Joel Moses wrote: > The document below details a connection-reuse problem which uses > persistent connections even when they have either 1) been specifically > disabled, or 2) have been told to close by a server "Connection: > close". [...] > ------------------------------------------------------------------ > $ nc -p 9000 -l > GET http://www.somesite.com/ HTTP/1.0 > Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg, > application/vnd.ms-excel, application/msword, > application/vnd.ms-powerpoint, */* > Accept-Language: en-us > Accept-Encoding: gzip, deflate > User-Agent: Mozilla/4.0 (compatible; MSIE 4.01, Windows 95) > Host: www.somesite.com > Proxy-Connection: Keep-Alive > > "HTTP/1.1 200 OK" > "Connection: close" > "Content-Length: 5" > > "abcde" > ------------------------------------------------------------------ > > The browser will display "abcde," and the IE logo will stop > circulating. However, the connection will not -- as requested by the > server -- close. If you issue another page request in the browser for You mean "as requested by the origin server." Connection header is hop-by-hop, which means that it has a meaning for a connection between origin server and proxy server only. Proxy server doesn't have to propagate it to the user agent. And there is a Proxy-Connection header in the request. I don't know where that one is defined (it isn't in RFC 1945, nor in RFC 2068, nor in the latest HTTP/1.1 draft), but I would assume it has to do something with open connections between user agent and proxy server. > a different site, the request will come through on this > previously-opened connection, e.g.,: > > ------------------------------------------------------------------ > GET http://www.othersite.com/ HTTP/1.0 > Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg, > application/vnd.ms-excel, application/msword, > application/vnd.ms-powerpoint, */* > Accept-Language: en-us > Accept-Encoding: gzip, deflate > User-Agent: Mozilla/4.0 (compatible; MSIE 4.01, Windows 95) > Host: www.othersite.com > Proxy-Connection: Keep-Alive > ------------------------------------------------------------------ > > This clearly violates HTTP/1.0 behavior, with which the browser > reports to the server that it complies. It doesn't. Your netcat "proxy" violates it. Here's a quote from RFC 1945: Except for experimental applications, current practice requires that the connection be established by the client prior to each request and closed by the server after sending the response. > Netscape 4.x behaves correctly and closes the connection itself when > faced with the same situation. See above. The server is responsible for closing the connection. Server here means either origin server or proxy server, whichever happens to be connected to user agent. -- .-. .-. Life is a sexually transmitted disease. (_ \ / _) | daveat_private | daveat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:30:35 PDT