Re: [Web-SIG] Multiple message-header fields handling

Tue, 02 Oct 2007 13:00:18 -0700 

Manlio Perillo wrote:
> The HTTP 1.1 protocol (section 4.2) says that:
> """Multiple message-header fields with the same field-name MAY be 
> present in a message if and only if the entire field-value for that 
> header field is defined as a comma-separated list [i.e., #(values)]."""
> 
> This can happen, as an example, with the Cookie header.
> 
> My question is: how should this be handled in WSGI?
> 
> As an example Nginx stores all the headers in a associative array, 
> where, of course, only the "last seen" headers appears.
> 
> However common multiple message-headers are stored in the request struct.
> 
> Since the WSGI environment is a dictionary with keys and values of type 
> str, should an implementation:
> """combine the multiple header fields into one "field-name: field-value" 
> pair, without changing the semantics of the message, by appending each 
> subsequent field-value to the first, each separated by a comma."""
> ?

Yes, it should. As you note, it's part of the HTTP spec that such headers
can be combined without changing the semantics. Here's a list of the
headers that need to be folded:

comma_separated_headers = ['ACCEPT', 'ACCEPT-CHARSET', 'ACCEPT-ENCODING',
    'ACCEPT-LANGUAGE', 'ACCEPT-RANGES', 'ALLOW', 'CACHE-CONTROL',
    'CONNECTION', 'CONTENT-ENCODING', 'CONTENT-LANGUAGE', 'EXPECT',
    'IF-MATCH', 'IF-NONE-MATCH', 'PRAGMA', 'PROXY-AUTHENTICATE', 'TE',
    'TRAILER', 'TRANSFER-ENCODING', 'UPGRADE', 'VARY', 'VIA', 'WARNING',
    'WWW-AUTHENTICATE']

The only tricky one is Cookie, because e.g. Konqueror sends them on
multiple lines, but they're not foldable.

See http://kristol.org/cookie/errata.html

> Ngins does not do this (and I don't know what Apache does).
> 
> 
> Another question: when an header has an empty field value, what should 
> be set in the environment: an empty string or None?

An empty string, or omit them entirely:

"""The following variables must be present, unless their value would
be an empty string, in which case they may be omitted, except as
otherwise noted below...

HTTP_ Variables
""".


Robert Brewer
[EMAIL PROTECTED]

_______________________________________________
Web-SIG mailing list
Web-SIG@python.org
Web SIG: http://www.python.org/sigs/web-sig
Unsubscribe: 
http://mail.python.org/mailman/options/web-sig/archive%40mail-archive.com

Reply via email to