+1.
Being strict. No need to flood the logs
Arturo
On Sat, Oct 12, 2024 at 3:14 PM Oleg Kalnichevski wrote:
> On Sat, 2024-10-12 at 07:43 -0400, Gary Gregory wrote:
> > I think the remaining decisions are:
> >
> > - whether we should log a warning (but not throw an exception) when
> > both
>
On Sat, 2024-10-12 at 07:43 -0400, Gary Gregory wrote:
> I think the remaining decisions are:
>
> - whether we should log a warning (but not throw an exception) when
> both
> are present and equal.
> - what to do if both are present but not equal, at least log a
> warning, but
> not throw an excep
I think the remaining decisions are:
- whether we should log a warning (but not throw an exception) when both
are present and equal.
- what to do if both are present but not equal, at least log a warning, but
not throw an exception because of the SHOULD?
Gary
On Sat, Oct 12, 2024, 7:17 AM Oleg K
On Sat, 2024-10-12 at 07:04 -0400, Gary Gregory wrote:
> Hi all,
>
> Considering the text you quote and the SHOULD definition in
> https://datatracker.ietf.org/doc/html/rfc2119#section-3 then we are
> indeed
> in the wrong (IMO) and we need to allow for the Host header to be
> processed
> in the a
Hi,
Checking RFC 7540 once again, it looks clear that while clients *SHOULD*
use :authority instead of Host, this is not a strict *MUST*. There’s no
explicit prohibition of the Host header in HTTP/2 requests.
Maybe we should reconsider our current approach of treating such requests
as malformed.
Hi all,
Considering the text you quote and the SHOULD definition in
https://datatracker.ietf.org/doc/html/rfc2119#section-3 then we are indeed
in the wrong (IMO) and we need to allow for the Host header to be processed
in the absence of the ":authority" pseudo-header.
Gary
On Sat, Oct 12, 2024,
