You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Whenever an HTTP request comes in from the validator, it identifies as HTTP/1.0, i.e.
GET / HTTP/1.0
...despite containing a Host: header, an HTTP/1.1 feature that only existed as an unofficial / non-standard extension in HTTP/1.0
HTTP/1.1 went live 27 years ago so it's bizarre that the validator is still marking its requests as HTTP/1.0, while actually using HTTP/1.1 features
approximately zero legitimate traffic uses HTTP/1.0 in the current year -- besides the validator, the only other exception I know of is the ancient Lynx browser, which has generally been supplanted by more modern text-mode browsers
because HTTP/1.0 is now only used by (often malicious) bots and security scanners, it's becoming common practice to block HTTP/1.0 traffic
I implemented HTTP/1.0 blocking on my servers but with whitelisting for the validator and Lynx. Lynx is probably a lost cause but I'm hoping the validator at least could potentially be updated to mark its traffic as HTTP/1.1... or maybe even add HTTP/2 support?
The text was updated successfully, but these errors were encountered:
Whenever an HTTP request comes in from the validator, it identifies as HTTP/1.0, i.e.
GET / HTTP/1.0
...despite containing a
Host:
header, an HTTP/1.1 feature that only existed as an unofficial / non-standard extension in HTTP/1.0HTTP/1.1 went live 27 years ago so it's bizarre that the validator is still marking its requests as HTTP/1.0, while actually using HTTP/1.1 features
approximately zero legitimate traffic uses HTTP/1.0 in the current year -- besides the validator, the only other exception I know of is the ancient Lynx browser, which has generally been supplanted by more modern text-mode browsers
because HTTP/1.0 is now only used by (often malicious) bots and security scanners, it's becoming common practice to block HTTP/1.0 traffic
I implemented HTTP/1.0 blocking on my servers but with whitelisting for the validator and Lynx. Lynx is probably a lost cause but I'm hoping the validator at least could potentially be updated to mark its traffic as HTTP/1.1... or maybe even add HTTP/2 support?
The text was updated successfully, but these errors were encountered: