httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roy T. Fielding" <field...@liege.ICS.UCI.EDU>
Subject Re: arrrrgh!
Date Sun, 04 Aug 1996 06:03:18 GMT
> I dunno. The other way to interpret the spec, which is still correct, is
> to still treat a non-port Host: header as port 80, but not allow port
> switches. In other words, if the port sent doesn't match the port that
> they've connected on, just ignore the Host: header. This is the same thing
> we do, for example, if someone sends "Host: some.nonexistent.domain".

I am a bit confused now, and I did write that portion of the spec.
I very carefully avoided placing any requirement on how the server
should interpret the port number -- the only requirements are on how
the server must interpret the host (section 5.2).  A server can completely
ignore the port and still remain compliant.  Alternatively, a server
can refuse any request with a port number other than that connected
to and still remain compliant.  The port is provided so that if a
port-muxing tunnel is being used and the server wishes to allow port
switches, it can do so.

In other words, the right(tm) way to interpret the spec is to use
the physical port number unless there is some configuration option that
says "give me port switching".  Port switching itself won't be reliable
until the HTTP/1.0 clients are history.

....Roy

Mime
View raw message