Skip to content

Commit

Permalink
doc: clarify duplicate header handling
Browse files Browse the repository at this point in the history 
This commit documents how duplicate HTTP headers are handled.

PR-URL: #3810
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
  • Loading branch information
@bengl @cjihrig
bengl authored and cjihrig committed Nov 13, 2015
1 parent 76f40f7 commit 4008961
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions doc/api/http.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -816,6 +816,16 @@ Example:
// accept: '*/*' }
console.log(request.headers);

Duplicates in raw headers are handled in the following ways, depending on the
header name:

* Duplicates of `age`, `authorization`, `content-length`, `content-type`,

This comment has been minimized.

Sign in to view

Copy link
@gajus

gajus Nov 4, 2019

Where is the spec describing that these headers should be discarded when duplicate?

This comment has been minimized.

Sign in to view

Copy link
@gajus

gajus Nov 4, 2019

I am trying to figure out why certain headers are not included, e.g. connection.

This comment has been minimized.

Sign in to view

Copy link
@sam-github

sam-github Nov 4, 2019

Contributor

https://tools.ietf.org/html/rfc7230#section-3.3.2

If a message is received that has multiple Content-Length header
fields with field-values consisting of the same decimal value, or a
single Content-Length header field with a field value containing a
list of identical decimal values (e.g., "Content-Length: 42, 42"),
indicating that duplicate Content-Length header fields have been
generated or combined by an upstream message processor, then the
recipient MUST either reject the message as invalid or replace the
duplicated field-values with a single valid Content-Length field
containing that decimal value prior to determining the message body
length or forwarding the message.

This comment has been minimized.

Sign in to view

Copy link
@gajus

gajus Nov 4, 2019

This only describes the specific case of Content-Length. Is there a list of all header values that are safe to discard if duplicate and what should be the logic for discarding them?

This comment has been minimized.

Sign in to view

Copy link
@sam-github

sam-github Nov 4, 2019

Contributor

I didn't see such a list, you'll have to look up each header one-by-one and see what it says.
`etag`, `expires`, `from`, `host`, `if-modified-since`, `if-unmodified-since`,
`last-modified`, `location`, `max-forwards`, `proxy-authorization`, `referer`,
`retry-after`, or `user-agent` are discarded.
* `set-cookie` is always an array. Duplicates are added to the array.
* For all other headers, the values are joined together with ', '.

### message.httpVersion

In case of server request, the HTTP version sent by the client. In the case of
Expand Down

0 comments on commit 4008961

Please sign in to comment.