|
|
|
|
|
|
by userbinator
4249 days ago
|
|
|
I saw it right away - "that HTTP/1.1 looks a bit farther away than it should be..." - and confirmed it by selecting the spaces. I thought it would be a bit more subtle than that... I remember working with a server that violated the HTTP spec by not accepting allowed extra spaces in headers. According to the new HTTP/1.1 RFC 7230, it should be a single space - the previous RFC didn't specify this clearly in the wording, although it is implied by the grammar (SP and not 1 * SP). https://tools.ietf.org/html/rfc7230#section-3.1.1 "A request-line begins with a method token, followed by a single space (SP), the request-target, another single space (SP), the protocol version, and ends with CRLF." I'm surprised there doesn't seem to be any widely-used and easily available HTTP conformance checker - unlike the well-known HTML validators. This is also why monospace fonts are ideal for seeing small but significant differences like this. |
|
|
There is one called Co-Advisor [1] that can be used to test web proxies. It is commercial and pretty expensive, but the online version might be free for open source projects. Squid and Apache Traffic Server are tested with it [2][3]. There was a USENIX talk that showed some Co-Advisor results [4]
1. http://coad.measurement-factory.com/details.html
2. http://wiki.squid-cache.org/Features/HTTP11
3. http://trafficserver.apache.org/acknowledgements
4. https://www.usenix.org/conference/lisa12/rolling-d2o-choosin... (at 31:16 in to the video).