On Tue, Apr 19, 2016 at 8:47 AM, Michael Kaufmann
<[email protected]> wrote:
I think that this is wrong, because of this sentence in RFC 7540:
A server MUST ignore an "h2" token in an Upgrade header field. Presence of
a token with "h2" implies HTTP/2 over TLS, which is instead negotiated as
described in Section 3.3.
Isn't that referring to inbound Upgrade headers?
Yes, you are right. But with the response header "Upgrade: h2", Apache
is telling the client "you may send such a header" when in fact this
is not allowed.
