httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nathan Neulinger <nn...@umr.edu>
Subject Re: HTTP/1.1 header problem
Date Sun, 22 Dec 1996 01:13:45 GMT
Looks good... I have two comments below though.

-- Nathan

At 5:05 PM -0800 12/21/96, Brian Behlendorf wrote:
>(This is the message I'm sending to george, and CC'ing you all on.  Let me
>know
>what you think, I'll send it out Sunday noon PST)
>
>	Brian
>
>###############
>
>
>Hi George.  I'm sending this mail to both you and the Apache development list
>(which you are invited to join - majordomo@apache.org, "subscribe new-httpd",
>etc). I think there is a very simple fix for this issue.
>
>> Date: Fri, 20 Dec 1996 16:22:18 -0800
>> From: George Boyce <grboyce@aol.net>
>> To: apache-bugs@apache.org
>> Subject: HTTP/1.1 header problem
>...
>> And our proxy is responding with an error as even the 1.1 spec allows.
>>
>> http://www.w3.org/pub/WWW/Protocols/HTTP/1.1/draft-ietf-http-v11-spec-07.txt
>> <<
>> Since the protocol version indicates the protocol capability of the
>>sender, a
>> proxy/gateway MUST never send a message with a version indicator which is
>> greater than its actual version; if a higher version request is
>>received, the
>> proxy/gateway MUST either downgrade the request version, respond with an
>>error,
>> or switch to tunnel behavior.
>> >>
>
>The big issue for you, I believe, is "downgrading" an HTTP/1.1 response to
>HTTP/1.0 in line with this consideration.  For the 1.0 proxy receiving any 1.x
>response, it should be as easy as changing the first line of the response from
>1.1 to 1.0.  The 1.1 spec guarantees that the 1.1 response to a 1.0 proxy will
>not contain any headers which could cause problems.  If it were a 1.1 proxy it
>may get something only 1.1 agents can understand, such as chunked transfer
>codings or the 100 Continue response, but in this case it should be safe.
>
>Remember, this is all we would be doing in Apache were we to specially
>hack our
>server.
>
>If this is not the case, if your team has evidence of other headers or
>behavior
>in HTTP/1.1 which a simple version number switch wouldn't fix, please let's
>talk about it, as this would probably be news to the HTTP IETF working
>group as
>well, and those would be seen as errors to the 1.1 spec which could be
>documented in a later RFC.  It would certainly run counter to the spirit
>of the
>1.1 spec.
>
>> In the spirit of making things work, our development team will work on a
>>way to
>> downgrade HTTP/1.1 requests and responses to HTTP/1.0. Until then, would you
>> folks consider having your server respond to HTTP/1.0 requests with HTTP/1.0
>> replies?
>
>Some people have hacked their servers to do this.  We may provide a set of
>configuration directives and a short patch to the source code to do this.
>It's
>not been as easy as we thought to do this in an easily configurable way,
>though
>that may change.  But it's unlikely we'd put a hack in any released version of
>the server.

Might want to just mention here the reason for the difficulty... The lack
of a consistent header that we can match on, etc.

>> Looking forward to your reply. We certainly want the AOL web access
>>service to
>> work with the apache server. Please don't listen to those few who yell
>>at AOL
>> for all of our screwups in the past and future. We generally had a
>>reason for
>> most of them; it is really difficult to run a reliable service for this many
>> people.
>
>I absolutely appreciate that.  Developing complex software to work in a
>heterogenous environment is very difficult - which is why Apache has been so
>great to work on, since a change or fix can be very quickly tested across a
>wide array of environments and situations.  I've always been curious as to why
>your development project has been so closed - since AOL's not selling its
>proxy service as a product but instead as a service, concerns about own
>proprietary technology are probably somewhat mitigated, and thus using public
>domain code is certainly something you could do.  There's Apache's proxy,
>there's the great Squid proxy, and others.

I'd lose this last line... sounds like you're trying to push other stuff
onto them...

>Anyways, we look forward to resolving this issue - we've held off on being
>much
>louder than we have only because we knew there would be reasonable folks on
>your end and we could talk this through, and I'm glad to see this is the case.
>
>	Brian, Apache Group member
>
>p.s. - I will be on vacation for two weeks starting Monday; if you respond to
>the address in the Cc: field the other developers around during the holidays
>would be happy to carry on the conversation.
>
>--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
>brian@organic.com  www.apache.org  hyperreal.com  http://www.organic.com/JOBS


------------------------------------------------------------
Nathan Neulinger                  Univ. of Missouri - Rolla
EMail: nneul@umr.edu                  Computing Services
WWW: http://www.umr.edu/~nneul      SysAdmin: rollanet.org



Mime
View raw message