> -----Original Message-----
> From: Guy Harris [mailto:gharris@xxxxxxxxx]
[SNIP]
> I suspect the right answer is to put both the full request/reply line,
> and the relevant fields in that line (the version string, for
> protocols
> where one of the fields is a version string, might also be
> useful, e.g.
> to look for HTTP/1.0 or HTTP/1.1), into the protocol tree.
Absolutely!
> However, I'm not sure whether the right thing is to put the
> fields in at
> the same protocol tree level as the request/reply line, or to give the
> request/reply line a subtree and put those fields into that
> subtree, so
> that the top-level display shows the lines of the request or reply.
I'm in favor of a subtree. The interested parties can inspect
the "summary line" by expanding the subtree. Something like:
[-] GET http://www.ethereal.com/index.html HTTP/1.0
Request method: GET
Request URI: http://www.ethereal.com/index.html
Request version: 1.0
[-] HTTP/1.1 200 Yeah right
Response version: 1.1
Response code: 200 (OK)
Response text: Yeah right
You could then add a hidden "http.version" field which is the same as
http.request.version in requests, and http.response.version in responses.
And for the HTTP experts, if you want to be 100% sure of the request URI,
then we must parse the HTTP request headers as the Host request header
contains the WWW host part of the URI in HTTP/1.1 (and some HTTP/1.0
implementations). And we must then make the distinction between proxy
requests and direct requests... requiring Ethereal to parse the syntax of
both the request URI and the host header value.
Regards,
Olivier
