views:

42

answers:

1

Can clients using http 1.0 or older use UDP sockets instead of TCP sockets?

I was wondering as to what could prevent such use apart from firewall issues and packet size limitations. However, if that isn't a problem, is there anything else that prevents such use.

Also, have they been used traditionally?

+1  A: 

From RFC 1945, "Hypertext Transfer Protocol -- HTTP/1.0", section 1.3, "Overall Operation":

On the Internet, HTTP communication generally takes place over TCP/IP connections. The default port is TCP 80 [15], but other ports can be used. This does not preclude HTTP from being implemented on top of any other protocol on the Internet, or on other networks. HTTP only presumes a reliable transport; any protocol that provides such guarantees can be used, and the mapping of the HTTP/1.0 request and response structures onto the transport data units of the protocol in question is outside the scope of this specification.

So, if you can implement a reliable transport over UDP then you can use HTTP. Of course, at that point you may as well use TCP instead of abusing datagrams.

Ignacio Vazquez-Abrams
The reason I ask is that I was wondering that if I can actually use UDP on http/1.0 which dosn't keep connections alive, I could potentially attack HTTP servers that attempt to reply to such packets. Also, there would be no way to deterimne the true IP of the requester.So, do you know if HTTP servers usually expect the socket to be a TCP socket or alternatively, do system administrators permit ONLY TCP connections to their httpd.
dhruvbird
The call to `socket(2)` allows you to specify which protocol to listen for. Since HTTP is only defined over reliable transports, and TCP provides said reliable transport intrinsically, there is no need to use anything other than `SOCK_STREAM`.
Ignacio Vazquez-Abrams