Re: [dev] Why HTTP is so bad?

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Leon Winter <lwi_AT_ring0.de>
Date: Wed, 22 May 2013 23:59:14 +0200

There are quite a few problems with HTTP like you cannot parse it
because the grammer allows anything, most importantly:

- Multiple HTTP Accept Headers (with empty entries) allowed
- Newline or Carriage Return or both or whatever

Because of this great flexibility you can enjoy undeterministic
responses from different web servers and agents.

Also consider common use:
IP
TCP (state)
HTTP (stateless)
HTTP Cookies (state) <- seriously?

To make matters worse there are HTTP-Only-Cookies for people who cannot
properly escape their code in the backend and have to abuse HTTP for
protecting them (probably brought to you by the same people calling NAT
a security feature).
Received on Wed May 22 2013 - 23:59:14 CEST

This archive was generated by hypermail 2.3.0 : Thu May 23 2013 - 00:00:09 CEST