httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: HTTP messages
Date Fri, 30 Jun 2006 08:06:44 GMT
On Thu, Jun 29, 2006 at 07:59:25PM -0700, Paul Adamczyk wrote:
> While testing HTTP messages on popular Web sites, I've
> observed that the same message sent to the same
> version of the Apache server can return completely
> different results.  Obviously, most of the results are
> due to user configuration.  But I'm most puzzled by
> the HEAD message, because according to the source
> code, it should be created with the same code as GET
> (except for the message body), but some Apache servers
> generate HEAD responses without the Content-Length
> header or set its length to 0.

There was a 2.x bug (fixed in 2.0.56) which meant that C-L was omitted 
for responses to HEAD requests in certain cases; notably for a 
dynamically generated response, e.g. PHP.  2.x will never send "C-L: 0" 
unless the corresponding GET would also send "C-L: 0" AFAIK.  

It's only a SHOULD requirement in 2616 that the metadata in a HEAD 
response exactly matches that which would be returned by GET, so it's 
not strictly correct to say that this bug makes the server non-compliant 
with 2616, it's merely a "conditional compliance".

> I've put the results in a paper.  I would appreciate
> your reviews or any comments you can provide on this
> topic.
> 
> http://pinky.cs.uiuc.edu/~padamczy/docs/ecows06_http.pdf

CONNECT is used for tunnelling through proxies, origin servers never see 
nor need to care about the CONNECT method, and use of CONNECT is 
completely unrelated to use of SSL at the origin server; all the stuff 
about that seems to be very confused.

joe

Mime
View raw message