Re: :scheme, was: consensus on :query ?

On 24 July 2014 15:02, Adrien de Croy <> wrote:

> so that when a client sends the http2 equivalent of
> GET /HTTP/1.1
> to a proxy, we can do it.

That's a reasonable usage.

But distinguishing between http and https is not.   Can't we just not send
the scheme for HTTP and if we do then it should just be http and never
https.      At the very least we should point out that :scheme is not a
trusted value and just because it says https does not mean the request is

There is plenty of code out that that implements the equivalent of

 boolean isSecure() { return "https".equals(getScheme()); }

Greg Wilkins <> HTTP, SPDY, Websocket server and client that scales  advice and support for jetty and cometd.

Received on Thursday, 24 July 2014 05:16:12 UTC