IETF Logo Mail Archive

Re: HTTP/2.0 Magic

Martin Thomson <martin.thomson@gmail.com> Tue, 19 February 2013 20:05 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A418021F8692 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 19 Feb 2013 12:05:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.067
X-Spam-Level:
X-Spam-Status: No, score=-8.067 tagged_above=-999 required=5 tests=[AWL=2.532, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y4pNNJOtfTD0 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 19 Feb 2013 12:05:07 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id DF18221F8689 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 19 Feb 2013 12:05:06 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1U7tPA-0007O9-U3 for ietf-http-wg-dist@listhub.w3.org; Tue, 19 Feb 2013 20:03:08 +0000
Resent-Date: Tue, 19 Feb 2013 20:03:08 +0000
Resent-Message-Id: <E1U7tPA-0007O9-U3@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1U7tOy-0007N8-0R for ietf-http-wg@listhub.w3.org; Tue, 19 Feb 2013 20:02:56 +0000
Received: from mail-wi0-f173.google.com ([209.85.212.173]) by lisa.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <martin.thomson@gmail.com>) id 1U7tOg-0004Qd-78 for ietf-http-wg@w3.org; Tue, 19 Feb 2013 20:02:55 +0000
Received: by mail-wi0-f173.google.com with SMTP id hq4so5307903wib.12 for <ietf-http-wg@w3.org>; Tue, 19 Feb 2013 12:02:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=tWnOCv/wB39FD6y1/jGoFFCGtCpfFVEOD1bGKAbB3Xc=; b=HaavLltCGEO9UFwQOsuOrBOOHyGfQtfJeJ7PcQk72ULYVZflsMvU3wPFkLmHRnx+y+ t8hg8hL6jvM76Tzd4DPql45PGU/EdZwQ/QGMtV5M2vgBrHVjhJeGEhGIrQxO1loAihIb AamM1WOu1Siz6Yw1gnOvZIW4nEJISJFKlZsdtNIEFuuqr0t6LD5QKCqMDLx9naKgdjmB WnEitW3mLw6ioIukr3jSJYsBEmDX5Eai+5GWEDDpLe+7k5vj8R65qXupbjaT2xyUQ1FH S0qrWF2Wmg1j5HtOkD+/VmntCe67xn/Jlp6JYMCTLfadr3QebTCIDAsum/wTPadWpUZV 1Wsw==
MIME-Version: 1.0
X-Received: by 10.194.88.202 with SMTP id bi10mr29197616wjb.5.1361304131815; Tue, 19 Feb 2013 12:02:11 -0800 (PST)
Received: by 10.194.5.135 with HTTP; Tue, 19 Feb 2013 12:02:11 -0800 (PST)
In-Reply-To: <20130219065756.GB26186@1wt.eu>
References: <CABkgnnV1AqvPk3513rReH-rktYuxf9zDTHpQT9agfZgKrqF_aw@mail.gmail.com> <8F582448-A298-4BC0-A843-ACA4354AB109@gbiv.com> <641194C3-9EF5-4B67-BFB6-6605983ED6A0@mnot.net> <20130219062100.GA26186@1wt.eu> <5C517A54-2C3D-40C3-8C87-C1A362F6CC70@mnot.net> <20130219065756.GB26186@1wt.eu>
Date: Tue, 19 Feb 2013 12:02:11 -0800
Message-ID: <CABkgnnXTNFpEdHk1O446t+7b+x7Nuo-xHHM_zFtBAQvANxZxzA@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Willy Tarreau <w@1wt.eu>
Cc: Mark Nottingham <mnot@mnot.net>, "Roy T. Fielding" <fielding@gbiv.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=209.85.212.173; envelope-from=martin.thomson@gmail.com; helo=mail-wi0-f173.google.com
X-W3C-Hub-Spam-Status: No, score=-4.5
X-W3C-Hub-Spam-Report: AWL=-1.751, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: lisa.w3.org 1U7tOg-0004Qd-78 1bc1e16fdd122d738fb5599522c9d02d
X-Original-To: ietf-http-wg@w3.org
Subject: Re: HTTP/2.0 Magic
Archived-At: <http://www.w3.org/mid/CABkgnnXTNFpEdHk1O446t+7b+x7Nuo-xHHM_zFtBAQvANxZxzA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/16685
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

We almost certainly don't need to indicate the protocol version in this magic.

On 18 February 2013 22:57, Willy Tarreau <w@1wt.eu> wrote:
> I'm only seeing two valid reasons for prepending something :
>   1) if the frame encoding is compact enough to use all bits and make
>      an HTTP/1 response look like a possibly valid frame which the
>      client must parse, we'd prefer to avoid this useless work ;
>   2) if the frame can be tailored to look like an HTTP/1 response,
>      we'd prefer to avoid the possibility that this is triggered from
>      the client.

I think that an 8 byte frame header is small enough that it is
conceivable that it would be ignored, leading to the possibility that
the frame *body* could be made to look like an HTTP/1.x something.

> So maybe something looking like an HTTP/1 error may be useful then
> (eg: "HTTP/1.0 505 V2ONLY CRLF CRLF").

What we have suggest to me that it be *like* an HTTP/1.x response, but
be clearly NOT valid.  Making the response a valid HTTP/1.1 header is
only more likely to be passed as valid.  The goal is to die horribly
in as many clients and intermediaries as possible.

So, in the interest of concreteness, and in the spirit of Roy's suggestions:
  client-magic = %x73.6c.6f.77 CRLF CRLF
  server-magic = %x53.50.44.59 CRLF CRLF

Making sure to enforce case-sensitivity.  Then require either peer to
sever the connection if it sees anything else.

Note that this is followed immediately by a settings frame, which is
at least another 8 bytes.

v2.23.0 | Report a Bug | By Email