Nathaniel J. Smith

> Dealing with cookies is really messy Huh, apparently aiohttp actually implemented its own cookie jar code! It still uses some of the code from `http.cookies`, but they have an...

I figured out what's going on with the 401 handling in requests' auth code. If you're using digest authentication, then you *have* to do two requests: the first one gets...

> both requests and urllib3 have some code to strip auth headers from requests number 2-through-N (in some cases). This makes things a bit fragile, e.g. I think I noticed...

I realized Go's `net/http` package is also a good thing to look at, as a recent, heavily-used client that's gotten a lot of attention from HTTP experts. Here's some notes...

Some critique of Go's net/http: https://github.com/gorilla/http And [fasthttp](https://github.com/valyala/fasthttp) is mostly focused on speed, not ergonomics, but from their README: > * Compare [net/http connection hijacking](https://golang.org/pkg/net/http/#Hijacker) to [fasthttp connection hijacking](https://godoc.org/github.com/valyala/fasthttp#RequestCtx.Hijack). >...

Yeah, `OPTIONS *` is complicated. I opened #192 to collect more info on it.

So I think the main reason to consider supporting py2 is not in your list, and that's to ease adoption for projects that will be stuck supporting py2 indefinitely. I'm...

I realized I was really unclear on when it was safe to re-use session tickets, e.g. if TLS settings changed, so I asked around and got a pretty good answer:...

I guess something else to say explicitly here is: re-using a connection is also an example of state that gets shared between otherwise unrelated requests! Assuming we do go with...

[This started as a comment on https://github.com/python-trio/hip/pull/159 but then I realized that it was really a general discussion of session state rather than anything much to do with that design...