use a case-insenstive header hash for upgrade server #67
Conversation
| log = Logger.new(stream.id) | ||
| req, buffer = {}, '' | ||
| request_headers = {} | ||
| req = request_header_hash(request_headers) |
There was a problem hiding this comment.
Do we actually need both req and request_headers? Can we simplify it by removing one of them? Also we're passing in an empty value which is also the default on the method..
|
@kenichi - How does Which version of Ruby are you using? |
|
@georgeu2000 you're looking for: https://github.com/tmm1/http_parser.rb |
|
@igrigorik - OK, thanks. I think we should add it to the Gemfile or .gemspec so other people can find it. |
|
Adding it to a Gemfile in examples dir sgtm. |
|
@igrigorik - The http_parser.rb gem worked. Thank you. I am still working on getting the upgrade server example to work with Chrome or Firefox. Do I need to use nghttp? It seems that http-2 is a server, so not sure why nghttp is being used, except as a reverse proxy. Does the upgrade server example work with Chrome or Firefox? I made some updates (for which I can do a PR), and it works with CURL, on both http and https. But it doesn't work on Chrome or Firefox. Here is what is happening on Chrome. I have done a lot of research, but the issue is still not clear to me. I tried debugging with Wireshark, and there is a TLS 1.2 connection and 5 data packets. Chrome hangs waiting for the response to finish. The response is interpreted as an octet stream, not plain text. Here is the downloaded file:
So, it seems that the headers (which are correct) Does anyone have any idea what the issue could be? EDIT: Here is the downloaded file: |
No... Neither Chrome, Firefox, Edge, or Safari support h2c upgrade flow. All are TLS only. This is not a bug, this an intentional decision. |
|
@igrigorik - OK, so I guess (hope) CURL works fine: But on Chrome, Not sure how to figure out what is going wrong. It seems that the server is sending goaway, but the socket is closed...? |
|
I'm assuming you're using a self-signed cert.. Did you whitelist it in your keychain or equivalent? Also, check chrome://net-internals/#http2 for the session, it should be provide some additional context for why Chrome is closing the connection. |
|
@igrigorik - Yes, it is a self-signed cert and added it to Keychain. chrome://net-internals/#events shows ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY. Googling suggests that it is an issue with the ciphers, so I changed them, but it did not help. I'll keep digging. It works OK on Safari, so that's a good start. Thank you for all your help. |
|
@georgeu2000 i am having the same problem with chrome using a valid letsencrypt cert, and i'm looking at the cipher suite now. |
|
@kenichi - OK, cool. It *seems* to be an issue with the cipher suite, but I'm not sure exactly what the problem is because the error from Chrome does not expose it. I upgraded Firefox to v49, and it now shows the same error. It may be that if the server offers a suite that is on the blacklist, then it raises this error. Here are the 97 default ciphers: |
|
This is the issue:
|
|
i also noted that curl with h2 support sends |
|
@kenichi overall, lgtm, modulo rubocop nitpicks: https://travis-ci.org/igrigorik/http-2/jobs/171152501#L712 |
kenichi
force-pushed
the
header_key_case
branch
from
64f495e
to
5dc1e28
Compare
|
@georgeu2000 thanks for the info, i will be looking at incorporating this into my work here @igrigorik updated to make rubocop happy but still running into some problems - will look into this in another issue/pr |
|
Coveralls spam is getting out of hand.. Thanks for the fix, merging! |
nghttp sends
upgrade: h2cbecause HTTP/1.x header keys are case insensitive, so this line was failing.