search

jakartaee / servlet

Jakarta Servlet
https://eclipse.org/ee4j/servlet
Other
253 stars 81 forks source link

Add request attribute for secure_protocol. #549

Closed ChristopherSchultz closed 7 months ago

ChristopherSchultz commented 9 months ago

This fixes #130

markt-asf commented 9 months ago

Note a couple of alternative attribute names were suggested in #130. I'm happy with this particular name but could live with either of the alternatives. If there are no objections, I intend to merge this in a week or so for inclusion in 6.1.

ChristopherSchultz commented 9 months ago

I ultimately chose secure_protocol for several reasons:

  1. ssl_protocol is just wrong, since SSL is no longer used
  2. tls_protocol may be wrong in the future, once we switch to TBD
  3. tls_protocol may also be wrong for some other protocol, say, sftp or whatever
  4. Neither cipher_suite nor key_size have any ssl_ prefix as ssl_session_id does
  5. Using protocol without a prefix would be confusing with respect to HTTP/1.1, etc.; this is intended to be the security protocol in use for the request
markt-asf commented 7 months ago

Tx for the PR. I'll follow-up shortly with a PR to add an entry to the change log etc.