ6-TH3+DvsQGH0NQ@mail.gmail.com>
To: Amos Jeffries <squid3@treenet.co.nz>
Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
+1 for strict validation.

Regarding validation for SETTINGS, how about validating the values in

For example, the value in SETTINGS has unsigned 32 bit and it means
could have, say, 2^31, which is invalid for flow control.
http://tools.ietf.org/html/draft-ietf-httpbis-http2-04#section-6.9.1 says
if such value is received in
WINDOW_UPDATE frame, it must be responded with FLOW_CONTROL_ERROR.
But it does not say about SETTINGS frame for invalid window size (it may
infer that but still).
I think it would be good to add some error handling of values on SETTINGS
frame reception.

Best regards,

Tatsuhiro Tsujikawa

On Tue, Jul 16, 2013 at 9:22 PM, Amos Jeffries <squid3@treenet.co.nz> wrote:

> On 16/07/2013 10:20 a.m., Martin Thomson wrote:
>> On 15 July 2013 12:44, Patrick McManus <pmcmanus@mozilla.com> wrote:
>>> I'm wondering why the text proscribes error handling of MUST ignore in
>>> response to violation of the MUST NOT send provision.
>> I think that someone either caught Postel's DIsease, or is in remission.
>>  Can we either change it to PROTOCOL ERROR (preferred) or just be silent
>>> on
>>> handling of the error?
>> PROTOCOL_ERROR seems appropriate.
>> Opened:
>> https://github.com/http2/**http2-spec/issues/174<https://github.com/http2/http2-spec/issues/174>
> +1. And double that for more strictness everywhere.
> Amos
Received on Tuesday, 16 July 2013 15:33:06 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:14 UTC