-
Notifications
You must be signed in to change notification settings - Fork 63
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
use a case-insenstive header hash for upgrade server #67
Conversation
log = Logger.new(stream.id) | ||
req, buffer = {}, '' | ||
request_headers = {} | ||
req = request_header_hash(request_headers) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we actually need both req
and request_headers
? Can we simplify it by removing one of them? Also we're passing in an empty value which is also the default on the method..
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes of course! 😊
@kenichi - How does Which version of Ruby are you using? |
@georgeu2000 you're looking for: https://github.com/tmm1/http_parser.rb |
@igrigorik - OK, thanks. I think we should add it to the Gemfile or .gemspec so other people can find it. |
Adding it to a Gemfile in examples dir sgtm. |
@igrigorik - The http_parser.rb gem worked. Thank you. I am still working on getting the upgrade server example to work with Chrome or Firefox. Do I need to use nghttp? It seems that http-2 is a server, so not sure why nghttp is being used, except as a reverse proxy. Does the upgrade server example work with Chrome or Firefox? I made some updates (for which I can do a PR), and it works with CURL, on both http and https. But it doesn't work on Chrome or Firefox. Here is what is happening on Chrome. I have done a lot of research, but the issue is still not clear to me. I tried debugging with Wireshark, and there is a TLS 1.2 connection and 5 data packets.
Chrome hangs waiting for the response to finish. The response is interpreted as an octet stream, not plain text. Here is the downloaded file:
So, it seems that the headers (which are correct) Does anyone have any idea what the issue could be? EDIT: Here is the downloaded file:
|
No... Neither Chrome, Firefox, Edge, or Safari support h2c upgrade flow. All are TLS only. This is not a bug, this an intentional decision. |
@igrigorik - OK, so I guess (hope) CURL works fine:
But on Chrome,
Not sure how to figure out what is going wrong. It seems that the server is sending goaway, but the socket is closed...? |
I'm assuming you're using a self-signed cert.. Did you whitelist it in your keychain or equivalent? Also, check chrome://net-internals/#http2 for the session, it should be provide some additional context for why Chrome is closing the connection. |
@igrigorik - Yes, it is a self-signed cert and added it to Keychain. chrome://net-internals/#events shows ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY. Googling suggests that it is an issue with the ciphers, so I changed them, but it did not help. I'll keep digging. It works OK on Safari, so that's a good start. Thank you for all your help. |
@georgeu2000 i am having the same problem with chrome using a valid letsencrypt cert, and i'm looking at the cipher suite now. |
@kenichi - OK, cool. It *seems* to be an issue with the cipher suite, but I'm not sure exactly what the problem is because the error from Chrome does not expose it. I upgraded Firefox to v49, and it now shows the same error. It may be that if the server offers a suite that is on the blacklist, then it raises this error. Here are the 97 default ciphers:
|
This is the issue:
|
i also noted that curl with h2 support sends |
@kenichi overall, lgtm, modulo rubocop nitpicks: https://travis-ci.org/igrigorik/http-2/jobs/171152501#L712 |
64f495e
to
5dc1e28
Compare
@georgeu2000 thanks for the info, i will be looking at incorporating this into my work here @igrigorik updated to make rubocop happy but still running into some problems - will look into this in another issue/pr |
Coveralls spam is getting out of hand.. Thanks for the fix, merging! |
nghttp sends
upgrade: h2c
because HTTP/1.x header keys are case insensitive, so this line was failing.