httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dirk-Willem van Gulik <>
Subject Re: 301 Redirect through a firewall... Possible to hide the origin server ip address?
Date Fri, 14 Sep 2001 21:53:08 GMT

On Fri, 14 Sep 2001, Sander Temme wrote:

> on 9/14/01 11:26 AM, Aaron Bannert at wrote:
> > p.s. Are "GET ... HTTP/1.0" requests allowed to return "HTTP/1.1" responses?

Yes - normally but see below. The '1.1' reply signals that the server
would be able to talk 1.1(*) if requested. It does not say that the reply
is a 1.1 reply. This unlike the request where the 1.x says what the
request 'is' (and thus what the max reply can be).

*: or at least is conditionally compliant.

The reason why the server does not need to directly state the protocol
level of the reply - and thus can use the version for telling what it
could do at a maximum; is that the client 'knows' that it has done a 1.0
request; as does the server - so both parties know that the reply is to be
a 1.0 reply or LOWER.

Thus there is no need to tell the client the version of the reply as any
higher version is backwards compatible with lower ones - or at least
awware of it so it can give a 50x - thus the server tells the client the
highest of what it could do. If this is lower than the request then it is
usefull info for the client. If it is higher than the client may want to
use it for an upgrade. But note that even though the reply has a higher
version number; the server MUST still reqwrite any headers down to the
clients version.

Now that is the 'easy' case. There are a few cases from rfc2145 which are
more complex; and since rfc2068 was published you have a non backwards
compatibilty situations in proxies. Then the upgrade path is:

	proxy			MUST or MAY
	caching proxy		MYUST
	gateway(**)		MAY
	tunnel			MUST not

for a version change on either side of the middle box. (**) Of course a
gateway could be black - and do 'anything'. Compare 2068 and 2616 to for
the delta.


> If not, we're in trouble...
> [bistromath:sctemme] sctemme$telnet 80
> Trying
> Connected to
> Escape character is '^]'.
> GET / HTTP/1.0
> HTTP/1.1 200 OK
> Date: Fri, 14 Sep 2001 18:35:01 GMT
> Server: Apache/2.0.26-dev (Unix)
> Content-Length: 575
> Connection: close
> Content-Type: text/html; charset=ISO-8859-1
> (...)
> S.

View raw message