IETF Logo Mail Archive

Re: #467: Expect: 100-continue and "final" status codes

Willy Tarreau <w@1wt.eu> Fri, 17 May 2013 05:38 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2878A21F89E2 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 16 May 2013 22:38:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BkZXZLGwyV45 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 16 May 2013 22:38:31 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id EA28521F86AE for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 16 May 2013 22:38:30 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1UdDLj-0006P0-Ke for ietf-http-wg-dist@listhub.w3.org; Fri, 17 May 2013 05:37:03 +0000
Resent-Date: Fri, 17 May 2013 05:37:03 +0000
Resent-Message-Id: <E1UdDLj-0006P0-Ke@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <w@1wt.eu>) id 1UdDLY-0006Nu-KB for ietf-http-wg@listhub.w3.org; Fri, 17 May 2013 05:36:52 +0000
Received: from 1wt.eu ([62.212.114.60]) by maggie.w3.org with esmtp (Exim 4.72) (envelope-from <w@1wt.eu>) id 1UdDLW-0001TT-L7 for ietf-http-wg@w3.org; Fri, 17 May 2013 05:36:52 +0000
Received: (from willy@localhost) by mail.home.local (8.14.4/8.14.4/Submit) id r4H5aN2a028075; Fri, 17 May 2013 07:36:23 +0200
Date: Fri, 17 May 2013 07:36:23 +0200
From: Willy Tarreau <w@1wt.eu>
To: Mark Nottingham <mnot@mnot.net>
Cc: Ken Murchison <murch@andrew.cmu.edu>, ietf-http-wg@w3.org
Message-ID: <20130517053623.GB27960@1wt.eu>
References: <CACuKZqGmrDiNQvG0SVw=XXcy_n-BBxK-pnp+ar7uAbnwkumRag@mail.gmail.com> <51780FBA.3080706@andrew.cmu.edu> <20130424170638.GD19750@1wt.eu> <1CD0C86A-CFBF-4DF6-A688-9E4EF549190E@mnot.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <1CD0C86A-CFBF-4DF6-A688-9E4EF549190E@mnot.net>
User-Agent: Mutt/1.4.2.3i
Received-SPF: pass client-ip=62.212.114.60; envelope-from=w@1wt.eu; helo=1wt.eu
X-W3C-Hub-Spam-Status: No, score=-3.4
X-W3C-Hub-Spam-Report: AWL=-2.745, RP_MATCHES_RCVD=-0.629, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1UdDLW-0001TT-L7 b5353a25248d812844d62428404eec2f
X-Original-To: ietf-http-wg@w3.org
Subject: Re: #467: Expect: 100-continue and "final" status codes
Archived-At: <http://www.w3.org/mid/20130517053623.GB27960@1wt.eu>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/18023
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Hi Mark,

On Fri, May 17, 2013 at 12:47:27PM +1000, Mark Nottingham wrote:
> "will wait for" is misleading here; the client might send the body before
> getting the 100 response.

I think you made a good point here.

> This should really say something like:
> 
> """
> 100-continue
> 
> * The request includes a payload body and, after sending the request header
> section, the client will wait before some period of time before sending it,
> to give the server an opportunity to reject the request with a final status
> code. The server can shorten the wait time by sending a 100 (Continue)
> response.
> """

However, I wouldn't want server implementations to consider that a client
that is waiting too long before sending (or which does not send at all) is
not compliant, because I'm sure it's already used to send non-idempotent
requests over established connections.

Maybe we should try a variation of your text above, approximately like this
(I don't like my wording but it's just for the general idea) :

 * The request includes a payload body and, after sending the request header
 section, the client is willing to give the server an opportunity to reject
 the request with a final status code based on header inspection alone. The
 the client will then wait for the server to respond with an intermediary
 100 (Continue) status code before sending the payload, and may decide to
 send it anyway after a period of time which only depends on the client
 (typically one second).


> It then goes on:
> 
> > The primary purpose of the 100 (Continue) status code (Section 6.2.1) is to allow a client that is sending a request message with a payload to determine if the origin server is willing to accept the request (based on the request header fields) before the client sends the payload body. In some cases, it might either be inappropriate or highly inefficient for the client to send the payload body if the server will reject the message without looking at the body.
> 
> Again, I think this is misleading. It should say something like:
> 
> """
> The 100-continue expectation and 100 (Continue) status code (Section 6.2.1) are useful when a request that has a large body might be rejected by the server; for example, if the request requires authorization (ref to p7). In these situations, clients will often pause between sending the request headers and its body, to give the server an opportunity to refuse the request. 
> 
> In cases where the request is successful, this can cause a needless delay, as the client waits to time out (a typical period is one second). If the client has send the 100-continue expectation, the server can use the 100 (Continue) status code to indicate that the request is not going to be rejected, thereby avoiding the remainder of this delay period.

Here we introduce a problem that will make one think that 100-continue
implies acceptation of the request, which is not true. I'd rather say :

  "... 100 status code to indicate that it needs to receive the full
   request to decide if it will accept it, ..."

> Note that this mechanism does not change the request message parsing algorithm; in particular, whether or not a final response status code is sent, the client still needs to send a complete request message. As such, if a final status code is received, clients will often choose to close the connection, rather than send a complete request (e.g., if it is length-delimited).
> """

This makes me notice something, shouldn't we suggest that 417 should be
accompanied with "connection: close" since there's always a risk that
the client started sending anyway ? Note that this would be a small
"should", not a normative one, which would just be a recommendation
to improve the communication between the two ends.

> If we can agree on that, I think it'll help guide the rest of the discussion here and in the other E/C related issues:
>   http://trac.tools.ietf.org/wg/httpbis/trac/ticket/458
>   http://trac.tools.ietf.org/wg/httpbis/trac/ticket/468
> 
> Am I on track?

Yes I think so :-)

Willy

v2.23.0 | Report a Bug | By Email