Handy-Http/primitives
Handy-Http
/
primitives
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HTTP version of requests and TLS #4

New Issue
Closed
opened 2024-10-27 16:39:28 +00:00 by 0xEAB · 2 comments
0xEAB commented 2024-10-27 16:39:28 +00:00
Copy Link

Currently, the ServerHttpRequest struct tracks the HTTP version of the request.
As-is, it cannot properly do so for v1.0 and v0.9 requests.

Furthermore, lacks the option to track whether the requested originated from a secure connection (TLS as in HTTPS) in cases where this cannot be inferred from the used HTTP version.

Some web applications might want to make use of this information. While I do agree that there’s a misuse potential (e.g. URL building for links), there are valid use cases as well.

Currently, the `ServerHttpRequest` struct tracks [the HTTP version of the request](https://git.andrewlalis.com/Handy-Http/primitives/src/commit/23c74f82bedf662d3d6f8f2aed159a270f5a782d/source/handy_http_primitives/request.d#L15). As-is, it cannot properly do so for v1.0 and v0.9 requests. Furthermore, lacks the option to track whether the requested originated from a secure connection (TLS as in HTTPS) in cases where this cannot be inferred from the used HTTP version. Some web applications might want to make use of this information. While I do agree that there’s a misuse potential (e.g. URL building for links), there are [valid use cases](https://docs.nextcloud.com/server/29/admin_manual/configuration_server/security_setup_warnings.html#you-are-accessing-this-site-via-http) as well.
0xEAB commented 2024-10-27 16:41:47 +00:00
Author
Copy Link

As-is, it cannot properly do so for v1.0 and v0.9 requests.

As servers usually reply to such with v1.1 responses anyway, I guess it would be sufficient to rename V1_1 to V1 and document that it includes the whole version span of classic HTTP protocols.

> As-is, it cannot properly do so for v1.0 and v0.9 requests. As servers usually reply to such with v1.1 responses anyway, I guess it would be sufficient to rename `V1_1` to `V1` and document that it includes the whole version span of classic HTTP protocols.
andrew commented 2024-10-28 14:21:18 +00:00
Owner
Copy Link

Yep, makes sense. I've renamed it to V1, and added some documentation text to explain the scope of each version.

Yep, makes sense. I've renamed it to `V1`, and added some documentation text to explain the scope of each version.
🎉 1
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
v1.8.1
v1.8.0
v1.7.0
v1.6.0
v1.5.0
v1.4.0
v1.3.1
v1.3.0
v1.2.0
v1.1.0
v1.0.0
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Handy-Http/primitives#4
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?