[squid-dev] HTTP meetup in Stockholm

Marcus Kool marcus.kool at urlfilterdb.com
Tue Jul 12 10:01:14 UTC 2016


On 07/12/2016 06:53 AM, Henrik Nordström wrote:
> tis 2016-07-12 klockan 18:34 +1200 skrev Amos Jeffries:
>> I'm much more in favour of binary formats. The HTTP/2 HPACK design
>> lends
>> itself very easily to binary header values (ie sending integers as
>> interger encoded value). Following PHK's lead on those.
>
> json is very ambiguous with no defined schema or type restrictions.
> It's up to the receiver to guess type information from format while
> parsing, which in itself is a mess from security point of view.
>
> The beauty of json is that it is trivially extensible with new data,
> and have all basic data constructs you need for arbitrary data. (name
> tagged, strings, integers, floats, booleans, arrays, dictionaries and
> maybe something more). But for the same reason it's also unsuitable for
> HTTP header information which should be consise, terse and un-ambiguous
> with little room for syntax errors.
>
> Regards
> Henrik

Extensible json headers seems to lend itself to put a lot of application-specific
stuff in headers instead of in payload. The headers should be used for the
protocol only.

Squid has had many issues in the past with non-conformity to standards.
The Squid developers obviously want to stick with the standards and are
forced by non-conformant apps and servers to support non-conformity.
Can this workshop be used to address this?

Marcus


More information about the squid-dev mailing list