W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2019

Re: Is CONNECT hop-by-hop?

From: Amos Jeffries <squid3@treenet.co.nz>
Date: Sat, 20 Apr 2019 18:51:53 +1200
To: ietf-http-wg@w3.org
Message-ID: <c28bcb44-f10c-e216-d9df-3e2cf985d931@treenet.co.nz>
On 20/04/19 8:20 am, Alex Rousskov wrote:
> Hello,
>     Imagine two chained proxies. When a child proxy receives a CONNECT
> request, and must go through the parent proxy, is the child supposed to
> forward the end-to-end CONNECT headers (e.g., User-Agent and X-Foo)?
> Should a compliant HTTP proxy forward regular end-to-end CONNECT headers
> to the next proxy?

I think this is incorrectly mixing two independent principles here.

The method hop-by-hop (or not) refers to the HTTP-message. Which can be
just the request-line or status-line values. That is the minimal
HTTP-message per RFC7230 section 3.

RFC 7230 section 3.2.1 is what you/we need to be using as the definitive
default forward/remove guidance on "regular" headers. Except where the
headers own more-specific definition overrides that with a requirement
about forwarding or removal.

This section 3.2.1 requirements do not rely on the hop-by-hop (or not)
nature of CONNECT, but on whether there is any next-hop HTTP-message to
relay the relevant end-to-end headers on.

So IMO the issue is not whether CONNECT is hop-by-hop, but whether the
intermediary is mapping the CONNECT to TCP directly or to another
HTTP-message. If it is to another HTTP-message (eg CONNECT to a peer)
the end-to-end headers still apply to that (non-)payload sent to the
next-hop, the hop-by-hop headers do not.

Received on Saturday, 20 April 2019 06:52:50 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:15:34 UTC