- From: Greg Wilkins <gregw@intalio.com>
- Date: Mon, 7 Jul 2014 18:39:30 +1000
- To: Mark Nottingham <mnot@mnot.net>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
- Message-ID: <CAH_y2NGBg0VDoUaeXJuAGGLiHx00s4NEj0Be2GEoPS5igKtiZA@mail.gmail.com>
On 7 July 2014 18:27, Mark Nottingham <mnot@mnot.net> wrote: > Hi Greg (et al), > > Thanks for the proposal. The most immediate concern I have here is how > SETTINGS is used; see my recent e-mail to Jason. > > Mark, In reference to your comment: > SETTINGS is explicitly not a negotiation mechanism; it only allows one end to advertise its configuration to its peer. > > In this case, the semantic of MHS (MAX_HEADER_SIZE) would be roughly "I allow headers > coming at me to be at most THIS BIG." There's no way for the peer to ask for more; it has to > accept the limitation. Correct! This is not intended to be a negotiation, it is simply intended to make explicit the current HTTP semantics that allows a server to reject large entities. It is not an invitation to haggle with an endpoint, the endpoint is simply saying - don't even think about sending me a header larger than this setting. Endpoint already have limitation, which can only be discovered by attempting to send a header block, only to receive a 413. This proposal puts the burden on the sender rather than the receiver to enforce such limitations. cheers -- Greg Wilkins <gregw@intalio.com> http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales http://www.webtide.com advice and support for jetty and cometd.
Received on Monday, 7 July 2014 08:39:58 UTC