From b92198563828adabe8755e0961040a63908919bf Mon Sep 17 00:00:00 2001 From: Mark Nottingham Date: Wed, 1 Sep 2021 17:12:40 +1000 Subject: [PATCH] Editorial suggestion For #905. --- draft-ietf-httpbis-http2bis.xml | 45 ++++++++++++++------------------- 1 file changed, 19 insertions(+), 26 deletions(-) diff --git a/draft-ietf-httpbis-http2bis.xml b/draft-ietf-httpbis-http2bis.xml index 367e4710..c63475c4 100644 --- a/draft-ietf-httpbis-http2bis.xml +++ b/draft-ietf-httpbis-http2bis.xml @@ -2903,42 +2903,35 @@ cookie: e=f
  • - The :authority pseudo-header field includes the - authority portion of the target URI (). The - authority MUST NOT include the deprecated userinfo subcomponent for - http or https schemed URIs. + The :authority pseudo-header field conveys the authority portion () of the target URI (). The recipient of a HTTP/2 request MUST ignore the Host header + field if :authority is present. - Clients that generate HTTP/2 requests directly SHOULD use the :authority - pseudo-header field instead of the Host header field. + Clients that generate HTTP/2 requests directly MUST use the :authority + pseudo-header field to convey authority information, unless there is no authority + information to convey (in which case it MUST NOT generate :authority). - An intermediary that forwards a request to HTTP/2 MUST construct an - :authority pseudo-header field using the authority information from the - control data in the original request. If control data does not contain authority, - an intermediary MUST NOT add an :authority pseudo-header field. Note that - while the Host header field can determine a request target, it is not - control data for this purpose; see . + An intermediary that forwards a request over HTTP/2 MUST construct an :authority + pseudo-header field using the authority information from the control data of the + original request, unless the the original request's target URI does not contain + authority information (in which case it MUST NOT generate :authority). Note that + the Host header field is not the sole source of this information; see . - Request targets for CONNECT or asterisk-form OPTIONS requests do not include - authority. + An intermediary that forwards a request over HTTP/2 MUST retain any Host header + field. - An intermediary that forwards from HTTP/2 can construct a Host header field - by copying the value of the :authority pseudo-header field. This might be - necessary if that version requires that Host be included in a request, as - HTTP/1.1 does for some forms of request target (see ). + Note that request targets for CONNECT or asterisk-form OPTIONS requests never + include authority information. - An intermediary that forwards a request to HTTP/2 MUST retain any Host - header field, even if an authority is part of control data. - - - The value of the Host header field MUST be ignored if control data - contains authority (that is, the :authority pseudo-header field is - present). + :authority MUST NOT include the deprecated userinfo subcomponent for http or https + schemed URIs.