/[suikacvs]/webroot/www/2004/id/draft-cohen-http-305-306-responses-00.txt
Suika

Contents of /webroot/www/2004/id/draft-cohen-http-305-306-responses-00.txt

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.1 - (hide annotations) (download)
Tue Jun 15 08:37:15 2004 UTC (20 years, 10 months ago) by wakaba
Branch: MAIN
CVS Tags: HEAD
File MIME type: text/plain 
New
1 wakaba 1.1
2    
3    
4    
5    
6    
7     HTTP Working Group Josh Cohen
8     Internet-Draft Netscape Communications Corp.
9     5 December 1996
10    
11     HTTP/1.1 305 and 306 Response Codes
12    
13     <draft-cohen-http-305-306-responses-00.txt>
14    
15     Status of this Memo
16    
17     This document is an Internet-Draft. Internet-Drafts are working
18     documents of the Internet Engineering Task Force (IETF), its areas,
19     and its working groups. Note that other groups may also distribute
20     working documents as Internet-Drafts.
21    
22     Internet-Drafts are draft documents valid for a maximum of six months
23     and may be updated, replaced, or obsoleted by other documents at any
24     time. It is inappropriate to use Internet- Drafts as reference
25     material or to cite them other than as ``work in progress.''
26    
27     To learn the current status of any Internet-Draft, please check the
28     ``1id-abstracts.txt'' listing contained in the Internet- Drafts
29     Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe),
30     munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or
31     ftp.isi.edu (US West Coast).
32    
33     Abstract
34    
35     The HTTP/1.1 RFC specifies a response code '305 Use Proxy' which is
36     intended to cause a client to retry the request using a specified
37     proxy server. This functionality is important, but underspecified in
38     the current spec. The spec does not specify for how long or which
39     URLs the redirect applies to, or how proxies can deal with or
40     generate similar responses. This draft proposes a specification for
41     both the 305 response and a new response, "306 Switch Proxy".
42    
43    
44    
45    
46    
47    
48    
49    
50    
51    
52    
53    
54    
55    
56    
57    
58     J. Cohen HTTP/1.1 305 and 306 Response Codes [Page 1]
59    
60    
61    
62    
63    
64     INTERNET-DRAFT 5 December 1996
65    
66    
67     Summary
68    
69     1.0 Response Codes
70    
71     1.1 305 Use Proxy
72     1.2 306 Switch Proxy
73     1.3 506 Redirection Failed
74    
75     2.0 Headers
76    
77     2.1 Set-proxy:
78     2.2 Location:
79    
80     3.0 Methods
81    
82     3.1 OPTIONS
83    
84     4.0 Operational Constraints
85    
86     5.0 Notes
87    
88    
89     1.0 Response Codes
90    
91     1.1 305 Use Proxy
92    
93     The 305 is generated by an origin server to indicate that the client,
94     or proxy, should use a proxy to access the requested resource.
95    
96     The request SHOULD be accompanied by a 'Set-proxy' response header
97     indicating what proxy is to be used. The client will parse the 'Set-
98     proxy' header as defined below to decide how long, for what URLs it
99     should use the specified proxy.
100    
101     If the 305 response is not accompanied by a 'Set-proxy' header, it
102     MUST be accompanied by a 'Location' header. The 'Location' header
103     will specify a URL to the proxy.
104    
105     If both headers are present in the response, the client SHOULD use
106     the 'Set-proxy' header only.
107    
108     1.2 306 Switch Proxy
109    
110     The 306 response is generated by a proxy server to indicate that the
111     client or proxy should use the information in the accompanying 'Set-
112     proxy' header to choose a proxy for subsequent requests.
113    
114     The 306 response code MUST be accompanied by the 'Set-proxy' response
115    
116    
117    
118     J. Cohen HTTP/1.1 305 and 306 Response Codes [Page 2]
119    
120    
121    
122    
123    
124     INTERNET-DRAFT 5 December 1996
125    
126    
127     header. The client or proxy will parse the 'Set-proxy' header to
128     determine which proxy to use, how long to use it, and for which URLs
129     to use it.
130    
131     1.3 506 Redirection Failed
132    
133     The 506 response is returned when a redirection fails or is refused
134     by a proxy or client. If the redirection response included a body,
135     then it SHOULD be included in the 506 response.
136    
137     2.0 Headers
138    
139     2.1 'Set-proxy' Response Header
140    
141     The 'Set-proxy' header is defined as:
142    
143     Set-proxy: "Set-proxy" ":" 1(
144     action #(parameters)
145     )
146    
147     parameters = #( ( "scope" "=" scopePattern ) |
148     ( proxyURI "=" URI ) |
149     lifetime )
150    
151     lifetime = ( "seconds" "=" integer )
152     | ( "hits" "=" integer )
153    
154     action = ( "DIRECT"
155     | "IPL"
156     | "SET" )
157     ) ";"
158    
159     scopePattern = "*" | "-" | URIpattern
160    
161     An example header:
162     Set-proxy: SET ; proxyURI = "http://proxy.me.com:8080/",
163     scope="http://", seconds=5
164    
165     action
166    
167     The first item, "action" specifies the type or mode of the change.
168     Possible modes are:
169    
170    
171     DIRECT
172     Attempt to connect directly, with no proxy
173    
174    
175    
176    
177    
178     J. Cohen HTTP/1.1 305 and 306 Response Codes [Page 3]
179    
180    
181    
182    
183    
184     INTERNET-DRAFT 5 December 1996
185    
186    
187     IPL
188     Initial Program Load, the client or proxy should attempt to revert
189     back to its default or initial proxy setting. This is meant to
190     instruct a client to re-fetch its proxy configuration, or PAC file.
191     When set, the accompanying scope field MUST be "*" A client receiv-
192     ing this response SHOULD prompt the user for confirmation.
193    
194    
195     If accompanied by a 'proxyURI' parameter, a proxy or client MAY use
196     the value as a URL containing a configuration to retrieve. If a
197     client does so, it MUST prompt the user for confirmation.
198    
199    
200     SET
201     Set to parameter "proxyURI". The client should use the URL speci-
202     fied for "proxyURI" as the proxy. If the SET mode is specified, the
203     parameter, "proxyURI", MUST be present.
204    
205     Scope
206    
207     Scope refers to a URI prefix pattern that specifies which URIs are
208     subject to this header setting. URIs should be matched against the
209     scope with this rule :
210    
211     The scope "*" means all requests
212     The scope "-" means this EXACT URL ONLY
213    
214     Otherwise, the URL is compared with the scope after it is:
215    
216    
217     * truncated to the length of the scope
218    
219    
220     * domain names are set in reverse order.
221    
222     For example:
223    
224     scope = "http://com.foo.www/services/"
225    
226     URL "http://www.foo.com/services/express/2day.html"
227     transformed: "http://com.foo.www/services/express/" (MATCH)
228    
229     Another example:
230    
231     scope = "http://com.ups/" URL "http://www.ups.com/" (MATCH)
232     URL "http://www.fedex.com/" (FAIL)
233    
234    
235    
236    
237    
238     J. Cohen HTTP/1.1 305 and 306 Response Codes [Page 4]
239    
240    
241    
242    
243    
244     INTERNET-DRAFT 5 December 1996
245    
246    
247     The lifetime parameter specifies how long the specified proxy
248     should be used. If lifetime is specified as "seconds" then the
249     proxy setting remains in effect for 'integer' seconds. If lifetime
250     is specified in 'hits' then the proxy setting remains in effect for
251     'integer' transactions.
252    
253     2.2 Location Header
254    
255    
256     In the original HTTP/1.1 spec, the 'Location' header was used to
257     indicate the proxy setting. Its use is DEPRECATED by the 'Set-
258     proxy' header in the context of a 305 response. All new implementa-
259     tions MUST send the Set-proxy header. Implementations MAY send the
260     'Location' header so as to allow backward compatibility.
261    
262    
263     If the 'Location' header is specified, it should contain a URI of
264     the proxy. If the Set-proxy header is not specified, the client
265     should use this proxy for just one request, and only for the origi-
266     nally requested exact URL.
267    
268     3.0 Methods
269    
270    
271     A client or proxy receiving a 305 or 306, should use the OPTIONS
272     method to determine if the server or proxy it is talking to actu-
273     ally is an HTTP/1.1 server supporting 305 and 306 responses.
274    
275    
276    
277    
278    
279    
280    
281    
282    
283    
284    
285    
286    
287    
288    
289    
290    
291    
292    
293    
294    
295    
296    
297    
298     J. Cohen HTTP/1.1 305 and 306 Response Codes [Page 5]
299    
300    
301    
302    
303    
304     INTERNET-DRAFT 5 December 1996
305    
306    
307     4.0 Operational Constraints
308    
309    
310     * Both the 305 and 306 response codes are HOP by HOP. A proxy server
311     MUST not forward a 305 or 306 respose code (unless it generated the
312     306).
313    
314    
315     * A webserver MUST NOT send a 306 response under any circumstances
316    
317    
318     * A proxy server MUST NOT generate a 305 response.
319    
320    
321     * A client or proxy SHOULD NOT accept a 306 from a proxy that it
322     learned of via a 305 response code.
323    
324    
325     * A client or proxy MAY maintain state and allow a lifetime to extend
326     beyond a session or restart.
327    
328    
329     * A 'Set-proxy: IPL' SHOULD override any previous 'Set-proxy' header.
330    
331    
332     * A 305 or 306 response MAY contain a body containing an explanation
333     of the redirect for clients which do not understand the redirect
334    
335    
336     * In the absence of any parameter, the following defaults should be
337     used:
338    
339     lifetime = this transaction only
340     scope = this exact URL only
341    
342    
343     * When receiving a 305 response, the client or proxy will enforce the
344     following rule with respect to the scope.
345    
346     The scope specified must be more restrictive than the transformed
347     URL in question.
348    
349     Example: (in order of restrictiveness)
350    
351     http://com.ups.www/services/express/1day.html ( most restrictive)
352     http://com.ups.www/ (all requests for only www.ups.com )
353     http://com.ups ( all requests for ups.com )
354     http:// ( for all http requests )
355    
356    
357    
358     J. Cohen HTTP/1.1 305 and 306 Response Codes [Page 6]
359    
360    
361    
362    
363    
364     INTERNET-DRAFT 5 December 1996
365    
366    
367     * ( all requests )
368    
369     If the scope returned with a 305 response is less restrictive than
370     the requested URL, the client MUST prompt the user for confirmation
371     before accepting the new proxy setting.
372    
373    
374     * Since HTTP/1.0 proxies may unknowingly forward a 305 or 306
375     response code that was generated maliciously or in good faith, the
376     client must attempt to ascertain if the proxy with which it is
377     directly communicating is HTTP/1.1 and if it supports the 'Set-
378     proxy' header. To determine this, the client or proxy should use
379     the OPTIONS method to make a request check for this feature.
380    
381    
382     Security Considerations
383    
384     Great care should be taken when implementing client side actions
385     based on the 305 or 306. Since older proxies may unknowingly for-
386     ward either of these reponses, clients should be prepared to check
387     the validity.
388    
389    
390     * Please read the section 'Operational Constraints'
391    
392    
393     * A client or proxy MUST NOT accept a 305 response from a proxy.
394    
395    
396     * A client or proxy MUST NOT accept a 306 response from an origin
397     server.
398    
399    
400     * When receiving a 306 response from a proxy, the client MUST verify
401     that the proxy supports the 306 response with a METHODS request.
402    
403     5.0 Notes
404    
405     Further specification is needed to define exactly how to use
406     METHODs, or another mechanism to determin if set-proxy is sup-
407     ported.
408    
409     Author's Address
410    
411     Josh Cohen
412     Netscape Communications Corporation
413     501 E. Middlefield Rd
414     Mountain View, CA 94043
415    
416    
417    
418     J. Cohen HTTP/1.1 305 and 306 Response Codes [Page 7]
419    
420    
421    
422    
423    
424     INTERNET-DRAFT 5 December 1996
425    
426    
427     Phone (415) 937-4157
428     EMail: josh@netscape.com
429    
430    
431    
432    
433    
434    
435    
436    
437    
438    
439    
440    
441    
442    
443    
444    
445    
446    
447    
448    
449    
450    
451    
452    
453    
454    
455    
456    
457    
458    
459    
460    
461    
462    
463    
464    
465    
466    
467    
468    
469    
470    
471    
472    
473    
474    
475    
476    
477    
478     J. Cohen HTTP/1.1 305 and 306 Response Codes [Page 8]
479    
480    
admin@suikawiki.org
 ViewVC Help
Powered by ViewVC 1.1.24