Http2, HttpClient, and RFC 9113
robert engels
rengels at ix.netcom.com
Sat Jan 11 20:10:02 UTC 2025
Hi,
According to RFC 9113 which obsoletes 7540, the Http2 upgrade mechanism over non-SSL has been deprecated (for a variety of reasons). See https://www.rfc-editor.org/rfc/rfc9113.html#section-3.1
The problem is that the JDK HttpClient only supports upgrade attempts over non-SSL, and has no support for “http2 using prior knowledge”. See https://www.rfc-editor.org/rfc/rfc9113.html#section-3.3
This is against JEP 110 https://openjdk.org/jeps/110 which forms the basis of HttpClient, where it states:
Must be able to negotiate an upgrade from 1.1 to 2 (or not), or select 2 from the start.
The latter half of this addresses the “http2 with prior knowledge” portion of the specification. The current behavior is not compliant with RFC 9113.
Are there plans to address this? Is there an outstanding bug I could work on?
Thanks,
Robert Engels
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/net-dev/attachments/20250111/9f252357/attachment.htm>
More information about the net-dev
mailing list