/[suikacvs]/webroot/www/2004/id/draft-frystyk-http-extensions-02.txt
Suika

Contents of /webroot/www/2004/id/draft-frystyk-http-extensions-02.txt

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.1 - (show annotations) (download)
Tue Jun 15 08:04:03 2004 UTC (19 years, 11 months ago) by wakaba
Branch: MAIN
CVS Tags: HEAD
File MIME type: text/plain 
New
1
2
3
4
5
6
7
8 INTERNET-DRAFT HTTP Extensions H. Frystyk Nielsen, W3C
9 draft-frystyk-http-extensions-02 P. Leach, Microsoft
10 Scott Lawrence, Agranat Systems
11 Expires: Jul 20, 1999 Wed, Jan 20, 1999
12
13
14 HTTP Extension Framework
15
16
17 Status of this Document
18
19 This document is an Internet-Draft. Internet-Drafts are working
20 documents of the Internet Engineering Task Force (IETF), its areas,
21 and its working groups. Note that other groups may also distribute
22 working documents as Internet-Drafts. Internet-Drafts are draft
23 documents valid for a maximum of six months and may be updated,
24 replaced, or obsoleted by other documents at any time. It is
25 inappropriate to use Internet-Drafts as reference material or to cite
26 them other than as "work in progress".
27
28 To learn the current status of any Internet-Draft, please check the
29 "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow
30 Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe),
31 munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or
32 ftp.isi.edu (US West Coast).
33
34 Distribution of this document is unlimited. Please send comments to
35 the <ietf-http-ext@w3.org> mailing list. This list is archived at
36 "http://lists.w3.org/Archives/Public/ietf-http-ext/".
37
38
39 Abstract
40
41 A wide range of applications have proposed various extensions of the
42 HTTP protocol. Current efforts span an enormous range, including
43 distributed authoring, collaboration, printing, and remote procedure
44 call mechanisms. These HTTP extensions are not coordinated, since
45 there has been no standard framework for defining extensions and thus,
46 separation of concerns. This document describes a generic extension
47 mechanism for HTTP, which is designed to address the tension between
48 private agreement and public specification and to accommodate
49 extension of applications using HTTP clients, servers, and proxies.
50 The proposal associates each extension with a globally unique
51 identifier, and uses HTTP header fields to carry the extension
52 identifier and related information between the parties involved in the
53 extended communication.
54
55
56 Table of Contents
57
58 1. Introduction............................................... 2
59 2. Notational Conventions..................................... 3
60
61 Frystyk et al [Page 1]
62
63
64
65
66
67
68 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
69
70 3. Extension Declarations..................................... 3
71 3.1 Header Field Prefixes................................... 4
72 4. Extension Header Fields.................................... 5
73 4.1 End-to-End Extensions................................... 6
74 4.2 Hop-by-Hop Extensions................................... 6
75 4.3 Extension Response Header Fields........................ 7
76 5. Mandatory HTTP Requests.................................... 7
77 5.1 Fulfilling a Mandatory Request.......................... 9
78 6. Mandatory HTTP Responses.................................. 10
79 7. 510 Not Extended.......................................... 10
80 8. Publishing an Extension................................... 10
81 9. Caching Considerations.................................... 12
82 10. Security Considerations.................................. 12
83 11. References............................................... 12
84 12. Acknowledgements......................................... 13
85 13. Authors Addresses........................................ 13
86 14. Summary of Protocol Interactions......................... 13
87 15. Examples................................................. 14
88 15.1 User Agent to Origin Server............................ 15
89 15.2 User Agent to Origin Server via HTTP/1.1 Proxy......... 15
90 15.3 User Agent to Origin Server via HTTP/1.0 Proxy......... 16
91
92 1. Introduction
93
94 This proposal is designed to address the tension between private
95 agreement and public specification; and to accommodate dynamic
96 extension of HTTP clients and servers by software components. The kind
97 of extensions capable of being introduced range from:
98
99 o extending a single HTTP message;
100 o introducing new encodings;
101 o initiating HTTP-derived protocols for new applications; to...
102 o switching to protocols which, once initiated, run independent of
103 the original protocol stack.
104
105 The proposal is intended to be used as follows:
106
107 o Some party designs and specifies an extension; the party assigns
108 the extension a globally unique URI, and makes one or more
109 representations of the extension available at that address (see
110 section 8).
111 o An HTTP client or server that implements this extension mechanism
112 (hereafter called an agent) declares the use of the extension by
113 referencing its URI in an extension declaration in an HTTP
114 message (see section 3).
115 o The HTTP application which the extension declaration is intended
116 for (hereafter called the ultimate recipient) can deduce how to
117
118
119
120 Frystyk, et al [Page 2]
121
122
123
124
125
126
127 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
128
129 properly interpret the extended message based on the extension
130 declaration.
131
132 The proposal uses features in HTTP/1.1 but is compatible with HTTP/1.0
133 applications in such a way that extended applications can coexist with
134 existing HTTP applications. Applications implementing this proposal
135 MUST be based on HTTP/1.1 (or later versions of HTTP).
136
137
138 2. Notational Conventions
139
140 This specification uses the same notational conventions and basic
141 parsing constructs as RFC 2068 [5]. In particular the BNF constructs
142 "token", "quoted-string", "Request-Line", "field-name", and
143 "absoluteURI" in this document are to be interpreted as described in
144 RFC 2068 [5].
145
146 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
147 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
148 document are to be interpreted as described in RFC 2119 [6].
149
150 This proposal does not rely on particular features defined in URLs [8]
151 that cannot potentially be expressed using URNs (see section 8).
152 Therefore, the more generic term URI [8] is used throughout the
153 specification.
154
155
156 3. Extension Declarations
157
158 An extension declaration can be used to indicate that an extension has
159 been applied to a message and possibly to reserve a part of the header
160 namespace identified by a header field prefix (see 3.1). This section
161 defines the extension declaration itself; section 4 defines a set of
162 header fields using the extension declaration.
163
164 This specification does not define any ramifications of applying an
165 extension to a message nor whether two extensions can or cannot
166 logically coexist within the same message. It is simply a framework
167 for describing which extensions have been applied and what the
168 ultimate recipient either must or may do in order to properly
169 interpret any extension declarations within that message.
170
171 The grammar for an extension declaration is as follows:
172
173
174
175
176
177
178
179 Frystyk, et al [Page 3]
180
181
182
183
184
185
186 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
187
188 ext-decl = <"> ( absoluteURI | field-name ) <">
189 [ namespace ] [ decl-extensions ]
190
191 namespace = ";" "ns" "=" header-prefix
192 header-prefix = 2*DIGIT
193
194 decl-extensions = *( decl-ext )
195 decl-ext = ";" token [ "=" ( token | quoted-string ) ]
196
197 An extension is identified by an absolute, globally unique URI or a
198 field-name. A field-name MUST specify a header field uniquely defined
199 in an IETF Standards Track RFC [3]. A URI can unambiguously be
200 distinguished from a field-name by the presence of a colon (":").
201
202 The support for header field names as extension identifiers provides a
203 transition strategy from decentralized extensions to extensions
204 defined by IETF Standards Track RFCs until a mapping between the
205 globally unique URI space and features defined in IETF Standards Track
206 RFCs has been defined according to the guidelines described in section
207 8.
208
209 Examples of extension declarations are
210
211 "http://www.company.com/extension"; ns=11
212 "Range"
213
214 An agent MAY use the decl-extensions mechanism to include optional
215 extension declaration parameters but cannot assume these parameters to
216 be recognized by the recipient. An agent MUST NOT use decl-extensions
217 to pass extension instance data, which MAY be passed using header
218 field prefix values (see section 3.1). Unrecognized decl-ext
219 parameters SHOULD be ignored and MUST NOT be removed by proxies when
220 forwarding the extension declaration.
221
222
223 3.1 Header Field Prefixes
224
225 The header-prefix is a dynamically generated string. All header fields
226 in the message that match this string, using string prefix-matching,
227 belong to that extension declaration. Header field prefixes allow an
228 extension declaration to dynamically reserve a subspace of the header
229 space in a protocol message in order to prevent header field name
230 clashes and to allow multiple declarations using the same extension to
231 be applied to the same message without conflicting.
232
233 Header fields using a header-prefix are of the form:
234
235 prefixed-header = prefix-match field-name
236 prefix-match = header-prefix "-"
237
238
239 Frystyk, et al [Page 4]
240
241
242
243
244
245
246 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
247
248 Linear white space (LWS) MUST NOT be used between the header-prefix
249 and the dash ("-") or between the prefix-match and the field-name. The
250 string prefix matching algorithm is applied to the prefix-match
251 string.
252
253 The format of the prefix using a combination of digits and the dash
254 ("-") guarantees that no extension declaration can reserve the whole
255 header field name space. The header-prefix mechanism was preferred
256 over other solutions for exchanging extension instance parameters
257 because it is header based and therefore allows for easy integration
258 of new extensions with existing HTTP features.
259
260 Agents MUST NOT reuse header-prefix values in the same message unless
261 explicitly allowed by the extension (see section 4.1 for a discussion
262 of the ultimate recipient of an extension declaration).
263
264 Clients SHOULD be as consistent as possible when generating header-
265 prefix values as this facilitates use of the Vary header field in
266 responses that vary as a function of the request extension
267 declaration(s) (see [5], section 13.6).
268
269 Examples of header-prefix values are
270
271 12
272 15
273 23
274
275 Old applications may introduce header fields independent of this
276 extension mechanism, potentially conflicting with header fields
277 introduced by the prefix mechanism. In order to minimize this risk,
278 prefixes MUST contain at least 2 digits.
279
280
281 4. Extension Header Fields
282
283 This proposal introduces two types of extension declaration strength:
284 mandatory and optional, and two types of extension declaration scope:
285 hop-by-hop and end-to-end (see section 4.1 and 4.2).
286
287 A mandatory extension declaration indicates that the ultimate
288 recipient MUST consult and adhere to the rules given by the extension
289 when processing the message or reporting an error (see section 5 and
290 7).
291
292 An optional extension declaration indicates that the ultimate
293 recipient of the extension MAY consult and adhere to the rules given
294 by the extension when processing the message, or ignore the extension
295 declaration completely. An agent may not be able to distinguish
296
297
298 Frystyk, et al [Page 5]
299
300
301
302
303
304
305 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
306
307 whether the ultimate recipient does not understand an extension
308 referred to by an optional extension or simply ignores the extension
309 declaration.
310
311 The combination of the declaration strength and scope defines a 2x2
312 matrix which is distinguished by four new general HTTP header fields:
313 Man, Opt, C-Man, and C-Opt. (See sections 4.1 and 4.2; also see
314 appendix 14, which has a table of interactions with origin servers and
315 proxies.)
316
317 The header fields are general header fields as they describe which
318 extensions actually are applied to an HTTP message. Optional
319 declarations MAY be applied to any HTTP message without any change to
320 existing HTTP semantics (see section 5 for how to apply mandatory
321 extension declarations to requests and section 6 for how to apply them
322 to responses).
323
324
325 4.1 End-to-End Extensions
326
327 End-to-end declarations MUST be transmitted to the ultimate recipient
328 of the declaration. The Man and the Opt general header fields are end-
329 to-end header fields and are defined as follows:
330
331 mandatory = "Man" ":" 1#ext-decl
332 optional = "Opt" ":" 1#ext-decl
333
334 For example
335
336 HTTP/1.1 200 OK
337 Content-Length: 421
338 Opt: "http://www.digest.org/Digest"; ns=15
339 15-digest: "snfksjgor2tsajkt52"
340 ...
341
342 The ultimate recipient of a mandatory end-to-end extension declaration
343 MUST handle that extension declaration as described in section 5 and
344 6.
345
346
347 4.2 Hop-by-Hop Extensions
348
349 Hop-by-hop extension declarations are meaningful only for a single
350 HTTP connection. In HTTP/1.1, C-Man, C-Opt and all header fields with
351 matching header-prefix values defined by C-Man and C-Opt MUST be
352 protected by a Connection header field. That is, these header fields
353 are to be included as Connection header field directives (see [5],
354 section 14.10). The two header fields have the following grammar:
355
356 c-mandatory = "C-Man" ":" 1#ext-decl
357 c-optional = "C-Opt" ":" 1#ext-decl
358
359 Frystyk, et al [Page 6]
360
361
362
363
364
365
366 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
367
368 For example
369
370 M-GET / HTTP/1.1
371 Host: some.host
372 C-Man: "http://www.digest.org/ProxyAuth"; ns=14
373 14-Credentials="g5gj262jdw@4df"
374 Connection: C-Man, 14-Credentials
375
376 The ultimate recipient of a mandatory hop-by-hop extension declaration
377 MUST handle that extension declaration as described in section 5 and
378 6.
379
380
381 4.3 Extension Response Header Fields
382
383 Two extension response header fields are used to indicate that a
384 request containing mandatory extension declarations has been fulfilled
385 by the ultimate recipient as described in section 5.1. The extension
386 response header fields are exclusively intended to serve as extension
387 acknowledgements and can not carry any other information.
388
389 The Ext header field is used to indicate that all end-to-end mandatory
390 extension declarations in the request were fulfilled:
391
392
393 ext = "Ext" ":"
394
395 The C-Ext response header field is used to indicate that all hop-by-
396 hop mandatory extension declarations in the request were fulfilled.
397
398 c-ext = "C-Ext" ":"
399
400 In HTTP/1.1, the C-Ext header fields MUST be protected by a Connection
401 header (see [5], section 14.10).
402
403 The Ext and the C-Ext header fields are not mutually exclusive; they
404 can both occur within the same message as described in section 5.1.
405
406
407 5. Mandatory HTTP Requests
408
409 An HTTP request is called a mandatory request if it includes at least
410 one mandatory extension declaration (using the Man or the C-Man header
411 fields). The method name of a mandatory request MUST be prefixed by
412 "M-". For example, a client might express the binding rights-
413 management constraints in an HTTP PUT request as follows:
414
415
416
417
418
419
420 Frystyk, et al [Page 7]
421
422
423
424
425
426
427 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
428
429 M-PUT /a-resource HTTP/1.1
430 Man: "http://www.copyright.org/rights-management"; ns=16
431 16-copyright: http://www.copyright.org/COPYRIGHT.html
432 16-contributions: http://www.copyright.org/PATCHES.html
433 Host: www.w3.org
434 Content-Length: 1203
435 Content-Type: text/html
436
437 <!doctype html ...
438
439 An ultimate recipient conforming to this specification receiving a
440 mandatory request MUST process the request by performing the following
441 actions in the order listed below:
442
443 1. Identify all mandatory extension declarations (both hop-by-hop
444 and end-to-end); the server MAY ignore optional declarations
445 without affecting the result of processing the HTTP message;
446 2. Examine all extensions identified in 1) and determine if they
447 are supported for this message. If not, respond with a 510 (Not
448 Extended) status-code (see section 7);
449 3. If 2) did not result in a 510 (Not Extended) status code, then
450 strip the "M-" prefix from the method name and process the
451 remainder of the request according to the semantics of the
452 extensions and of the existing HTTP method name as defined in
453 HTTP/1.1 [5] or later versions of HTTP.
454 4. If the evaluation in 3) was successful and the mandatory
455 request fulfilled, the server MUST respond as defined in
456 section 5.1. A server MUST NOT fulfill a request without
457 understanding and obeying all mandatory extension
458 declaration(s) in a request.
459
460 A proxy that does not act as the ultimate recipient of a mandatory
461 extension declaration MUST NOT remove the extension declaration or the
462 "M-" method name prefix when forwarding the message. HTTP proxies that
463 do not understand the "M-" method name prefix SHOULD return 501 (Not
464 Implemented) or turn themselves into a tunnel (see [5]) in which case
465 they do not take any part in the communication.
466
467 A server receiving an HTTP/1.0 (or earlier versions of HTTP) message
468 that includes a Connection header MUST, for each connection-token in
469 this field, remove and ignore any header field(s) from the message
470 with the same name as the connection-token.
471
472 A server receiving a mandatory request including the "M-" method name
473 prefix without any mandatory extension declarations to follow MUST
474 return a 510 (Not Extended) response.
475
476
477
478 Frystyk, et al [Page 8]
479
480
481
482
483
484
485 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
486
487 The "M-" prefix is reserved by this proposal and MUST NOT be used by
488 other HTTP extensions.
489
490
491 5.1 Fulfilling a Mandatory Request
492
493 A server MUST NOT claim to have fulfilled any mandatory request unless
494 it understood and obeyed all the mandatory extension declarations in
495 the request. This section defines a mechanism for conveying this
496 information to the client in such a way that it interoperates with
497 existing HTTP applications and prevents broken servers from giving the
498 false impression that an extended request was fulfilled by responding
499 with a 200 (Ok) response without understanding the method.
500
501 If any end-to-end mandatory extension declarations were among the
502 fulfilled extensions then the server MUST include an Ext response
503 header field in the response. In order to avoid that the Ext header
504 field inadvertently is cached in an HTTP/1.1 cache, the response MUST
505 contain a no-cache cache-control directive. If the response is
506 otherwise cachable, the no-cache cache-control directive SHOULD be
507 limited to only affect the Ext header field:
508
509 HTTP/1.1 200 OK
510 Ext:
511 Cache-Control: no-cache="Ext"
512 ...
513
514 If the mandatory request has been forwarded by an HTTP/1.0
515 intermediary proxy then this is indicated either directly in the
516 Request-Line or by the presence of an HTTP/1.1 Via header field. In
517 this case, the server MUST include an Expires header field with a date
518 equal to or earlier than the value of the Date header field. If the
519 response is otherwise cachable by HTTP/1.1 caches, the server SHOULD
520 include an appropriate max-age cache-control directive:
521
522 HTTP/1.1 200 OK
523 Date: Sun, 25 Oct 1998 08:12:31 GMT
524 Expires: Sun, 25 Oct 1998 08:12:31 GMT
525 Ext:
526 Cache-Control: no-cache="Ext", max-age=3600
527 ...
528
529 If any hop-by-hop mandatory extension declarations were among the
530 fulfilled extensions then the server MUST include a C-Ext response
531 header field in the response. The C-Ext header field MUST be protected
532 by a Connection header field (see [5], section 14.10).
533
534 HTTP/1.1 200 OK
535 C-Ext:
536 Connection: C-Ext
537
538 Frystyk, et al [Page 9]
539
540
541
542
543
544
545 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
546
547 Note, that the Ext and C-Ext header fields are not mutually exclusive;
548 they can be both be present in a response when fulfilling mandatory
549 request containing both hop-by-hop as well as end-to-end mandatory
550 extension declarations.
551
552
553 6. Mandatory HTTP Responses
554
555 A server MUST NOT include mandatory extension declarations in an HTTP
556 response unless it is responding to a mandatory HTTP request whose
557 definition allowed for the mandatory response or the server has some a
558 priori knowledge that the recipient can handle the extended response.
559 A server MAY include optional extension declarations in any HTTP
560 response (see section 4).
561
562 If a client is the ultimate recipient of a mandatory HTTP response
563 containing mandatory extension declarations that either the client
564 does not understand or does not want to use, then it SHOULD discard
565 the complete response as if it were a 500 (Internal Server Error)
566 response.
567
568
569 7. 510 Not Extended
570
571 The policy for accessing the resource has not been met in the request.
572 The server SHOULD send back all the information necessary for the
573 client to issue an extended request. It is outside the scope of this
574 specification to specify how the extensions inform the client.
575
576 If the 510 response contains information about extensions that were
577 not present in the initial request then the client MAY repeat the
578 request if it has reason to believe it can fulfill the extension
579 policy by modifying the request according to the information provided
580 in the 510 response. Otherwise the client MAY present any entity
581 included in the 510 response to the user, since that entity may
582 include relevant diagnostic information.
583
584
585 8. Publishing an Extension
586
587 While the protocol extension definition should be published at the
588 address of the extension identifier, this is not a requirement of this
589 specification. The only absolute requirement is that extension
590 identifiers MUST be globally unique identifiers and that distinct
591 names be used for distinct semantics.
592
593 Likewise, applications are not required to attempt resolving extension
594 identifiers included in an extension declaration. The only absolute
595 requirement is that an application MUST NOT claim conformance with an
596
597 Frystyk, et al [Page 10]
598
599
600
601
602
603
604 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
605
606 extension that it does not recognize regardless of whether it has
607 tried to resolve the extension identifier or not. This document does
608 not provide any policy for how long or how often an application may
609 attempt to resolve an extension identifier.
610
611 The association between the extension identifier and the specification
612 might be made by distributing a specification, which references the
613 extension identifier.
614
615 It is strongly recommended that the integrity and persistence of the
616 extension identifier be maintained and kept unquestioned throughout
617 the lifetime of the extension. Care should be taken not to distribute
618 conflicting specifications that reference the same name. Even when an
619 extension specification is made available at the address of the URI,
620 care must be taken that the specification made available at that
621 address does not change over time. One agent may associate the
622 identifier with the old semantics, and another might associate it with
623 the new semantics.
624
625 The extension definition may be made available in different
626 representations ranging from
627
628 o a human-readable specification defining the extension semantics
629 (see for example [7]),
630 o downloadable code which implements the semantics defined by the
631 extension,
632 o a formal interface description provided by the extension, to
633 o a machine-readable specification defining the extension
634 semantics.
635
636 For example, a software component that implements the specification
637 may reside at the same address as a human-readable specification
638 (distinguished by content negotiation). The human-readable
639 representation serves to document the extension and encourage
640 deployment, while the software component allows clients and servers to
641 be dynamically extended.
642
643
644 9. Caching Considerations
645
646 Use of extensions using the syntax defined by this document may have
647 additional implications on the cachability of HTTP response messages
648 other than the ones described in section 5.1.
649
650 The originator of an extended message should be able to determine from
651 the semantics of the extension whether or not the extension's presence
652 impacts the cachability of the response message. If an extension does
653 change the default cachability of the response, the originator MUST
654
655
656 Frystyk, et al [Page 11]
657
658
659
660
661
662
663 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
664
665 include a Cache-Control header field containing the cache directives
666 corresponding to the desired result of the extended semantics.
667
668
669 10. Security Considerations
670
671 Dynamic installation of extension facilities as described in the
672 introduction involves software written by one party (the provider of
673 the implementation) to be executed under the authority of another (the
674 party operating the host software). This opens the host party to a
675 variety of "Trojan horse" attacks by the provider, or a malicious
676 third party that forges implementations under a provider's name. See,
677 for example RFC2046 [4], section 4.5.2 for a discussion of these
678 risks.
679
680
681 11. References
682
683 [1] D. H. Crocker. "Standard for the Format of ARPA Internet Text
684 Messages", STD 11, RFC 822, UDEL, August 1982
685 [2] T. Berners-Lee, R. Fielding, H. Frystyk, "Hypertext Transfer
686 Protocol -- HTTP/1.0", RFC 1945, W3C/MIT, UC Irvine, W3C/MIT, May
687 1996.
688 [3] S. Bradner, "The Internet Standards Process -- Revision 3", RFC
689 2026, Harvard University, October 1996
690 [4] N. Freed, N. Borenstein, "Multipurpose Internet Mail Extensions
691 (MIME) Part Two: Media Types", RFC 2046, Innosoft, First Virtual,
692 November 1996.
693 [5] R. Fielding, J. Gettys, J. C. Mogul, H. Frystyk, T. Berners-Lee,
694 "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2068, U.C. Irvine,
695 DEC W3C/MIT, DEC, W3C/MIT, W3C/MIT, January 1997
696 [6] S. Bradner, "Key words for use in RFCs to Indicate Requirement
697 Levels", RFC 2119, Harvard University, March 1997
698 [7] L. Masinter, "Hyper Text Coffee Pot Control Protocol
699 (HTCPCP/1.0)", RFC 2324, Xerox PARC, 1 April 1998
700 [8] T. Berners-Lee, R. Fielding, L. Masinter, "Uniform Resource
701 Identifiers (URI): Generic Syntax", RFC 2396, August 12, 1998
702 [9] H. F. Nielsen, D. Connolly, R. Khare, "PEP - an extension
703 mechanism for HTTP", draft-http-pep-05.txt, November 21, 1997.
704 This work has expired
705
706 12. Acknowledgements
707
708 Roy Fielding, Rohit Khare, and Yaron Y. Goland deserve special
709 recognition for their efforts in commenting in all phases of this
710 specification. Also thanks to Josh Cohen, Ross Patterson, Jim Gettys,
711 Larry Masinter, and to the people involved in PEP [9].
712
713
714
715 Frystyk, et al [Page 12]
716
717
718
719
720
721
722 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
723
724 The contribution of World Wide Web Consortium (W3C) staff is part of
725 the W3C HTTP Activity (see "http://www.w3.org/Protocols/Activity").
726
727
728 13. Authors Addresses
729
730 Henrik Frystyk Nielsen
731 Technical Staff, World Wide Web Consortium
732 MIT Laboratory for Computer Science
733 545 Technology Square
734 Cambridge, MA 02139, USA
735 Email: frystyk@w3.org
736
737 Paul J. Leach
738 Microsoft Corporation
739 1 Microsoft Way
740 Redmond, WA 98052, USA
741 Email: paulle@microsoft.com
742
743 Scott Lawrence
744 Agranat Systems, Inc.
745 1345 Main Street
746 Waltham, MA 02154, USA
747 Email: lawrence@agranat.com
748
749
750 Appendices
751
752
753 14. Summary of Protocol Interactions
754
755 The following tables summarize the outcome of strength and scope rules
756 of the mandatory proposal of compliant and non-compliant HTTP proxies
757 and origin servers. The summary is intended as a guide and index to
758 the text, but is necessarily cryptic and incomplete. This summary
759 should never be used or referenced separately from the complete
760 specification.
761
762
763
764
765
766
767
768
769
770
771
772
773
774 Frystyk, et al [Page 13]
775
776
777
778
779
780
781 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
782
783 Table 1: Origin Server
784
785 Scope Hop-by-hop End-to-end
786
787 Strength Optional Required Optional Required
788 (may) (must) (may) (must)
789
790 Mandatory Standard 501 (Not Standard 501 (Not
791 unsupported processing Implemented)processing Implemented)
792
793 Extension Standard 510 (Not Standard 510 (Not
794 unsupported processing Extended) processing Extended)
795
796 Extension Extended Extended Extended Extended
797 supported processing processing processing processing
798
799
800
801
802 Table 2: Proxy Server
803
804 Scope Hop-by-hop End-to-end
805
806 Strength Optional Required Optional Required
807 (may) (must) (may) (must)
808
809 Mandatory Strip 501 (Not Forward 501 (Not
810 unsupported extension Implemented)extension Implemented)
811 or tunnel or tunnel
812
813 Extension Strip 510 (Not Forward Forward
814 unsupported extension Extended) extension extension
815
816 Extension Extended Extended Extended Extended
817 supported processing processing processing, processing,
818 and strip and strip may strip may strip
819
820
821 15. Examples
822
823 The following examples show various scenarios using mandatory in
824 HTTP/1.1 requests and responses. Information not essential for
825 illustrating the examples is left out (referred to as "...")
826
827
828
829
830
831
832
833
834
835
836
837
838 Frystyk, et al [Page 14]
839
840
841
842
843
844
845 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
846
847 15.1 User Agent to Origin Server
848
849
850 Table 3: User Agent directly to origin server
851
852 Client issues a M-GET /some-document HTTP/1.1
853 request with one Opt: "http://www.my.com/tracking"
854 optional and one Man: "http://www.foo.com/privacy"
855 mandatory ...
856 extension
857
858 Origin server HTTP/1.1 200 OK
859 accepts the Ext:
860 mandatory Cache-Control: max-age=120, no-cache="Ext"
861 extension but ...
862 ignores the
863 optional one. The
864 client can not see
865 in this case that
866 the optional
867 extension was
868 ignored.
869
870
871 Table 4: Origin server with Vary header field
872
873 Client issues a M-GET /p/q HTTP/1.1
874 request with one Man: "http://www.x.y/transform"; ns=16
875 mandatory 16-use-transform: xyzzy
876 extension ...
877
878 Origin server HTTP/1.1 200 OK
879 accepts the Ext:
880 mandatory but Vary: Man
881 indicates that the Date: Sun, 25 Oct 1998 08:12:31 GMT
882 response varies on Expires: Sun, 25 Oct 1998 08:12:31 GMT
883 the request Cache-Control: no-cache="Ext", max-
884 extension age=100000
885 declaration ...
886
887
888 15.2 User Agent to Origin Server via HTTP/1.1 Proxy
889
890 These two examples show how an extended request interacts with an
891 HTTP/1.1 proxy.
892
893
894
895
896
897
898
899
900 Frystyk, et al [Page 15]
901
902
903
904
905
906
907 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
908
909 Table 5: HTTP/1.1 Proxy forwards extended request
910
911 Client issues a M-GET /some-document HTTP/1.1
912 request with one C-Opt: "http://www.meter.org/hits"
913 optional and one C-Man: "http://www.copy.org/rights"
914 mandatory hop-by- Connection: C-Opt, C-Man
915 hop extension ...
916
917 HTTP/1.1 proxy M-GET /some-document HTTP/1.1
918 forwards the Via: 1.1 new
919 request and takes ...
920 out the connection
921 headers
922
923 Origin server HTTP/1.1 510 Not Extended
924 fails as the ...
925 request does not
926 contain any
927 information
928 belonging to the
929 M-GET method
930
931
932 Table 6: HTTP/1.1 Proxy does not forward extended request
933
934 Client issues a M-GET /some-document HTTP/1.1
935 request with one C-Opt: "http://www.meter.org/hits"
936 optional and one C-Man: "http://www.copy.org/rights"
937 mandatory hop-by- Connection: C-Opt, C-Man
938 hop extension ...
939
940 HTTP/1.1 proxy HTTP/1.1 501 Not Implemented
941 refuses to forward ...
942 the M-GET method
943 and returns an
944 error
945
946 Origin server
947 never sees the
948 extended request
949
950
951 15.3 User Agent to Origin Server via HTTP/1.0 Proxy
952
953 These two examples show how an extended request interacts with an
954 HTTP/1.0 proxy in the message path
955
956
957
958
959
960
961
962 Frystyk, et al [Page 16]
963
964
965
966
967
968
969 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
970
971 Table 7: HTTP/1.0 Proxy forwards extended request
972
973 Client issues a M-GET /some-document HTTP/1.1
974 request with one Man: "http://www.price.com/sale"
975 mandatory ...
976 extension
977
978 HTTP/1.0 proxy M-GET /some-document HTTP/1.0
979 forwards the Man: "http://www.price.com/sale"
980 request as a ...
981 HTTP/1.0 request
982 without changing
983 the method
984
985 Origin server HTTP/1.1 200 OK
986 accepts Ext:
987 declaration and Date: Sun, 25 Oct 1998 08:12:31 GMT
988 returns a 200 Expires: Sun, 25 Oct 1998 08:12:31 GMT
989 response and an Cache-Control: no-cache="Ext", max-age=600
990 extension ...
991 acknowledgement.
992 The response can
993 be cached by
994 HTTP/1.1 caches
995 for 10 minutes.
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021 Frystyk, et al [Page 17]
1022
1023
1024
1025
1026
1027
1028 INTERNET-DRAFT HTTP Extensions Wed, Jan 20, 1999
1029
1030 Table 8: HTTP/1.0 and HTTP/1.1 Proxy Chain
1031
1032 Client issues a M-GET /some-document HTTP/1.1
1033 request with one Man: "http://www.copy.org/rights"
1034 mandatory and one C-Opt: "http://www.ads.org/noads"
1035 hop-by-hop Connection: C-Opt
1036 optional extension ...
1037
1038 HTTP/1.0 proxy M-GET /some-document HTTP/1.0
1039 forwards the Man: "http://www.copy.org/rights"
1040 request as C-Opt: "http://www.ads.org/noads"
1041 HTTP/1.0 request Connection: C-Man
1042 without changing ...
1043 the method and
1044 without honoring
1045 the Connection
1046 header field.
1047
1048 HTTP/1.1 proxy M-GET /some-document HTTP/1.1
1049 deletes (and Man: "http://www.copy.org/rights"
1050 ignores) the C-Man: "http://www.ads.org/givemeads"
1051 optional extension Connection: C-Man
1052 and forwards the Via: 1.0 new
1053 rest including a ...
1054 via header field.
1055 It also add it's
1056 own hop-by-hop
1057 mandatory
1058 extension
1059
1060 Origin server HTTP/1.1 200 OK
1061 accepts both Ext:
1062 mandatory C-Ext
1063 extensions. The Connection: C-Man
1064 response is not Date: Sun, 25 Oct 1998 08:12:31 GMT
1065 cachable by the Expires: Sun, 25 Oct 1998 08:12:31 GMT
1066 HTTP/1.0 cache but Cache-Control: no-cache="Ext", max-age=3600
1067 can be cached for ...
1068 1 hour by HTTP/1.1
1069 caches.
1070
1071 HTTP/1.1 proxy HTTP/1.1 200 OK
1072 removes the hop- Ext:
1073 by-hop extension Date: Sun, 25 Oct 1998 08:12:31 GMT
1074 acknowledgement Expires: Sun, 25 Oct 1998 08:12:31 GMT
1075 and forwards the Cache-Control: no-cache="Ext", max-age=3600
1076 remainder of the ...
1077 response.
1078
1079
1080
1081 Frystyk, et al [Page 18]
admin@suikawiki.org
 ViewVC Help
Powered by ViewVC 1.1.24