You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There are several paragraphs in section 3.2.2 of RFC 9112 that can be better clarified:
A client MUST send a Host header field in an HTTP/1.1 request even if the request-target is in the absolute-form, since this allows the Host information to be forwarded through ancient HTTP/1.0 proxies that might not have implemented Host
while the instruction is clear, the explanation is not. First, won't the Host header be forwarded by ancient proxies regardless of the absolute form? Why is this case special? Second, the following two paragraphs require both proxies and origin servers to ignore the Host header in this case, so it still doesn't explain why the client must send it... would it be possible to provide a more complete explanation, or perhaps just remove the 'since' part which just adds more confusion?
When an origin server receives a request with an absolute-form of request-target, the origin server MUST ignore the received Host header field (if any) and instead use the host information of the request-target. Note that if the request-target does not have an authority component, an empty Host header field will be sent in this case.¶
Here it is unclear why the two sentences were lumped into a single paragraph, as they seem a bit unrelated. The first sentence is about an origin server ignoring a received host header (regardless of content). The 'note' sentence is about an empty header being sent, which does not affect or expand on the first sentence. While it may be true, perhaps it should not be a note in this paragraph but just a separate sentence, or maybe added to the first paragraph in the section or one of the others about the client sending the header, rather than with this sentence about the server ignoring the header? Also, "in this case" seems redundant.
A server MUST accept the absolute-form in requests even though most HTTP/1.1 clients will only send the absolute-form to a proxy.
This is clear, but the phrasing "most clients will" somewhat makes it seem like there's a choice there, whereas the openings of sections 3.2.1 and 3.2.2 make it clear that a client must send the absolute-form to proxies and must send a non-absolute form to origin servers for non-connect/options requests. Perhaps this can be stressed in this paragraph, e.g. "even though HTTP/1.1 clients must only send the absolute-form to a proxy" (or "aught to" or something less casual than 'most clients will').
The text was updated successfully, but these errors were encountered:
There are several paragraphs in section 3.2.2 of RFC 9112 that can be better clarified:
while the instruction is clear, the explanation is not. First, won't the Host header be forwarded by ancient proxies regardless of the absolute form? Why is this case special? Second, the following two paragraphs require both proxies and origin servers to ignore the Host header in this case, so it still doesn't explain why the client must send it... would it be possible to provide a more complete explanation, or perhaps just remove the 'since' part which just adds more confusion?
Here it is unclear why the two sentences were lumped into a single paragraph, as they seem a bit unrelated. The first sentence is about an origin server ignoring a received host header (regardless of content). The 'note' sentence is about an empty header being sent, which does not affect or expand on the first sentence. While it may be true, perhaps it should not be a note in this paragraph but just a separate sentence, or maybe added to the first paragraph in the section or one of the others about the client sending the header, rather than with this sentence about the server ignoring the header? Also, "in this case" seems redundant.
This is clear, but the phrasing "most clients will" somewhat makes it seem like there's a choice there, whereas the openings of sections 3.2.1 and 3.2.2 make it clear that a client must send the absolute-form to proxies and must send a non-absolute form to origin servers for non-connect/options requests. Perhaps this can be stressed in this paragraph, e.g. "even though HTTP/1.1 clients must only send the absolute-form to a proxy" (or "aught to" or something less casual than 'most clients will').
The text was updated successfully, but these errors were encountered: