Ignore:
Timestamp:
Mar 9, 2012, 12:46:33 AM (8 years ago)
Author:
fielding@…
Message:

#250 message-body in CONNECT response

Change message body parsing of successful CONNECT responses such that
the tunnel begins immediately after the header block, as implemented in
practice, and any Content-Length or Transfer-Encoding is ignored.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • draft-ietf-httpbis/latest/p2-semantics.html

    r1567 r1570  
    460460  }
    461461  @bottom-center {
    462        content: "Expires September 9, 2012";
     462       content: "Expires September 10, 2012";
    463463  }
    464464  @bottom-right {
     
    513513      <meta name="dct.creator" content="Reschke, J. F.">
    514514      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p2-semantics-latest">
    515       <meta name="dct.issued" scheme="ISO8601" content="2012-03-08">
     515      <meta name="dct.issued" scheme="ISO8601" content="2012-03-09">
    516516      <meta name="dct.replaces" content="urn:ietf:rfc:2616">
    517517      <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypertext information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 2 of the seven-part specification that defines the protocol referred to as &#34;HTTP/1.1&#34; and, taken together, obsoletes RFC 2616. Part 2 defines the semantics of HTTP messages as expressed by request methods, request header fields, response status codes, and response header fields.">
     
    544544            </tr>
    545545            <tr>
    546                <td class="left">Expires: September 9, 2012</td>
     546               <td class="left">Expires: September 10, 2012</td>
    547547               <td class="right">HP</td>
    548548            </tr>
     
    597597            <tr>
    598598               <td class="left"></td>
    599                <td class="right">March 8, 2012</td>
     599               <td class="right">March 9, 2012</td>
    600600            </tr>
    601601         </tbody>
     
    627627         in progress”.
    628628      </p>
    629       <p>This Internet-Draft will expire on September 9, 2012.</p>
     629      <p>This Internet-Draft will expire on September 10, 2012.</p>
    630630      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1>
    631631      <p>Copyright © 2012 IETF Trust and the persons identified as the document authors. All rights reserved.</p>
     
    693693               <li>6.7&nbsp;&nbsp;&nbsp;<a href="#DELETE">DELETE</a></li>
    694694               <li>6.8&nbsp;&nbsp;&nbsp;<a href="#TRACE">TRACE</a></li>
    695                <li>6.9&nbsp;&nbsp;&nbsp;<a href="#CONNECT">CONNECT</a><ul>
    696                      <li>6.9.1&nbsp;&nbsp;&nbsp;<a href="#rfc.section.6.9.1">Establishing a Tunnel with CONNECT</a></li>
    697                   </ul>
    698                </li>
     695               <li>6.9&nbsp;&nbsp;&nbsp;<a href="#CONNECT">CONNECT</a></li>
    699696            </ul>
    700697         </li>
     
    16741671      <div id="rfc.iref.m.8"></div>
    16751672      <h2 id="rfc.section.6.9"><a href="#rfc.section.6.9">6.9</a>&nbsp;<a id="CONNECT" href="#CONNECT">CONNECT</a></h2>
    1676       <p id="rfc.section.6.9.p.1">The CONNECT method requests that the proxy establish a tunnel to the request-target and then restrict its behavior to blind
    1677          forwarding of packets until the connection is closed.
     1673      <p id="rfc.section.6.9.p.1">The CONNECT method requests that the proxy establish a tunnel to the request-target and, if successful, thereafter restrict
     1674         its behavior to blind forwarding of packets until the connection is closed.
    16781675      </p>
    16791676      <p id="rfc.section.6.9.p.2">When using CONNECT, the request-target <em class="bcp14">MUST</em> use the authority form (<a href="p1-messaging.html#request-target" title="request-target">Section 3.1.1.2</a> of <a href="#Part1" id="rfc.xref.Part1.30"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>); i.e., the request-target consists of only the host name and port number of the tunnel destination, separated by a colon.
     
    16831680Host: server.example.com:80
    16841681
    1685 </pre><p id="rfc.section.6.9.p.4">Other HTTP mechanisms can be used normally with the CONNECT method — except end-to-end protocol Upgrade requests, since the
    1686          tunnel must be established first.
    1687       </p>
    1688       <p id="rfc.section.6.9.p.5">For example, proxy authentication might be used to establish the authority to create a tunnel:</p>
     1682</pre><p id="rfc.section.6.9.p.4">Any successful (2xx) response to a CONNECT request indicates that the proxy has established a connection to the requested
     1683         host and port, and has switched to tunneling the current connection to that server connection. The tunneled data from the
     1684         server begins immediately after the blank line that concludes the successful response's header block. A server <em class="bcp14">SHOULD NOT</em> send any Transfer-Encoding or Content-Length header fields in a successful response. A client <em class="bcp14">MUST</em> ignore any Content-Length or Transfer-Encoding header fields received in a successful response.
     1685      </p>
     1686      <p id="rfc.section.6.9.p.5">Any response other than a successful response indicates that the tunnel has not yet been formed and that the connection remains
     1687         governed by HTTP.
     1688      </p>
     1689      <p id="rfc.section.6.9.p.6">Proxy authentication might be used to establish the authority to create a tunnel:</p>
    16891690      <div id="rfc.figure.u.7"></div><pre class="text2">CONNECT server.example.com:80 HTTP/1.1
    16901691Host: server.example.com:80
    16911692Proxy-Authorization: basic aGVsbG86d29ybGQ=
    16921693
    1693 </pre><p id="rfc.section.6.9.p.7">Bodies on CONNECT requests have no defined semantics. Note that sending a body on a CONNECT request might cause some existing
    1694          implementations to reject the request.
    1695       </p>
    1696       <p id="rfc.section.6.9.p.8">Like any other pipelined HTTP/1.1 request, data to be tunnel may be sent immediately after the blank line. The usual caveats
    1697          also apply: data may be discarded if the eventual response is negative, and the connection may be reset with no response if
    1698          more than one TCP segment is outstanding.
    1699       </p>
    1700       <h3 id="rfc.section.6.9.1"><a href="#rfc.section.6.9.1">6.9.1</a>&nbsp;Establishing a Tunnel with CONNECT
    1701       </h3>
    1702       <p id="rfc.section.6.9.1.p.1">Any successful (2xx) response to a CONNECT request indicates that the proxy has established a connection to the requested
    1703          host and port, and has switched to tunneling the current connection to that server connection.
    1704       </p>
    1705       <p id="rfc.section.6.9.1.p.2">It may be the case that the proxy itself can only reach the requested origin server through another proxy. In this case, the
     1694</pre><p id="rfc.section.6.9.p.8">A message body on a CONNECT request has no defined semantics. Sending a body on a CONNECT request might cause existing implementations
     1695         to reject the request.
     1696      </p>
     1697      <p id="rfc.section.6.9.p.9">Similar to a pipelined HTTP/1.1 request, data to be tunneled from client to server <em class="bcp14">MAY</em> be sent immediately after the request (before a response is received). The usual caveats also apply: data may be discarded
     1698         if the eventual response is negative, and the connection may be reset with no response if more than one TCP segment is outstanding.
     1699      </p>
     1700      <p id="rfc.section.6.9.p.10">It may be the case that the proxy itself can only reach the requested origin server through another proxy. In this case, the
    17061701         first proxy <em class="bcp14">SHOULD</em> make a CONNECT request of that next proxy, requesting a tunnel to the authority. A proxy <em class="bcp14">MUST NOT</em> respond with any 2xx status code unless it has either a direct or tunnel connection established to the authority.
    17071702      </p>
    1708       <p id="rfc.section.6.9.1.p.3">An origin server which receives a CONNECT request for itself <em class="bcp14">MAY</em> respond with a 2xx status code to indicate that a connection is established.
    1709       </p>
    1710       <p id="rfc.section.6.9.1.p.4">If at any point either one of the peers gets disconnected, any outstanding data that came from that peer will be passed to
     1703      <p id="rfc.section.6.9.p.11">If at any point either one of the peers gets disconnected, any outstanding data that came from that peer will be passed to
    17111704         the other one, and after that also the other connection will be terminated by the proxy. If there is outstanding data to that
    17121705         peer undelivered, that data will be discarded.
     1706      </p>
     1707      <p id="rfc.section.6.9.p.12">An origin server which receives a CONNECT request for itself <em class="bcp14">MAY</em> respond with a 2xx status code to indicate that a connection is established. However, most origin servers do not implement
     1708         CONNECT.
    17131709      </p>
    17141710      <h1 id="rfc.section.7"><a href="#rfc.section.7">7.</a>&nbsp;<a id="status.codes" href="#status.codes">Status Code Definitions</a></h1>
Note: See TracChangeset for help on using the changeset viewer.