so that when a client sends the http2 equivalent of GET ftp://ftp.somewhere.com/file /HTTP/1.1 to a proxy, we can do it. ------ Original Message ------ From: "Greg Wilkins" <gregw@intalio.com> To: "Matthew Kerwin" <matthew@kerwin.net.au> Cc: "Adrien de Croy" <adrien@qbik.com>; "Zhong Yu" <zhong.j.yu@gmail.com>; "Martin Thomson" <martin.thomson@gmail.com>; "HTTP Working Group" <ietf-http-wg@w3.org> Sent: 24/07/2014 4:35:26 p.m. Subject: :scheme, was: consensus on :query ? > >While we are talking about decomposing the uri into it's component >parts..... > >why are we sending :scheme? > >It's not something that I would trust from a client anyway. > >If the connection is not TLS and the request says https, then I'm not >going to believe it. The only way I'll upgrade a request to https is >with some secret handshake with my SSL offloader via a special >privileged port that will probably nail all requests to https >regardless of what the header says. > >If the connection is TLS and the scheme says http, then I guess that >tells me something... that it is not TLS end to end, but then I don't >know if I'm meant to be trusting the hop or the end to end. It's >landing on my server as https... so I guess it is. > >Or is scheme meant to be optional, as in h1 allowing an absolute URL to >be sent in the request line? > >-- >Greg Wilkins <gregw@intalio.com> >http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that >scales >http://www.webtide.com advice and support for jetty and cometd.
Received on Thursday, 24 July 2014 05:02:37 UTC