- From: Stefan Eissing <stefan.eissing@greenbytes.de>
- Date: Mon, 20 Jul 2015 11:51:26 +0200
- To: Amos Jeffries <squid3@treenet.co.nz>
- Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
> Am 20.07.2015 um 11:27 schrieb Amos Jeffries <squid3@treenet.co.nz>: > > In HTTP/2 the :scheme pseudo-header and others needed to form > absolute-URI are mandatory. Which makes it always have a well-formed > request-target. That was intentionally done to avoid exactly this bug > from occuring. It saddens me greatly to hear that servers are ignoring > it already on grounds of that being how they treat HTTP/1. It's not that bad. Apache is parsing absolute uris and giving them preference over any host header. But, if I read the code correctly, it is not prepared to treat a http: scheme correctly when received over a TLS port. //Stefan <green/>bytes GmbH Hafenweg 16, 48155 Münster, Germany Phone: +49 251 2807760. Amtsgericht Münster: HRB5782
Received on Monday, 20 July 2015 09:51:51 UTC