Re: #467: Expect: 100-continue and "final" status codes

Zhong Yu <zhong.j.yu@gmail.com> Fri, 17 May 2013 17:48 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6A1A11E8122 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 17 May 2013 10:48:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.598
X-Spam-Level:
X-Spam-Status: No, score=-10.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zT90tolDlRZR for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 17 May 2013 10:48:02 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 9995011E812E for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 17 May 2013 10:48:01 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UdOjO-0004nu-KK for ietf-http-wg-dist@listhub.w3.org; Fri, 17 May 2013 17:46:14 +0000
Resent-Date: Fri, 17 May 2013 17:46:14 +0000
Resent-Message-Id: <E1UdOjO-0004nu-KK@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <zhong.j.yu@gmail.com>) id 1UdOj8-0004cA-3T for ietf-http-wg@listhub.w3.org; Fri, 17 May 2013 17:45:58 +0000
Received: from mail-oa0-f45.google.com ([209.85.219.45]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <zhong.j.yu@gmail.com>) id 1UdOj6-0008OQ-FM for ietf-http-wg@w3.org; Fri, 17 May 2013 17:45:57 +0000
Received: by mail-oa0-f45.google.com with SMTP id j6so5396604oag.4 for <ietf-http-wg@w3.org>; Fri, 17 May 2013 10:45:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=OqOOc197EFKCSspwo9U7FidG7aQlRpn2lKDkpPrH72U=; b=JKRVcpISEw674jrauJXkmmWBucMqY65NJBvnLbeH5+MS1REKWeXOVNA/NX6tZTBm28 iVs/AFKTMCNR1yCLCfM3pz210IkmouAK9XjfZr+/3DWLqYOTf2CqzohedpesQC970ghW MYnRZQQEW/Xp0lNL0BfAczQoX6ZJoQCS43Nd6THDddenHJImKAaeUkh8O49ljZcQlpQ+ oXf3SRhQTV881PaDCpK2u0PXNReHVUcGKknkRJN1Q8aCkLUsvJDSKS8G+lWVcas0ADC9 E5ma14UWRYJqfzrK7+IBPiFGUEbeZMJ4ZvBpFUAlxfOVbmODwir4cmWQzPjxQbtGXSdg jezA==
MIME-Version: 1.0
X-Received: by 10.182.44.129 with SMTP id e1mr22275087obm.57.1368812730135; Fri, 17 May 2013 10:45:30 -0700 (PDT)
Received: by 10.76.98.227 with HTTP; Fri, 17 May 2013 10:45:30 -0700 (PDT)
In-Reply-To: <1CD0C86A-CFBF-4DF6-A688-9E4EF549190E@mnot.net>
References: <CACuKZqGmrDiNQvG0SVw=XXcy_n-BBxK-pnp+ar7uAbnwkumRag@mail.gmail.com> <51780FBA.3080706@andrew.cmu.edu> <20130424170638.GD19750@1wt.eu> <1CD0C86A-CFBF-4DF6-A688-9E4EF549190E@mnot.net>
Date: Fri, 17 May 2013 12:45:30 -0500
Message-ID: <CACuKZqGwm+aH+jRSNmKsfdDwe3eCVhmtr=u0rbUFC2+G99T5VQ@mail.gmail.com>
From: Zhong Yu <zhong.j.yu@gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: Willy Tarreau <w@1wt.eu>, Ken Murchison <murch@andrew.cmu.edu>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="001a11c2edf28b3b2804dced8ce8"
Received-SPF: pass client-ip=209.85.219.45; envelope-from=zhong.j.yu@gmail.com; helo=mail-oa0-f45.google.com
X-W3C-Hub-Spam-Status: No, score=-3.5
X-W3C-Hub-Spam-Report: AWL=-2.660, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1UdOj6-0008OQ-FM 945acdf2cc64e6fa25e3929c0ec5c719
X-Original-To: ietf-http-wg@w3.org
Subject: Re: #467: Expect: 100-continue and "final" status codes
Archived-At: <http://www.w3.org/mid/CACuKZqGwm+aH+jRSNmKsfdDwe3eCVhmtr=u0rbUFC2+G99T5VQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18025
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hi Mark, I disagree with the change.

The old text describes the intended use case - the client should wait for a
100 response before sending the request body. The text then explains the
exceptional case - if the server is not known to be 1.1 compliant, the
client should not wait forever.

Your proposed text emphasizes the exceptional case, making the intended
case rather hidden. I personally prefer the old text.

One can argue that both texts have the same implication for
implementations, which must handle both the intended and exceptional cases
anyway.

However there is one difference, which I think is critical. According to
the old text, if a server is 1.1 compliant, and the client *knows* that the
server is 1.1 compliant, client should wait indefinitely for a response
from server; it should not unilaterally decide to send the request body.
According to the proposed text, the client must send the request body after
very a short timeout. This is a new requirement on clients, which is
probably not damaging, but unjustified nevertheless.

Zhong Yu




On Thu, May 16, 2013 at 9:47 PM, Mark Nottingham <mnot@mnot.net> wrote:

> Looking at this again, I think one of the problems is that people
> misunderstand what e/c is for.
>
> The current definition of 100-continue in requests doesn't help:
>
> > 100-continue
> >
> >       • The request includes a payload body and the client will wait for
> a 100 (Continue) response after sending the request header section but
> before sending the payload body. The 100-continue expectation does not use
> any expect-params.
>
>
> <
> https://svn.tools.ietf.org/svn/wg/httpbis/draft-ietf-httpbis/latest/p2-semantics.html#header.expect
> >
>
> "will wait for" is misleading here; the client might send the body before
> getting the 100 response. This should really say something like:
>
> """
> 100-continue
>
> * The request includes a payload body and, after sending the request
> header section, the client will wait before some period of time before
> sending it, to give the server an opportunity to reject the request with a
> final status code. The server can shorten the wait time by sending a 100
> (Continue) response.
> """
>
> It then goes on:
>
> > The primary purpose of the 100 (Continue) status code (Section 6.2.1) is
> to allow a client that is sending a request message with a payload to
> determine if the origin server is willing to accept the request (based on
> the request header fields) before the client sends the payload body. In
> some cases, it might either be inappropriate or highly inefficient for the
> client to send the payload body if the server will reject the message
> without looking at the body.
>
> Again, I think this is misleading. It should say something like:
>
> """
> The 100-continue expectation and 100 (Continue) status code (Section
> 6.2.1) are useful when a request that has a large body might be rejected by
> the server; for example, if the request requires authorization (ref to p7).
> In these situations, clients will often pause between sending the request
> headers and its body, to give the server an opportunity to refuse the
> request.
>
> In cases where the request is successful, this can cause a needless delay,
> as the client waits to time out (a typical period is one second). If the
> client has send the 100-continue expectation, the server can use the 100
> (Continue) status code to indicate that the request is not going to be
> rejected, thereby avoiding the remainder of this delay period.
>
> Note that this mechanism does not change the request message parsing
> algorithm; in particular, whether or not a final response status code is
> sent, the client still needs to send a complete request message. As such,
> if a final status code is received, clients will often choose to close the
> connection, rather than send a complete request (e.g., if it is
> length-delimited).
> """
>
> If we can agree on that, I think it'll help guide the rest of the
> discussion here and in the other E/C related issues:
>   http://trac.tools.ietf.org/wg/httpbis/trac/ticket/458
>   http://trac.tools.ietf.org/wg/httpbis/trac/ticket/468
>
> Am I on track?
>
> Cheers,
>
>
>
> On 25/04/2013, at 3:06 AM, Willy Tarreau <w@1wt.eu> wrote:
>
> > On Wed, Apr 24, 2013 at 01:00:42PM -0400, Ken Murchison wrote:
> >>> 2. If the client receives a final status code instead of 100
> >>> (Continue), it
> >>> should stop sending request body if it is doing so; it must close the
> >>> connection after the response is received.
> >>
> >> I don't understand point #2.  If the client submits a request with
> >> Expect:100-continue, I would assume that the client MUST NOT send any
> >> part of the body until it receives 100 (Continue) from the server.  If
> >> the server rejects the request based on the headers (with 412, 415, 417,
> >> etc) there should be no body data in the pipe for either the client or
> >> server to worry about, correct?
> >
> > In fact the client can decide that it's been waiting too long for 100
> > and decides to send anyway (because some old servers or intermediaries
> > do not know about Expect and will wait).
> >
> > So what is generally done is that the client sends the headers, waits a
> > bit then starts to send data if the server does not respond.
> >
> > Implementation of expect+100 seems to be a real mess at some places,
> > but when it works it prove to be quite useful.
> >
> > Willy
> >
> >
>
> --
> Mark Nottingham   http://www.mnot.net/
>
>
>
>
>