The ORIGIN Extension in HTTP/3
Akamai
mbishop@evequefou.be
Applications
HTTPbis
Internet-Draft
The ORIGIN frame for HTTP/2 is equally applicable to HTTP/3, but needs to be separately registered. This document describes the ORIGIN frame for HTTP/3.
Introduction
Existing RFCs define extensions to HTTP/2 which remain useful in HTTP/3. describes the required updates for HTTP/2 frames to be used with HTTP/3.
defines the HTTP/2 ORIGIN frame, which indicates what origins are available on a given connection. It defines a single HTTP/2 frame type.
The ORIGIN HTTP/3 Frame
The ORIGIN HTTP/3 frame allows a server to indicate what origin(s) () the server would like the client to consider as members of the Origin Set () for the connection within which it occurs.
Where HTTP/2 reserves Stream 0 for frames related to the state of the connection, HTTP/3 defines a pair of unidirectional streams called "control streams" for this purpose. Where indicates that the ORIGIN frame should be sent on Stream 0, this should be interpreted to mean the HTTP/3 control stream. The ORIGIN frame is sent from servers to clients on the server's control stream.
The layout and semantics of the frame payload are identical to those of the HTTP/2 frame defined in . The ORIGIN frame type is 0xc (decimal 12), as in HTTP/2.
Security Considerations
This document introduces no new security considerations beyond those discussed in and .
IANA Considerations
This document registers a frame type in the "HTTP/3 Frame Type" registry ().
Frame Type
Value
Specification
ORIGIN
0xc
HTTP/2
HTTP/3
The ORIGIN HTTP/2 Frame
The Web Origin Concept