Safari does not support HTTP 421 response

Originator:aefimov.box
Number:rdar://FB9423132 Date Originated:29/07/2021
Status:Open Resolved:
Product:Safari Product Version:14.1.2 (16611.3.10.1.3)
Classification:TLS Reproducible:Always
 
This is description of problems:
https://serverfault.com/questions/977848/disable-http-2-connection-reuse-across-domains
https://serverfault.com/questions/916724/421-misdirected-request

Reproduce:
 - Setup two domains on same level: one.example.com, two.example.com. Both routed by one IP. Both must requires the same client certificate.
 - Go to https://one.example.com, must got 200 OK
 - Then go to https://two.example.com, must got 421 error
 - Refresh should not help
 - Reopening browser via Cmd+Q should help

Problem:
 - Safari reused one connection for both domains and failed

Whats need to be improved:
 - Safari should follow RFC recommendation and close existing connection or open new one after getting 421 error
 - Either Safari should close connection after 421 error to make refreshing page helpful without closing and reopening browser

AC:
 - Two domains on same IP and same domain level 2 with client certificate should work by automatically refresh (hidden from user) or by manual Cmd+R refresh of page.

Comments


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!