- From: Jingcheng Zhang <diogin@gmail.com>
- Date: Wed, 22 Mar 2023 10:13:53 +0800
- To: HTTP Working Group <ietf-http-wg@w3.org>
- Message-ID: <CACE=nTd21eO5Ng_vZ=ZWy=xp4FPie7+QFDf0QMubi2qOh+cuhA@mail.gmail.com>
On Wed, Mar 22, 2023 at 4:28 AM Martin Thomson <mt@lowentropy.net> wrote: > > In HTTP/1.1, scheme can be explicit if the authority form is used. > However, in most cases the scheme is inferred from properties of the > connection. That is, if TLS is in use, infer "https"; otherwise, infer > "http". > > The gateway text covers those cases where you have cleartext to the gateway > and TLS to an origin server (not that common now) or the scary case of TLS > to the gateway and cleartext to the origin (shockingly, still more common > than I'd like). In those cases, the gateway might use absolute form as you > say. Forwarded-For (https://www.rfc-editor.org/rfc/rfc7239#section-5.4) > has a parameter that might signal this. > > Signals might also be implicit - if there is only an "http" front end, the > origin server can assume "http" even when the request from the gateway > comes in over TLS. That's probably very common as it is increasingly less > common to have both "http" and "https", as the latter is superior in nearly > every way. > > Got it, thanks for your detailed explanation. So the absolute-form can be explicitly used, but RFC 9112 (HTTP/1.1) says it is intended to be used for sending requests to proxies, although origin servers are required to support it. This is in fact not exactly equivalent to ":scheme", as ":scheme" has no restrictions. Am I right? -- Best regards, Zhang Jingcheng Beijing, China
Received on Wednesday, 22 March 2023 02:14:19 UTC