IETF Logo Mail Archive

Re: [hybi] Why HTTP Compliant

Wellington Fernando de Macedo <wfernandom2004@gmail.com> Tue, 01 June 2010 15:15 UTC

Return-Path: <wfernandom2004@gmail.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 494193A6A3B for <hybi@core3.amsl.com>; Tue, 1 Jun 2010 08:15:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.459
X-Spam-Level: *
X-Spam-Status: No, score=1.459 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aseMD4TpJUCc for <hybi@core3.amsl.com>; Tue, 1 Jun 2010 08:15:57 -0700 (PDT)
Received: from mail-gw0-f44.google.com (mail-gw0-f44.google.com [74.125.83.44]) by core3.amsl.com (Postfix) with ESMTP id 3C4A23A68F2 for <hybi@ietf.org>; Tue, 1 Jun 2010 08:15:57 -0700 (PDT)
Received: by gwj19 with SMTP id 19so3783487gwj.31 for <hybi@ietf.org>; Tue, 01 Jun 2010 08:15:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=VYd3BxMDNd5DC+glqTTckuIBbS+BsBvx7HtbBbd8SUg=; b=dfWSL4a8snJoqTv/CDLqbkLllw+GepSYCoeQ4m16X21f3iOdStsTF6W+ZdcDXA+Jex jWeTDqqkSXugKcyoDigDlSN0Hnd2lN5TtkpRPtDP0ndM/UzP+BIBoW9qpl8BiKiJc1ZH bpEP7tcsa3U2TFkM7xAOneUCZpZs6SgmLxGB0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=KrcEc6BhHTvLwOMThNrEhWZJ+QvMvG4bM7GRgN/smCRaN0OkoBOz3jVc0zXRJfcRgL 5VSLoQ3dgVlqbbN9WgJhuURX3o5YHUdReawvZtSy5b30qMN8mwSdSONmVZ35XVC8w3xw hay3AcJx7M9dtj5CT3ffZK3Cw4gA/A1sV1/jA=
Received: by 10.229.229.132 with SMTP id ji4mr999765qcb.167.1275405342190; Tue, 01 Jun 2010 08:15:42 -0700 (PDT)
Received: from [192.168.1.83] ([200.136.228.110]) by mx.google.com with ESMTPS id v37sm1998526qce.18.2010.06.01.08.15.40 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 01 Jun 2010 08:15:41 -0700 (PDT)
Message-ID: <4C052419.5040305@gmail.com>
Date: Tue, 01 Jun 2010 12:15:37 -0300
From: Wellington Fernando de Macedo <wfernandom2004@gmail.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; pt-BR; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4
MIME-Version: 1.0
To: hybi@ietf.org
References: <AANLkTikzNjRse7cK8hl7eX0zWL3xP0xgbGTV8hz8RruH@mail.gmail.com> <op.vdmg9uenidj3kv@simon-pieterss-macbook.local> <AANLkTil1gofHSKy1laRnudnZePhuDnAP53OZrq_b-kR5@mail.gmail.com>
In-Reply-To: <AANLkTil1gofHSKy1laRnudnZePhuDnAP53OZrq_b-kR5@mail.gmail.com>
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Subject: Re: [hybi] Why HTTP Compliant
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Jun 2010 15:15:59 -0000

ws version  string or user-agent header would be really really useful!!!!!!

Perhaps something like this in the handhake should be enough, shouldn't be?

Upgrade: WebSocket/76

---
Wellington Fernando de Macedo
MSN: wfernandom2004@hotmail.com
Engenharia de Computação
Telefone: +55 (16) 8144.8607

Em 01/06/2010 12:04, Greg Wilkins escreveu: 
Simon,

I agree that there are parts of the spec that imply arbitrary headers
are acceptable,
but it also says:

  Fields in the handshake are sent by the client in a random order; the
   order is not meaningful.

   Additional fields are used to select options in the WebSocket
   protocol.  The only options available in this version are the ...

Ian has indicated that this means that the presence of other headers means that
the handshake should fail.

It would be really good if I have misunderstood what he has said about this, but
at least some implementations of chromium do implement a ban on extra headers.
But I can't tell you exactly what versions of the draft they implement (gee a
ws version  string or user-agent header would be really really useful!!!!!!)

cheers



On 1 June 2010 14:04, Simon Pieters <simonp@opera.com> wrote:
  
On Tue, 01 Jun 2010 13:39:23 +0200, Greg Wilkins <gregw@webtide.com> wrote:

    
Ian has frequently said that HTTP Compliance is just a desire for
theoretical
purity.

But lack of HTTP compliance is causing me almost daily head aches with
our websocket work.

We are now supporting websocket in the cometd2 framework, and it is
working with both
-75 and -76 clients.

However, we also sometimes use a cross origin access control filter
that supports normal
long polling to the same cometd server from different origins without
the need for json callbacks
etc.

This filter follows the cross origin specification and sets the
   Access-Control-Allow-Origin
on HTTP responses, which of course breaks the websocket handshake.

So we now have to modify this  filter to have

 if (!websocket)
 {
   ...
 }

Easy enough to do, but the filter comes from a different project and and
in a
stable release.   Luckily it is open source.     So now while the fix is
simple,
i have to break encapsulation of websocket concerns and update another
project (or copy/modify code).

There are just going to be endless issues like this.

The handshake should just ignore arbitrary unknown headers rather
than breaking.

This is NOT a theoretical issue.
      
The client is required to ignore unknown headers in the handshake (at least
in -76, I don't know about -75):

[[
41. ... handle each entry in the fields list as follows:
...
↪Any other name
Ignore it.
]]

--
Simon Pieters
Opera Software

    
_______________________________________________
hybi mailing list
hybi@ietf.org
https://www.ietf.org/mailman/listinfo/hybi" rel="nofollow">https://www.ietf.org/mailman/listinfo/hybi

v2.23.0 | Report a Bug | By Email