Re: [Http-use] 401 response from server on Expect 100 continue and re-using the connection

Patrick McManus <mcmanus@ducksong.com> Mon, 14 October 2019 16:34 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10CA3120860 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 14 Oct 2019 09:34:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.749
X-Spam-Level:
X-Spam-Status: No, score=-2.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ducksong.com header.b=BWc1gdXW; dkim=pass (2048-bit key) header.d=outbound.mailhop.org header.b=DwRERInM
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Db7SAEj6c6At for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 14 Oct 2019 09:34:11 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [IPv6:2603:400a:ffff:804:801e:34:0:38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 69F8E120828 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 14 Oct 2019 09:34:11 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1iK3GV-0001oC-By for ietf-http-wg-dist@listhub.w3.org; Mon, 14 Oct 2019 16:32:11 +0000
Resent-Date: Mon, 14 Oct 2019 16:32:11 +0000
Resent-Message-Id: <E1iK3GV-0001oC-By@frink.w3.org>
Received: from titan.w3.org ([2603:400a:ffff:804:801e:34:0:4c]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <mcmanus@ducksong.com>) id 1iK3GT-0001nR-Gp for ietf-http-wg@listhub.w3.org; Mon, 14 Oct 2019 16:32:09 +0000
Received: from outbound2r.ore.mailhop.org ([54.200.129.228]) by titan.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mcmanus@ducksong.com>) id 1iK3GR-0001Y1-Qp for ietf-http-wg@w3.org; Mon, 14 Oct 2019 16:32:09 +0000
ARC-Seal: i=1; a=rsa-sha256; t=1571070726; cv=none; d=outbound.mailhop.org; s=arc-outbound20181012; b=E0Z94mLB4Pjh8jq9PvJ1j/INfGYLIzVaXQhqBSC6cUD/zF/LLzuTu1/JhB3Pu6vnfDsKEmw/JC3+N YN5eR312UW8YaBD+Of3ZLhOrVYcc9Ut6azDEwtS82ocz3rXUIqMvtZRnkxLcr+PydoE5W1yYqw9x70 HZKCtU/PA+Vh2miUdbKl6m5ACD6sy1fC8CHaA3PVe5M4jFFyzoXwuWeOOkUBPEffSz9ZEh65Kcpll9 oAC6oov+Jpx9T0ZhimI6gF8v0B/L+Hp6/dgO1tXXkYy+HhlHApuh6QP6aq7E/Yc1kcQQCrz+fFXzYv 4RHH8fJyCHAh7NzRZe0IFxRovgiUU0A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=arc-outbound20181012; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:dkim-signature:dkim-signature:from; bh=SRn/x7mUho/V9Ii+n1GmjItO4EpEfEFOFR5mBQld20w=; b=DjonRyM+93H7SbJgvcMi273fdMqG7e0DygBaoLub/yfw8qFsDXsvtBk5R5+wHRALVu63emm341JLi crx/+Mle5wFZeISHiDet0KuBLP8/RTY9g2Kq+R28dXNt5iMPQH6du291/EPjXUfSZBnmyq8YuxC2w+ wPoDkkeJsWkHN5+b7RU2pG9B4/NMQntF8k+nWOKY/m0ojF/RbCh9LOBvAna0XMmh2UFdLQ/qZy/LiG q5sFcXr3nlNL66m/pF0KR+nnRWz7gS4HyNN6gd/gjP5LmXAvdXFHt4OK5Lp73KOtlkBMG81SisTUhB MLKKIWlfSk9WoBZflKJPGRzbdcG9p7A==
ARC-Authentication-Results: i=1; outbound4.ore.mailhop.org; spf=pass smtp.mailfrom=ducksong.com smtp.remote-ip=209.85.210.45; dmarc=none header.from=ducksong.com; arc=none header.oldest-pass=0;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ducksong.com; s=duo-1537391512170-ea99bbb3; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:from; bh=SRn/x7mUho/V9Ii+n1GmjItO4EpEfEFOFR5mBQld20w=; b=BWc1gdXWCv0nAml7g3CG3BbKHxBXVsuATl/Vm0p3GaRxdWeLeXhn3O9Hm0+NgohIxxqB5Ej0jk3tm oLgyrwUtcTf/7FUVeht+jL5Qnc56VPRo3WrVK5riLtFYAHpSXMiKZGDEgPT7NFjexgmpC4GQbNjT7Q YsguRnF6IG7Nr/hQ=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=dkim-high; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:from; bh=SRn/x7mUho/V9Ii+n1GmjItO4EpEfEFOFR5mBQld20w=; b=DwRERInMmYo60IhvvXR8lnT9wrFUwHApXVSfS4dl04xzywIOseSVisaVIePsWOQjG3PMPjDCYMND1 41pOLuSNknda8TNTHS8vwKSsh+MI9aPI7ZkQQC5kwLiskMRGqa08O2TEBS408j7kxxmvG1dDyNvc5o YHIaBGV0iy/rXxJ6urRiGKQ/qJ6M9KAfAmvQ97WdvyjwtjmdmYX40b2Ly3KzyjOkU/aCZbt++szQBd CplbbtMBFMntzJA3x+HjNuB/EBpfs9NeVid83xcQaCYfhYri1n/2kNEe7Ixqruy8vlPwqMPrY3GtGI z4H4g8QaPgExhMNnqbjziCBMj6NUWuw==
X-MHO-RoutePath: bWNtYW51cw==
X-MHO-User: 283d7ac8-eea0-11e9-85ed-13b9aae3a1d2
X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information
X-Originating-IP: 209.85.210.45
X-Mail-Handler: DuoCircle Outbound SMTP
Received: from mail-ot1-f45.google.com (unknown [209.85.210.45]) by outbound4.ore.mailhop.org (Halon) with ESMTPSA id 283d7ac8-eea0-11e9-85ed-13b9aae3a1d2; Mon, 14 Oct 2019 16:32:05 +0000 (UTC)
Received: by mail-ot1-f45.google.com with SMTP id 89so14294509oth.13 for <ietf-http-wg@w3.org>; Mon, 14 Oct 2019 09:32:05 -0700 (PDT)
X-Gm-Message-State: APjAAAVNbm4ex2BsNc9TmePx34XXxD5maAXWGq+RlZH83mt43vYFJ8qI uMvtGHNB3kBI7Gh/KbbDBM42E+cHJzORnj9oHgg=
X-Google-Smtp-Source: APXvYqzX3BdU+HdM8Wn6Oc+noR/tbFm1sLRQe+ERY0YYxIITfbS+C/6ZcRe+ggQkYsnwhJdlU1cWxnaVMECG90FCMHg=
X-Received: by 2002:a05:6830:1e59:: with SMTP id e25mr22861544otj.340.1571070724722; Mon, 14 Oct 2019 09:32:04 -0700 (PDT)
MIME-Version: 1.0
References: <CAOeYYRf5w-QT9qALtwnmXTcqSLybbGvO9N6G0AEzkk=tYkzMYQ@mail.gmail.com> <C1810364-E6F8-488E-9E46-58B16393F5D6@gbiv.com>
In-Reply-To: <C1810364-E6F8-488E-9E46-58B16393F5D6@gbiv.com>
From: Patrick McManus <mcmanus@ducksong.com>
Date: Mon, 14 Oct 2019 09:31:53 -0700
X-Gmail-Original-Message-ID: <CAOdDvNohqmZbfSzLCx55Ajq8vXw4zn_Z7uGAWcjWbgRABRA+CA@mail.gmail.com>
Message-ID: <CAOdDvNohqmZbfSzLCx55Ajq8vXw4zn_Z7uGAWcjWbgRABRA+CA@mail.gmail.com>
To: "Roy T. Fielding" <fielding@gbiv.com>
Cc: Ashok Kumar <ashokkumarj@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="00000000000076d5460594e1684a"
Received-SPF: permerror client-ip=54.200.129.228; envelope-from=mcmanus@ducksong.com; helo=outbound2r.ore.mailhop.org
X-W3C-Hub-Spam-Status: No, score=-8.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1iK3GR-0001Y1-Qp de2b578b9094e8f15f14166ae86f8d8d
X-Original-To: ietf-http-wg@w3.org
Subject: Re: [Http-use] 401 response from server on Expect 100 continue and re-using the connection
Archived-At: <https://www.w3.org/mid/CAOdDvNohqmZbfSzLCx55Ajq8vXw4zn_Z7uGAWcjWbgRABRA+CA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/37053
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Mon, Oct 14, 2019 at 9:09 AM Roy T. Fielding <fielding@gbiv.com>; wrote:

>
> I see some clients which are behaving differently i.e. sending the next request on receiving a 401 and I'm unable to ascertain If this is correct.
>
>
> That would depend on the method and body length, but for practical purposes
> an HTTP/1.1 client will only send "Expect: 100-continue" if they intend to
> close
> the connection upon error instead of sending a body.
>
>
 I agree that's practical advice.. but due to race conditions I could see
the client having actually sent the whole body before processing the error
and there might not be a lot to be gained by throwing away the connection
in that case.. or perhaps more more obtrusely, the client might be able to
truncate the request body if it is chunking.. so the server should be
prepared for the possibility of reuse (unless it marks the connection
closed itself).