Menu
Following on from Is Port Number Required in HTTP "Host" Header Parameter?, does the same logic apply to HTTP/2?
i.e. if a browser makes a request to https://server.com:1234/, should the :authority header be server.com or server.com:1234?
911
The Host request header specifies the host and port number of the server to which the request is being sent. If no port is included, the default port for the service requested is implied (e.g., 443 for an HTTPS URL, and 80 for an HTTP URL). A Host header field must be sent in all HTTP/1.1 request messages.
The HTTP/2 :authority pseudo-header is a stricter, mandatory, information about the host authority (i.e. host name and host port). In HTTP/1.1, the host authority is derived from multiple sources, and may even be absent, causing a number of confusing behaviors that depend on server implementations.
Hypertext Transfer Protocol version 2 (HTTP2) The well known TCP port for HTTP/2 traffic is 443 (and 80).
HTTP/2 Features Some key features of HTTP/2 include: Binary: Meaning commands use 1s and 0s and not text. Multiplex: Permits multiple requests and responses to be sent at the same time. Compression: Compresses headers that have been requested previously to make things more efficient.
It should, :authority is defined by RFC 7540 (https://www.rfc-editor.org/rfc/rfc7540#section-8.1.2.3) as a :
pseudo-header field includes the authority portion of the target URI ([RFC3986], Section 3.2). The authority MUST NOT include the deprecated "userinfo" subcomponent for "http" or "https" schemed URIs.
RFC 3986 in turn describes authority as:
authority = [ userinfo "@" ] host [ ":" port ]
So yes, it should include the port, if the port isn't the default for the scheme.
125
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
