Http2, HttpClient, and RFC 9113
robert engels
rengels at ix.netcom.com
Thu Jan 16 00:24:03 UTC 2025
Hi all,
I don’t have the ability to create an OpenJDK issue.
Is this not the correct way to get this going? In the past, the net-dev has been responsive to this sort of thing.
Maybe this was lost because it was sent over the weekend?
Thanks,
Robert
> On Jan 11, 2025, at 2:10 PM, robert engels <rengels at ix.netcom.com> wrote:
>
> Hi,
>
> According to RFC 9113 which obsoletes 7540, the Http2 upgrade mechanism over non-SSL has been deprecated (for a variety of reasons). See https://www.rfc-editor.org/rfc/rfc9113.html#section-3.1
>
> The problem is that the JDK HttpClient only supports upgrade attempts over non-SSL, and has no support for “http2 using prior knowledge”. See https://www.rfc-editor.org/rfc/rfc9113.html#section-3.3
>
> This is against JEP 110 https://openjdk.org/jeps/110 which forms the basis of HttpClient, where it states:
>
> Must be able to negotiate an upgrade from 1.1 to 2 (or not), or select 2 from the start.
>
>
> The latter half of this addresses the “http2 with prior knowledge” portion of the specification. The current behavior is not compliant with RFC 9113.
>
> Are there plans to address this? Is there an outstanding bug I could work on?
>
> Thanks,
> Robert Engels
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/net-dev/attachments/20250115/3fa400fb/attachment.htm>
More information about the net-dev
mailing list