I’ve been monitoring the ietf-http-wg mailing list and have noticed there is renewed actively around revising RFC 2616, the HTTP/1.1 specification. This renewed activity got me thinking it was time to discuss the need for HTTP Request Forwarding.
I’ll start by saying it is possible that Request Forwarding is already part of the HTTP spec and that I just overlooked it. Lord knows I’ve read enough W3C and IETF specs lately to raze a small forest if printed, so I could easily have missed that part as I read bleary-eyed through the specs. But I’ve asked the question privately of a few people that should know and they all said that HTTP does not support request forwarding; one of them pointed out that that is why VOIP needed SIP.
If the term “HTTP Request Forwarding” isn’t obvious from context, let me give a use-case to illustrate:
USE-CASE: Retaining control of URL Interfaces when outsourcing image hosting
Assume client “A”, server “B” mapped to  and server “C” mapped to  (servers “B” and “C” are different computers with different IP addresses probably at different locations.) For this use case client “A” requests the HTML file at  which includes an <img> tag pointing to a graphic at .
The request from client “A” for the .html file at  goes to server “B” and the response is returne to client “A.” After parsing  client “A” realizes it also needs to download the image at  and requests the .png file from server “B” at .
However, server “B” knows that the .png file  is actually located on server “C” at  so it forwards the request to server “C” at . Server “C” responds by returning the .png file directly back to client “A” and client “A” is none the wiser; i.e. client “A” still thinks that the image was returned by .
In addition, if client “A” is a browser and the user inspects the properties of the image, the user would find the URL to be , not . No where in the response given to the client would there be information that the image came from  instead of  except that the IP address differs from the server that requested it. It is possible that a header could contain the forwarding information, but the client would not need to act on it except potentially for debugging.
There are several other use-cases as well, such as making it possible to fully virtualize a domain authority’s URL interface. However, the use-case of outsourcing images or any large static content illustrates a benefit that I believe should be obvious to most people. And for those that are interested, especially if you are involved in updating the spec, I could detail other use-cases if people are interested.
Now it is possible there are security implications with this that I have not considered. If so, I would hope that we could at least explore potential ways to mitigate those issues as opposed to immediately dismissing HTTP Request Forwarding out of hand.
In summary, adding a Request Forwarding functionality to HTTP would allow servers to maintain control of their URL interfaces while still being able to distribute loads and services to appropriate servers. Having such a feature could improve consistency in URL design and make it easier for website owners to restructure their websites without the level of broken links seen on the web today.