Remix clone Hacker News

new | show | ask | jobs Github

	▲	8n4vidtmkvmk 3 hours ago
		Since when are they case sensitive? https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/... says otherwise. It's possible for a server to treat them as case sensitive, but that seems like a bad idea.
	▲	thomascountz 2 hours ago \| parent [-]
		+1 HTTP/2, headers are not unique if they only differ by casing, but they must be encoded as lowercase. `Just as in HTTP/1.x, header field names are strings of ASCII characters that are compared in a case-insensitive fashion. However, header field names MUST be converted to lowercase prior to their encoding in HTTP/2. A request or response containing uppercase header field names MUST be treated as malformed (Section 8.1.2.6).[1]` HTTP/1.X, headers are insensitive to casing for reasons of comparison and encoding. `Each header field consists of a name followed by a colon (":") and the field value. Field names are case-insensitive.[2]` So, if Sec-Fetch-Site is sensitive at all, it would be sec-fetch-site when sending via HTTP/2 and you're responsive for encoding/decoding. [1]: https://datatracker.ietf.org/doc/html/rfc7540#section-8.1.2 [2]: https://datatracker.ietf.org/doc/html/rfc2616#section-4.2