2

I am having a problem implementing a simple web server. According to the spec, a HTTP/1.1 request starts with this line:

Request-Line   = Method SP Request-URI SP HTTP-Version CRLF

In this line, there is a Request-URI which is defined as follows:

Request-URI    = "*" | absoluteURI | abs_path | authority

So, I am allowed to either send a complete URI (with schema, server name, etc) or an abs_path (authority is, as defined in the spec, only for the CONNECT method). Then I have:

abs_path      = "/"  path_segments
path_segments = segment *( "/" segment )

These definitions are from the URI spec, which is linked in the HTTP spec. As we see, abs_path is only an absolute path without the query.

So far the theory. Now when I actually send a HTTP GET request to http://example.com/?key=value, this line is sent:

GET /?key=value HTTP/1.1

I tried this using Firefox, Chrome and curl. Shouldn't that be illegal according to the spec? Am I overseeing something?

flyx
  • 35,506
  • 7
  • 89
  • 126

2 Answers2

3

Your problem is that you're looking at an outdated version of the spec.

See https://www.greenbytes.de/tech/webdav/rfc7230.html#origin-form for the correct ABNF.

Julian Reschke
  • 40,156
  • 8
  • 95
  • 98
  • 1
    Thanks. Since I don't know who or what greenbytes is, I checked the [IETF version of that RFC](https://tools.ietf.org/html/rfc7230#section-5.3.1), which says the same. – flyx Jul 21 '17 at 12:31
2

That is a known error in RFC 2616:

RFC 7230, which obsoletes RFC 2616, allows it. Its definition of request-line uses request-target (instead of Request-URI), which allows origin-form (instead of abs_path):

origin-form    = absolute-path [ "?" query ]
Community
  • 1
  • 1
unor
  • 92,415
  • 26
  • 211
  • 360