The post and replay are here.
Tim said that:
tim@feynman:~$ telnet www.plumbcenter.co.uk 80
Trying 89.207.160.30...
Connected to www.plumbcenter.co.uk.
Escape character is '^]'.
GET /plumb/index.html HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP/1.1 400 Bad Request
Date: Wed, 27 Aug 2008 21:44:51 GMT
Server: Microsoft-IIS/6.0
Content-Length: 226
Connection: close
Content-Type: text/html; charset=iso-8859-1
(404 body snipped)
Connection closed by foreign host.
"; SV1" with "; SV2" or replace "5.1" with "5.0" but leave the "; SV1"
bit!
What's interesting here is that the request headers specify HTTP/1.0 but the response comes back from the server as HTTP/1.1
While maybe this is just sloppy programming by Microsoft, its worth bearing in mind that, by default MSIE degrades to HTTP/1.0 responses when it knows it's talking via a proxy. Also, HTTP/1.1 mainly addresses performance improvements.
Further - as Tim points out, the behaviour of the server changes when the user-agent changes.
Could it be that IIS is using the user-agent for purposes beyond what it should do according to spec? This could give Microsoft an unfair performance advantage over other browsers. Certainly in this case there is hard evidencethat the server is basing its response on the user-agent supplied in the request.
For the time being this is mostly conjecture and conspiracy theory. But it would be interesting to confirm whether IIS always responds to HTTP/1.0 requests with a HTTP/1.1 response, whether it will include HTTP/1.1 specific browser instructions - and to see if the browser then acts on these.
No comments:
Post a Comment