Uploaded image for project: 'HttpComponents HttpClient'
  1. HttpComponents HttpClient
  2. HTTPCLIENT-2344

HTTP/1.1 TLS Upgrade (RFC-2817) should not be default

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Minor
    • Resolution: Invalid
    • 5.4
    • None
    • HttpClient (classic)
    • None

    Description

      Version 5.4 added RFC-2817 support, which by default tries to upgradeĀ  since protocolUpgradeEnabled is default enabled.

      Although the strict reading of the spec would indicate that a server should ignore upgrade requests that it cannot service, conservative proxies might reject these requests entirely. This is the case in Envoy today

      I don't see a big advantage to enabling this by default and it is causing real issues now.

      Attachments

        Issue Links

          is caused by

          New Feature - A new feature of the product, which has yet to be developed. HTTPCLIENT-751 ProtocolSocketFactory to upgrade an unsecured connection to secured via TLS

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              bplotnick Ben Plotnick
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: