Re: Does anyone actually use HTTP_1_1_REQUIRED or HTTP_VERSION_FALLBACK?

On Tue, May 23, 2023 at 03:20:51PM +0100, Lucas Pardue wrote:
> HTTP/2 defines the error code HTTP_1_1_REQUIRED with the description "The
> endpoint requires that HTTP/1.1 be used instead of HTTP/2.". The only
> mention of this error code is in Section 9.2.1 that describes TLS 1.2 and
> HTTP/2 and says
> > This effectively prevents the use of renegotiation in response to a
> request for a specific protected resource. A future specification might
> provide a way to support this use case. Alternatively, a server might use
> an error (Section 5.4) of type HTTP_1_1_REQUIRED to request that the client
> use a protocol that supports renegotiation.
> I was curious if anyone uses it this way. With the advent of TLS 1.3, I
> presume an HTTP client wouldn't address this specific problem of
> renogitation problem, so a client might need to do more complex logic. Or
> it doesn't because nobody actually handles the situation as the RFC
> describes it might happen.

The reverse proxy I wrote generates RST_STREAM(HTTP_1_1_REQUIRED) if
backend responds with Transfer-Encoding other than chunked with HTTP/2
front-end connection (since HTTP/2 does not allow Transfer-Encoding,
other than the implicit chunking). I do not know if that ever actually


Received on Tuesday, 23 May 2023 17:50:15 UTC