Re: 103 (Early Hints) vs. response headers
Kazuho Oku <kazuhooku@gmail.com> Thu, 16 March 2017 13:59 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A40061294E2 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 16 Mar 2017 06:59:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.002
X-Spam-Level:
X-Spam-Status: No, score=-7.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5VApu8De0HQJ for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 16 Mar 2017 06:59:02 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD45F1294CC for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 16 Mar 2017 06:59:02 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1coVt1-0007cS-FL for ietf-http-wg-dist@listhub.w3.org; Thu, 16 Mar 2017 13:56:15 +0000
Resent-Date: Thu, 16 Mar 2017 13:56:15 +0000
Resent-Message-Id: <E1coVt1-0007cS-FL@frink.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <kazuhooku@gmail.com>) id 1coVst-0007Zj-II for ietf-http-wg@listhub.w3.org; Thu, 16 Mar 2017 13:56:07 +0000
Received: from mail-pg0-f45.google.com ([74.125.83.45]) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <kazuhooku@gmail.com>) id 1coVsl-0001Or-42 for ietf-http-wg@w3.org; Thu, 16 Mar 2017 13:56:02 +0000
Received: by mail-pg0-f45.google.com with SMTP id g2so25537841pge.3 for <ietf-http-wg@w3.org>; Thu, 16 Mar 2017 06:55:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=kHE2g37eTx62i4QLJ9bYUvc3ReMoQTg4symR7RdpySk=; b=oeMyB2z2wgK/q1w6z/MbBHBplcqGQLU8BuMCOsFCrs1QRw7avbYofbVymzU17p5jmo m094Vv3+TwSZk4ynVdOpgkoMd7+EY6vmaoFJMagLnv6Y8PBnwfXmGoBnv3TIgC1G14Li AL+aTDnEnznUCyecKNJjKnSXC+IjveN4DMDYifmUU3NHkbz0xNS6MT/Yul5LiYWU28SB 7NhtIDKOWv5NGqMEjf74zyKKuCuT0865zImhw+0F9LPUQ/E9qi8lvfaiIwK7V8+iumIy nxotsozTl16i3Yq6e+VIEAmzCYg5UG3dRp/vcI3yaBJhrH0aQPPxWgKTZdvOikjosjiL gJYA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=kHE2g37eTx62i4QLJ9bYUvc3ReMoQTg4symR7RdpySk=; b=HkOLVaL0kDmsv9fZKawhRahuSz23CiUDsY8aY7yD++naVvej33Is1hXp8woQmIfMzr WTJaxfyNwJbXMF8rq0DCzOmQkA8IZuBHW77/stxuMbwL3XIGpH2MxIDtOHbsJcCSEBTA +IZKb8W5g61Y4FnoFv4eEz1Vqd+9Yvjexh+tImjneps3kwf9jQgixtZylgwpEdlAKd62 g99BH3r8HbO1YOLV1w1FohqI9JjQtjZkwA935G08VuzF4xoO1ndQQtRoScCSmx6haFcA 4UcuoZkIQFPBF8/L3C2Gi8gi34pSt8a4AZdw72OqRcz2BPlyIx+R5U3Gcxuz6PsvzKO/ clYQ==
X-Gm-Message-State: AFeK/H0KYPZSMHKL99m7rXmFsQ06NfMpvBjHUyLvb6HQUftMrGMh0So+V8Sj7TvHMWUQMO2I6BSE6/0rC+NbBQ==
X-Received: by 10.99.122.22 with SMTP id v22mr2952717pgc.226.1489672531738; Thu, 16 Mar 2017 06:55:31 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.149.13 with HTTP; Thu, 16 Mar 2017 06:55:31 -0700 (PDT)
In-Reply-To: <20170315062242.GB13814@1wt.eu>
References: <CALHHdhwQBfBN0Xz-4kxRJrJekiCLnro1i-MVw954wTRyOWAtvw@mail.gmail.com> <E10BB6E0-3BD8-44EC-AE18-076D38077371@mnot.net> <CANatvzxS7Z9U5Jr2N_EeyY5NUrZ-weuGsetuUQdLWGGOQKVLNw@mail.gmail.com> <20170315062242.GB13814@1wt.eu>
From: Kazuho Oku <kazuhooku@gmail.com>
Date: Thu, 16 Mar 2017 22:55:31 +0900
Message-ID: <CANatvzyeYxHFDDh-Hms6V0gJ+MkgW6v78uLj9bieR_nAaOfPHw@mail.gmail.com>
To: Willy Tarreau <w@1wt.eu>
Cc: Mark Nottingham <mnot@mnot.net>, Vasiliy Faronov <vfaronov@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=74.125.83.45; envelope-from=kazuhooku@gmail.com; helo=mail-pg0-f45.google.com
X-W3C-Hub-Spam-Status: No, score=-4.5
X-W3C-Hub-Spam-Report: AWL=-0.450, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1coVsl-0001Or-42 855345084055bc5410fc3396f360a74f
X-Original-To: ietf-http-wg@w3.org
Subject: Re: 103 (Early Hints) vs. response headers
Archived-At: <http://www.w3.org/mid/CANatvzyeYxHFDDh-Hms6V0gJ+MkgW6v78uLj9bieR_nAaOfPHw@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/33740
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi Willy, Thank you for your response. My responses in-line. 2017-03-15 15:22 GMT+09:00 Willy Tarreau <w@1wt.eu>: > On Wed, Mar 15, 2017 at 12:02:53PM +0900, Kazuho Oku wrote: >> 2017-02-24 9:12 GMT+09:00 Mark Nottingham <mnot@mnot.net>: >> > My .02 - >> > >> >> On 24 Feb 2017, at 2:27 am, Vasiliy Faronov <vfaronov@gmail.com> wrote: >> >> >> >> HTTP/1.1 103 Early Hints >> >> Link: </another-resource>; rel=preload >> >> Warning: 299 - "something is not quite right" >> >> >> >> HTTP/1.1 200 OK >> >> Date: Thu, 23 Feb 2017 16:49:43 GMT >> >> Content-Type: text/html >> >> Link: </another-resource>; rel=preload >> >> Connection: close >> >> >> >> ...text goes here... >> >> >> >> Should it log/display the warning (as applied to the 103 response), or >> >> discard it (as missing from the 200 response)? >> >> >> >> Should the spec for 103 be more explicit about this? >> > >> > My reading is that "officially", the Warning is not in the response; the server thought something was wrong early in the process, but then realised it was fine. >> > >> > So, it MAY log/display the warning, but if it doesn't, it's still conformant. >> > >> > Some more examples might help. >> >> RFC 6265 states that a user agent "MAY ignore Set-Cookie headers >> contained in responses with 100-level status codes". > > Yes but it's mostly as a warning for server side to know that any cookie > sent there may be ignored (since 1xx may be appear multiple times and be > silently skipped). Agreed. >> So to me it seems that if we state in Early Hints that the headers of >> a 103 response is ones that are applied (speculatively) to the final >> response but not the informational response itself, then we'd be >> overriding RFC 6265. > > I'm not seeing it this way. In fact you may decide to put some headers > there for this exact reason : while 1xx MAY be ignored, those implementing > 103 MAY/WILL consider them. And you're sending 103 hoping that someone > will make good use of it, not as a guarantee, so I don't think it > contradicts 6265. While I would not say that RFC 6265 and Early Hints would contradict, I still think that the requirement of how a Set-Cookie header _can_ be handled is narrowed by Early Hints. Consider the response below. HTTP/1.1 103 Early Hints Set-Cookie: a=b HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Content-Length: 12 Hello world RFC 6265 allows the client to store cookie `a` by stating that a client MAY accept a Set-Cookie header within any 100-level response. If we are to state in Early Hints that the headers of a 103 response are to be applied (speculatively) to the final response but not to the informational response itself, we would effectively be forbidding such behavior for clients that implements 103. In other words, a client that _do_ recognize a Set-Cookie header in 100-level responses (it is a MAY in RFC 7230 section 6.2) would need to special-case the handling of 103. From server-side perspective, it would continue to be unable to expect whether if the client would accept or ignore the set-cookie header in a 103 response since there is no negotiation for Early Hints. To me this seems like a variation of what was pointed out by Vasiliy (by using the Warnings header). > Cheers, > Willy -- Kazuho Oku
- 103 (Early Hints) vs. response headers Vasiliy Faronov
- Re: 103 (Early Hints) vs. response headers Mark Nottingham
- Re: 103 (Early Hints) vs. response headers Kazuho Oku
- Re: 103 (Early Hints) vs. response headers Vasiliy Faronov
- Re: 103 (Early Hints) vs. response headers Kazuho Oku
- Re: 103 (Early Hints) vs. response headers Kazuho Oku
- Re: 103 (Early Hints) vs. response headers Willy Tarreau
- Re: 103 (Early Hints) vs. response headers Kazuho Oku
- Re: 103 (Early Hints) vs. response headers Willy Tarreau
- Re: 103 (Early Hints) vs. response headers Kazuho Oku
- Re: 103 (Early Hints) vs. response headers Stefan Eissing
- Re: 103 (Early Hints) vs. response headers Mark Nottingham
- Re: 103 (Early Hints) vs. response headers Kazuho Oku
- Re: 103 (Early Hints) vs. response headers Kazuho Oku
- Re: 103 (Early Hints) vs. response headers Stefan Eissing