IETF Logo Mail Archive

Re: [hybi] Additional HTTP headers on upgrade request?

Ian Hickson <ian@hixie.ch> Wed, 21 July 2010 00:57 UTC

Return-Path: <ian@hixie.ch>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6605D3A67F5 for <hybi@core3.amsl.com>; Tue, 20 Jul 2010 17:57:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.209
X-Spam-Level:
X-Spam-Status: No, score=-2.209 tagged_above=-999 required=5 tests=[AWL=0.390, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id udpoXivJHGeB for <hybi@core3.amsl.com>; Tue, 20 Jul 2010 17:57:04 -0700 (PDT)
Received: from looneymail-a2.g.dreamhost.com (caibbdcaaaaf.dreamhost.com [208.113.200.5]) by core3.amsl.com (Postfix) with ESMTP id 36BC53A6800 for <hybi@ietf.org>; Tue, 20 Jul 2010 17:57:04 -0700 (PDT)
Received: from ps20323.dreamhostps.com (ps20323.dreamhost.com [69.163.222.251]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by looneymail-a2.g.dreamhost.com (Postfix) with ESMTP id 4BF4116D3E0; Tue, 20 Jul 2010 17:57:20 -0700 (PDT)
Date: Wed, 21 Jul 2010 00:57:19 +0000
From: Ian Hickson <ian@hixie.ch>
To: Doug Simpkinson <douglips@gmail.com>, Greg Wilkins <gregw@webtide.com>, Maciej Stachowiak <mjs@apple.com>
In-Reply-To: <B8058102-9589-4663-976D-217B939667DD@apple.com>
Message-ID: <Pine.LNX.4.64.1007210038520.7242@ps20323.dreamhostps.com>
References: <n2s188fcbce1005071111kd19e6f41m861eaeb593d88475@mail.gmail.com> <4BE5994E.4010701@webtide.com> <u2n188fcbce1005092125veaf94306u249a225bdd3925ca@mail.gmail.com> <B8058102-9589-4663-976D-217B939667DD@apple.com>
Content-Language: en-GB-hixie
Content-Style-Type: text/css
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Cc: hybi@ietf.org
Subject: Re: [hybi] Additional HTTP headers on upgrade request?
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jul 2010 00:57:05 -0000

On Fri, 7 May 2010, Doug Simpkinson wrote:
>
> In draft 76, the upgrade request is said to include cookies that may be 
> relevant, but no mention of other HTTP headers is made.
> 
> What about other relevant HTTP headers such as User-Agent and 
> Accept-Language?  Shouldn't these also be sent?

What's the use case?

If there are clear and important use cases that are best handled by adding 
new fields to the handshake, then we should add them.


> My concern is that if these headers are not explicitly mentioned in the 
> draft spec that they won't be sent by all implementations, and that will 
> make life more difficult for webmasters.

I've clarified the spec to make it clearer that these headers are not 
included.


On Sat, 8 May 2010, Greg Wilkins wrote:
> 
> the 76 pre draft actually exclude header other than those mentioned with 
> phrase:
> 
>   The only options available in this version are the ...
> 
> While I don't think this text is very clear, I did ask the editor if it 
> was meant to exclude headers not mentioned and he indicated that this 
> was the case.

The text above is non-normative, but the requirements are pretty explicit 
and do indeed not include any provision for including other fields.


On Sun, 9 May 2010, Doug Simpkinson wrote:
>
> Do you know what's the reasoning behind omitting any HTTP headers?
> What advantage is there to not sending User-Agent and Accept-Language?

That's the wrong question -- the question is, what's the advantage to 
sending them? The more we omit, the simpler the protocol is. The default 
should be to omit.

In the case of User-Agent, for instance, one could put forward analytics 
as a use case. However, for that use case it seems best for the 
application-layer protocol to opt into sending the information. That way 
the author is in complete control as to what is logged.


> It is quite common for different browsers to have different behavior, so 
> omitting User-Agent removes some flexibility in dealing with browser 
> quirks.

Having the spec be trivial to implement makes it less likely that there 
will be differences, making this moot.

In practice, browser sniffing has been as much of a problem as a help -- 
people sniff for a browser, then rely on that browser's behaviour, and 
when the browser vendor tries to fix the underlying problems, or tries to 
converge with other browsers, they find they cannot because pages send 
them different content than other browsers. This is why, for instance, 
every successful browser in the world claims to be "Mozilla".


On Mon, 10 May 2010, Maciej Stachowiak wrote:
> 
> Likewise for Accept-Language. I would be tempted say that language 
> selection could just be handled as part of subprotocol negotiation, but 
> at least currently JS in the browser does not have easy access to the 
> user's set of preferred languages.

Nor does the user, in many cases...

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

v2.23.0 | Report a Bug | By Email