[x] A server that receives a request-target longer than any URI it wishes to parse MUST respond with a 414 (URI Too Long) status code (unit test uri_too_long_test)
[x] A server MUST respond with a 400 (Bad Request) status code to any HTTP/1.1 request message that lacks a Host header field and to any request message that contains more than one Host header field line or a Host header field with an invalid field value.
[x] When an origin server receives a request with an absolute-form of request-target, the origin server MUST ignore the received Host header field (if any) and instead use the host information of the request-target. Note that if the request-target does not have an authority component, an empty Host header field will be sent in this case. absolute_form_ignores_host_header_test
[x] A server MUST accept the absolute-form in requests even though most HTTP/1.1 clients will only send the absolute-form to a proxy. (implemented in HttpUri)
Good Practice:
[x] A server that receives a method longer than any that it implements SHOULD respond with a 501 (Not Implemented) status code (unit test: method_too_long_throws_not_implemented_test).
[x] It is RECOMMENDED that all HTTP senders and recipients support, at a minimum, request-line lengths of 8000 octets.
[x] Recipients of an invalid request-line SHOULD respond with either a 400 (Bad Request) error or a 301 (Moved Permanently) redirect with the request-target properly encoded.
alcjzk
commented
8 months ago
Relevant Section: RFC 9112 - HTTP/1.1 - 3 Request Line
Requirements:
uri_too_long_test)absolute_form_ignores_host_header_test[x] A server MUST accept the absolute-form in requests even though most HTTP/1.1 clients will only send the absolute-form to a proxy. (implemented in HttpUri)
Good Practice:
method_too_long_throws_not_implemented_test).