IETF Logo Mail Archive

Re: [hybi] #1: HTTP Compliance

John Tamplin <jat@google.com> Wed, 21 July 2010 14:15 UTC

Return-Path: <jat@google.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 291A73A67D1 for <hybi@core3.amsl.com>; Wed, 21 Jul 2010 07:15:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.976
X-Spam-Level:
X-Spam-Status: No, score=-105.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0FRmGNKsc4tx for <hybi@core3.amsl.com>; Wed, 21 Jul 2010 07:15:48 -0700 (PDT)
Received: from smtp-out.google.com (smtp-out.google.com [216.239.44.51]) by core3.amsl.com (Postfix) with ESMTP id CDC863A680E for <hybi@ietf.org>; Wed, 21 Jul 2010 07:15:47 -0700 (PDT)
Received: from wpaz1.hot.corp.google.com (wpaz1.hot.corp.google.com [172.24.198.65]) by smtp-out.google.com with ESMTP id o6LEG3RF001875 for <hybi@ietf.org>; Wed, 21 Jul 2010 07:16:03 -0700
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1279721763; bh=oZGSoYBKvPUy49MfpTh056489zI=; h=MIME-Version:In-Reply-To:References:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=Ys4uvCrh6zcfoqwwdKi6k3wQbEEAblZurGyei/NB/UYEITEWOiMRapzyiRgHyqAje y9lRVPbWZVaNSp3TsuiXQ==
DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=mime-version:in-reply-to:references:from:date:message-id: subject:to:cc:content-type:x-system-of-record; b=Ifv+EcC2H2dbF3aItJA492EBuIC/GC+JvhW/hm0PX3E4P6V5JsCkzFX3kNxN+bAuo 0IQC+6FayDxYLnpMbphiw==
Received: from gxk7 (gxk7.prod.google.com [10.202.11.7]) by wpaz1.hot.corp.google.com with ESMTP id o6LEG2KP023656 for <hybi@ietf.org>; Wed, 21 Jul 2010 07:16:02 -0700
Received: by gxk7 with SMTP id 7so5676387gxk.35 for <hybi@ietf.org>; Wed, 21 Jul 2010 07:16:02 -0700 (PDT)
Received: by 10.150.173.35 with SMTP id v35mr1939532ybe.364.1279721762314; Wed, 21 Jul 2010 07:16:02 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.151.60.3 with HTTP; Wed, 21 Jul 2010 07:15:42 -0700 (PDT)
In-Reply-To: <A42E692A-7210-4FF1-AB4F-CFB3E8C38756@apple.com>
References: <068.d07026741c6694cd80652d2a7d34f236@tools.ietf.org> <4BF106AD.6020506@webtide.com> <A42E692A-7210-4FF1-AB4F-CFB3E8C38756@apple.com>
From: John Tamplin <jat@google.com>
Date: Wed, 21 Jul 2010 10:15:42 -0400
Message-ID: <AANLkTinorjXFsTH=TvhhF-+e3Eyen8EA2qL7wFCmqpYe@mail.gmail.com>
To: Maciej Stachowiak <mjs@apple.com>
Content-Type: multipart/alternative; boundary="000e0cd571c40dda9e048be67163"
X-System-Of-Record: true
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] #1: HTTP Compliance
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jul 2010 14:15:49 -0000

On Mon, May 17, 2010 at 5:29 AM, Maciej Stachowiak <mjs@apple.com> wrote:

> Ian has claimed that the extra bytes after the request help WebSocket fail
> early in the face of unaware proxies, though we do not yet have data showing
> this to be the case. We do know that without this, often the handshake will
> appear to succeed but transmitting messages will fail, for the network
> setups of many users.
>
> I don't think anyone has indicated a practical problem caused by the extra
> bytes.
>

I believe we have already had a real-world practical case where they did
cause a problem:

   - client sends WebSocket request that goes through a proxy, random bytes
   are not advertised in the Content-length
   - proxy doesn't know WebSocket, passes along connection to real server
   which does implement WebSocket
   - server waits reading random bytes which were not forwarded
   - server drops the connection after a timeout

Thus the random bytes did succeed in preventing a WebSocket connection
across a non-WS compliant proxy, but:

   1. the proxy was actually capable of forwarding the connection if the
   server had completed the request
   2. we had to wait for a timeout, so this was not a fast-fail situation
   3. the same thing could have been more easily accomplished by having a WS
   control frame exchanged at startup with similar results without
   non-compliant random bytes on the wire

-- 
John A. Tamplin
Software Engineer (GWT), Google

v2.23.0 | Report a Bug | By Email