- From: Mark Nottingham <mnot@mnot.net>
- Date: Tue, 15 May 2018 19:38:11 +1000
- To: Willy Tarreau <w@1wt.eu>
- Cc: "Julian F. Reschke" <julian.reschke@gmx.de>, Kazuho Oku <kazuhooku@gmail.com>, Martin Thomson <martin.thomson@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
> On 15 May 2018, at 7:28 pm, Willy Tarreau <w@1wt.eu> wrote: > > FWIW I've used many times "Host:" with no name when connecting to an > HTTP/1.1 server without knowing its name, and rarely faced any issue > with this. I'm not saying it's right or wrong, but that many > implementations support an empty header field and distinguish it from > an absent one. Sure - although that's pretty broken for Host, this isn't a completely uncommon thing. When we did SOAPAction way back when (shudder), we came to the conclusion that some HTTP implementations might drop empty headers, so it wasn't safe -- but I don't remember how much data that was based upon. That said, just because it's possible with HTTP headers doesn't mean it needs to be possible with structured headers. Cheers, -- Mark Nottingham https://www.mnot.net/
Received on Tuesday, 15 May 2018 09:38:40 UTC