httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexei Kosut <ako...@nueva.pvt.k12.ca.us>
Subject Re: mod_proxy changes
Date Mon, 27 May 1996 19:11:33 GMT
On Mon, 27 May 1996, Robert S. Thau wrote:

> *) It should identify itself as an HTTP/1.0 proxy to both servers or
>    clients.  Right now, if I recall right, the protocol identifier in
>    the response is copied from the origin server's response verbatim.
>    This could cause problems in the future, when an "HTTP/1.2"
>    response from this proxy leads a client to believe that the proxy
>    has behaved in accord with PEP protocols which were in scope for
>    it, when in fact it has no idea what a PEP protocol is.

I fixed this a while back, it doesn't do this anymore.

> *) At present, it passes "canonicalized" pathnames on to origin
>    servers and further proxies.  The last time I checked the HTTP/1.1
>    drafts, which was admittedly a couple of revisions ago, they
>    specified that a proxy SHOULD pass on the URI exactly as received,
>    with one exception which applies only to the OPTIONS method.
>    (Putting SHOULD in all caps signals a normative requirement ---
>    violators can be conditionally but not fully compliant).

Agreed. Not only that, the way it caconicalizes pathnames is dangerous
- I recall David Robinson saying that it strips trailing slashes from
URIs, which is rather bad, because it means that if a client requests
the URL without the slash, and they get the slashed version, not the
redirect, all the relative links become useless.

-- 
________________________________________________________________________
Alexei Kosut <akosut@nueva.pvt.k12.ca.us>      The Apache HTTP Server
URL: http://www.nueva.pvt.k12.ca.us/~akosut/   http://www.apache.org/
 
      "War does not determine who is right, only who is left."


Mime
View raw message