- From: Mark Nottingham <mnot@mnot.net>
- Date: Wed, 9 Jul 2025 20:25:52 +0200
- To: Ben Schwartz <bemasc=40meta.com@dmarc.ietf.org>
- Cc: 张敬强 <zhangjingqiang@bytedance.com>, HTTP Working Group <ietf-http-wg@w3.org>
[ moving to HTTPBIS list ]
Hi Ben,
That seems reasonable - will you be on site? And is 10 minutes sufficient, or would 15 be better?
Cheers,
> On 9 Jul 2025, at 5:49 pm, Ben Schwartz <bemasc=40meta.com@dmarc.ietf.org> wrote:
>
> Amazing to see an implementation!
>
> Mark: If there is time in the HTTPBIS agenda, I think this might be worth presenting.
>
> --BenFrom: 张敬强 <zhangjingqiang@bytedance.com>
> Sent: Tuesday, July 8, 2025 11:59 PM
> To: Ben Schwartz <bemasc@meta.com>
> Cc: Mark Nottingham <mnot=40mnot.net@dmarc.ietf.org>; wellknown-uri-review@ietf.org<wellknown-uri-review@ietf.org>
> Subject: Re: [External] Re: Register easy-proxy Well-Known URI
>
>
> Yes it's not a normal use case with HTTP proxy. It will be too
> complicated to include this, and I think the well-known URI method
> will be more suitable for this.
>
> The 02 version still has a wrong example:
>
> `GET .well-known/masque/http/https%3A%2F%2Fexample.com%2F HTTP/1.1`
>
> The leading '/' in URI is missing.
>
> I think the current draft is good and I have submitted an initial
> support in g3proxy https://github.com/bytedance/g3/pull/826 .
>
>
> Ben Schwartz <bemasc@meta.com> 于2025年7月8日周二 05:51写道:
> >
> > Thanks for pointing out the issue with the default template. I corrected that in the editor's copy two months ago, but apparently the upload failed.
> >
> > Appending URI parameters after filling in the template is an interesting use case. Normally, we think of an HTTP proxy as transforming an "HTTP request", after all the parameters and headers have been determined. In this case, I suppose you are considering an API endpoint (defined by a URL), which can be transformed into a "proxied base URL" before the query parameters are added (by the non-proxy-aware API client).
> >
> > This is not a usage pattern that I have heard of before. We may able to support it by adjusting the template, but this comes with some tradeoffs as well:
> >
> > 1. This usage mode is unable to make use of authenticated proxies, because the client does not include or respect proxy authentication headers. This seems to encourage "implicit authentication" (e.g. by network topology), which runs counter to modern best practices (e.g. "zero trust networking").
> > 2. Any proxy template that can be used in this way cannot incorporate its own URL parameters, as they might collide with the API's parameter names. This is limiting for the design of proxy services, which could likely benefit from query parameters like "debug=1".
> >
> > If this usage mode is important for you, I would be happy to work on some hybrid or compromise between these two approaches.
> >
> > --Ben
> > ________________________________
> > From: 张敬强 <zhangjingqiang@bytedance.com>
> > Sent: Thursday, July 3, 2025 7:53 AM
> > To: Ben Schwartz <bemasc@meta.com>
> > Cc: Mark Nottingham <mnot=40mnot.net@dmarc.ietf.org>; wellknown-uri-review@ietf.org<wellknown-uri-review@ietf.org>
> > Subject: Re: [External] Re: Register easy-proxy Well-Known URI
> >
> >
> >
> > I have a thorough read of the draft today and got some questions:
> >
> > 1. The default template in section 4 Examples Figure 5 seems to be
> > "https://urldefense.com/v3/__https://$PROXY_HOST:$PROXY_PORT/http/*7Btarget_uri*7D__;JSU!!Bt8RZUm9aw!4eYLDA8qMjHs3xt1YrQD4QPMSXmBCNM7SqZLxY0BKtge_3aXW2OIHl-LyHIA0HH0ROJtdnNBhA454rOFnD4ObH5b$ ",
> > but section 3.2 it defines
> > "https://urldefense.com/v3/__https://$PROXY_HOST:$PROXY_PORT/.well-known/masque/http/*7Btarget_uri*7D__;JSU!!Bt8RZUm9aw!4eYLDA8qMjHs3xt1YrQD4QPMSXmBCNM7SqZLxY0BKtge_3aXW2OIHl-LyHIA0HH0ROJtdnNBhA454rOFnOXLsu4m$ ",
> > Is it a typo or the ".well-known/masque" part should be omitted?
> >
> > 2. I chose this well-known uri form
> > "/.well-known/easy-proxy/{scheme}/{target_host}/{target_port}/{original_path}{?original_query}"
> > to support clients that doesn't support proxies but support change
> > the API path to
> > /.well-known/easy-proxy/{scheme}/{target_host}/{target_port}/{original_path}
> > , so they can still append other query parameters when sending the request.
> > It seems the draft here encodes all the queries in {target_uri},
> > so the client always needs to have correct proxy support.
> > Is it possible to leave the query part as its original form?
> >
> > Ben Schwartz <bemasc@meta.com> 于2025年5月9日周五 20:19写道:
> > >
> > > Let me know if you have any questions about the draft. If you have feedback from prototyping, I'm happy to incorporate it.
> > >
> > > --Ben Schwartz
> > > ________________________________
> > > From: 张敬强 <zhangjingqiang@bytedance.com>
> > > Sent: Thursday, May 8, 2025 11:14 PM
> > > To: Mark Nottingham <mnot=40mnot.net@dmarc.ietf.org>
> > > Cc: wellknown-uri-review@ietf.org <wellknown-uri-review@ietf.org>; Ben Schwartz <bemasc@meta.com>
> > > Subject: Re: [External] Re: Register easy-proxy Well-Known URI
> > >
> > >
> > >
> > > Thanks.
> > >
> > > I will give some feedback on this topic after I have some free time to
> > > work on g3proxy again. Anyway I'm glad to add an experimental
> > > implementation.
> > >
> > > >
> > > > FYI, Ben (CC:ed) has updated his draft:
> > > > https://urldefense.com/v3/__https://datatracker.ietf.org/doc/draft-schwartz-modern-http-proxies/__;!!Bt8RZUm9aw!5HVgwPoO1RNNNCaI0RxJooC8xu-by8ACH8KLw8HUzpKDlcRd2FeDowjqoGAYemWCf3Tj4lCoPk_SiWsgDnFb87R9$
> > > >
> > > > Please talk to him if your'e interested in pursuing this.
> > > >
> > > > Cheers,
> > > >
> > > >
> > > > > On 1 May 2025, at 11:07 am, Mark Nottingham <mnot=40mnot.net@dmarc.ietf.org> wrote:
> > > > >
> > > > > Hello,
> > > > >
> > > > > I will register this as 'provisional'.
> > > > >
> > > > > You may be interested that there has been discussion of standardising similar mechanisms in the past, e.g.,
> > > > > https://urldefense.com/v3/__https://datatracker.ietf.org/doc/html/draft-schwartz-modern-http-proxies-00*name-modern-http-request-proxies__;Iw!!Bt8RZUm9aw!5HVgwPoO1RNNNCaI0RxJooC8xu-by8ACH8KLw8HUzpKDlcRd2FeDowjqoGAYemWCf3Tj4lCoPk_SiWsgDtxkFTZy$
> > > > >
> > > > > If you'd like, we can start a discussion in the HTTP Working Group about that work and see where it goes; having a standards-defined mechanism is usually preferable.
> > > > >
> > > > > Cheers,
> > > > >
> > > > >
> > > > >> On 24 Apr 2025, at 6:17 pm, 张敬强 <zhangjingqiang=40bytedance.com@dmarc.ietf.org> wrote:
> > > > >>
> > > > >> Hi,
> > > > >> I'm sending this mail to request for a register of 'easy-proxy'
> > > > >> well-known uri.
> > > > >>
> > > > >> URI suffix: easy-proxy
> > > > >> Change controller: [The G3 Project](https://github.com/bytedance/g3 )
> > > > >> Specification document(s):
> > > > >> https://github.com/bytedance/g3/blob/master/doc/easy-proxy.md
> > > > >> Status: provisional
> > > > >>
> > > > >> This has been implemented and used by some users, see
> > > > >> https://github.com/bytedance/g3/issues/608 .
> > > > >>
> > > > >> _______________________________________________
> > > > >> wellknown-uri-review mailing list -- wellknown-uri-review@ietf.org
> > > > >> To unsubscribe send an email to wellknown-uri-review-leave@ietf.org
> > > > >
> > > > > --
> > > > > Mark Nottingham https://urldefense.com/v3/__https://www.mnot.net/__;!!Bt8RZUm9aw!5HVgwPoO1RNNNCaI0RxJooC8xu-by8ACH8KLw8HUzpKDlcRd2FeDowjqoGAYemWCf3Tj4lCoPk_SiWsgDlR2_58E$
> > > > >
> > > > > _______________________________________________
> > > > > wellknown-uri-review mailing list -- wellknown-uri-review@ietf.org
> > > > > To unsubscribe send an email to wellknown-uri-review-leave@ietf.org
> > > >
> > > > --
> > > > Mark Nottingham https://urldefense.com/v3/__https://www.mnot.net/__;!!Bt8RZUm9aw!5HVgwPoO1RNNNCaI0RxJooC8xu-by8ACH8KLw8HUzpKDlcRd2FeDowjqoGAYemWCf3Tj4lCoPk_SiWsgDlR2_58E$
> > > >
--
Mark Nottingham https://www.mnot.net/
Received on Wednesday, 9 July 2025 18:26:00 UTC