IETF Logo Mail Archive

Re: draft-ietf-httpbis-header-structure: handling multiple field values

Julian Reschke <julian.reschke@gmx.de> Tue, 12 May 2020 20:20 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 013D63A0A6A for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 12 May 2020 13:20:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.648
X-Spam-Level:
X-Spam-Status: No, score=-2.648 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7MVODWO60oJC for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 12 May 2020 13:20:37 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D2FC3A0A65 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 12 May 2020 13:20:37 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1jYbM6-0005Sp-I1 for ietf-http-wg-dist@listhub.w3.org; Tue, 12 May 2020 20:18:22 +0000
Resent-Date: Tue, 12 May 2020 20:18:22 +0000
Resent-Message-Id: <E1jYbM6-0005Sp-I1@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <julian.reschke@gmx.de>) id 1jYbM5-0005S3-Cw for ietf-http-wg@listhub.w3.org; Tue, 12 May 2020 20:18:21 +0000
Received: from mout.gmx.net ([212.227.15.19]) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <julian.reschke@gmx.de>) id 1jYbM3-0002bT-CZ for ietf-http-wg@w3.org; Tue, 12 May 2020 20:18:21 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1589314664; bh=ADsHnWRpOIm9h4nqPdFwitIKpkZK04W8nckZ30+2jC4=; h=X-UI-Sender-Class:Subject:To:Cc:References:From:Date:In-Reply-To; b=bs62JmRjv7QCusrFfbJLB/ZqM4Dq1zva+19SLLcCiSG8uhxvHRZ8HW1qPejNVCGJ/ Fsh8dDFzO4AY/8Aj/X5jVAjf/GDlsVaYmmJbdXQ5+266js4TTHImdhnw3BoiWg+lAg NI4KuO9IiT2rqUIE578T9CNSi6/Eel+5T8gSdl9U=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.178.182] ([84.171.146.181]) by mail.gmx.com (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1N7QxL-1j2gx838rV-017q5E; Tue, 12 May 2020 22:17:43 +0200
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
Cc: Ian Clelland <iclelland@google.com>, Willy Tarreau <w@1wt.eu>, HTTP Working Group <ietf-http-wg@w3.org>
References: <f55521dd-e1d3-d925-688c-c472ad67bfb4@gmx.de> <20200512172347.GB4817@1wt.eu> <CAK_TSXJ3o7F9x63MSYyEhr7de0vO1Yu2s8JnjkhT7n4BQiQp+A@mail.gmail.com> <706ee02a-2ecc-6cce-0754-909d6b9f4edd@gmx.de> <CAK_TSXJxex1t32EnfPqYUKhTdqJZFbRf36_FLKJeP2Tqu7RXMg@mail.gmail.com> <4045931b-06b3-9b76-106f-773499b8374b@gmx.de> <11162.1589312096@critter.freebsd.dk>
From: Julian Reschke <julian.reschke@gmx.de>
Message-ID: <6121e33e-46d3-e361-9e4e-ad0158a0a8c5@gmx.de>
Date: Tue, 12 May 2020 22:17:39 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0
MIME-Version: 1.0
In-Reply-To: <11162.1589312096@critter.freebsd.dk>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:yk8nlhW+4pQL62bci+4TuN5TIqeluN0ywC7AN05Hj/IKolP6gka b/GaWyYuiadh9RwHIWD098It68NNdY6Uot9fjSUASH9k6jdxIt6ugeardpD+4N1gaTP0AWs fk9vOZvMxumSJCQtLfxN3U19fHVA91wfnlVdeCiWRDypjaXndDZh/X9CFxhkibc9DyENTjR Y3OJ02nv4wpueJOLTOxhA==
X-UI-Out-Filterresults: notjunk:1;V03:K0:G95e0ycZct0=:FUeKgGmt/A8vaw+zmc9QQt 9a8RzS+CVjPr2rIoi8Fj9jE6rHyo/thm2I1POXf/3tBOG8nDlzmn8i/3Qjd4hlJRBYAgLnxnf TFWuWIERP0w6M61QzfVd/RRuN+6skAUQt6PjVXurRFwm6Q+nw02xWGB3xCbslM0wLRq6trkyx gHfUcOBJvVTp+oZmg81EjIHhwntPA0h4p9TDa6USL3BatWg8J0cGnXVsa9ihIjkTziR3w7HWp Q0Lk+SATKYQhZ8yeil89/4q2agAnvbLe9YeP74pkwf5oArIR3UUl8wDhQLFOEY7Ljl7UAugjb qD0uvZeHq/DqKJYDct7SavlP9MQ50SaaynpwRIdP4dU2/vHpS0igZR0xsoHnpYQWy8VQTmfeA Rudw+hPBgMU4pxl6uUKr+Kpg8i03eNrH2rSLjL0h/Yyj9C4spGlIVD/XUNh2RMgbikokbb/jS ybD61LNiDil9+ViK835qWHlBxB7k9th1iNZqC/7npPC7DdwaKiA8VlTbSNSjMG7dmHHmrpvYR YT9dDHxZPlmYUnmF8r99bAEQ25vrMntzJcjZpiXond9lCdvP5O16jNT/TnsIik0nJozPdmnH0 tDBG96UzfYumP+zUb11JHE7E+Yt2lAVWlJEzn4eL8r0ymqFYUbGorY8WhFmCPxdMYctjLfmSh WsnydtiuBOPYUn7YP4Dtpf9uhr3hggOD10wapM4cj3ChK69DSBE81x8f48SySmF7VHb2Jk3F6 XdJIaMIWvzDVIlNQ46yk1bR68tQlRHSOLs/Wcl/6/r3vVFOxsWc5eHU7fsPj86TN4KJjqluBk TubrVRVEQ3hC6YUbz/l1mOrvUEwK9IjYKQjcZLiPGXOnBpnL9FapemUuGItpGjzv/BN2dqEvb sHC7g9UhZsD3qx8yZ19g0EcNxqyTEcFNhNB3FqdNl3YT9Yd5sQ3KGVTg4Sm0sVa55nF3GeWAv G/q3pZzfxSlUtj/xGcdOtMN3NvU4iUgEmfoeMfa4obp7nD8MdHtNT9rl4Wtr7fy8KQ2kVuwca bM5r49z5+sJUnh8xNYT5ZUskR/BTdEz/cK4y6cCm4usfyKKZE+IZOMAT5HSRVdIfsdMQwMC3O rf4NHsR3X/J/gTlSVxwPLWPueR6N4ZBsLk2zNk563/+nO6tfW5M3qJjROna8oWHgoLt7opBPC wgu6pF7moXd7tyIlxKKGV3jCU7lP8evV1zrqMl3pruB2N3rfYwpRTHsSaZv5fV0O7FK/53rI2 Cjq6oMSBhoKoeFBtF
Received-SPF: pass client-ip=212.227.15.19; envelope-from=julian.reschke@gmx.de; helo=mout.gmx.net
X-W3C-Hub-Spam-Status: No, score=-5.6
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1jYbM3-0002bT-CZ f36f0d0ba0b1fc5541f18b29f49b0fcb
X-Original-To: ietf-http-wg@w3.org
Subject: Re: draft-ietf-httpbis-header-structure: handling multiple field values
Archived-At: <https://www.w3.org/mid/6121e33e-46d3-e361-9e4e-ad0158a0a8c5@gmx.de>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/37610
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 12.05.2020 21:34, Poul-Henning Kamp wrote:
> --------
> In message <4045931b-06b3-9b76-106f-773499b8374b@gmx.de>, Julian Reschke writes:
>
>> Going back to the SH spec: I'm afraid that the spec *disallows* to fail
>> early on garbage - is this *really* the intent?
>
> Ehhh... what ?
>
> 	1.1.  Intentionally Strict Processing
>
> 	   This specification intentionally defines strict parsing and
> 	   serialisation behaviours using step-by-step algorithms; the only
> 	   error handling defined is to fail the operation altogether.
>
> Since the only failure is total failure, why or even how would you go
> about postponing it ?

The issue here is that combining

   Foo: "a

and

   Foo: b"

into

   Foo: "a, b"

*hides* an issue, and no failure will occur. Furthermore, we not only
get no failure, but the resulting string may vary depending on how the
fields were combined.

I get that it's unavoidable that this *can* happen, but does this mean
we should *disallow* failing for that input?

Best regards, Julian

v2.23.0 | Report a Bug | By Email