[x] A server MUST read the entire request message body or close the connection after sending its response; otherwise, the remaining data on a persistent connection would be misinterpreted as the next request.
[x] A server that receives a "close" connection option MUST initiate closure of the connection (see below) after it sends the final response to the request that contained the "close" connection option. The server SHOULD send a "close" connection option in its final response on that connection. The server MUST NOT process any further requests received on that connection.
[x] A server that sends a "close" connection option MUST initiate closure of the connection (see below) after it sends the response containing the "close" connection option. The server MUST NOT process any further requests received on that connection.
[x] All HTTP data MUST be sent as TLS "application data"
[x] Servers MUST attempt to initiate an exchange of closure alerts with the client before closing the connection.
Good Practice:
[x] A server SHOULD sustain persistent connections, when possible, and allow the underlying transport's flow-control mechanisms to resolve temporary overloads rather than terminate connections with the expectation that clients will retry.
[x] A sender SHOULD send a Connection header field (Section 7.6.1 of [HTTP]) containing the "close" connection option when it intends to close a connection.
[x] Servers SHOULD be prepared to receive an incomplete close from the client, since the client can often locate the end of server data.
Relevant Section: RFC 9112 - HTTP/1.1 - 9 Connection Management
Requirements:
[x] Servers MUST attempt to initiate an exchange of closure alerts with the client before closing the connection.
Good Practice: