| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
INTERNET-DRAFT Mandatory H. Frystyk Nielsen, W3C |
| 7 |
draft-ietf-http-ext-mandatory-00 P. Leach, Microsoft |
| 8 |
Scott Lawrence, Agranat Systems |
| 9 |
Expires: August 13, 1998 Friday, March 13, 1998 |
| 10 |
|
| 11 |
Mandatory Extensions in HTTP |
| 12 |
|
| 13 |
|
| 14 |
Status of this Document |
| 15 |
|
| 16 |
This document is an Internet-Draft. Internet-Drafts are working |
| 17 |
documents of the Internet Engineering Task Force (IETF), its areas, |
| 18 |
and its working groups. Note that other groups may also distribute |
| 19 |
working documents as Internet-Drafts. Internet-Drafts are draft |
| 20 |
documents valid for a maximum of six months and may be updated, |
| 21 |
replaced, or obsoleted by other documents at any time. It is |
| 22 |
inappropriate to use Internet-Drafts as reference material or to cite |
| 23 |
them other than as "work in progress". |
| 24 |
|
| 25 |
To learn the current status of any Internet-Draft, please check the |
| 26 |
"1id-abstracts.txt" listing contained in the Internet-Drafts Shadow |
| 27 |
Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), |
| 28 |
munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or |
| 29 |
ftp.isi.edu (US West Coast). |
| 30 |
|
| 31 |
Distribution of this document is unlimited. Please send comments to |
| 32 |
the <ietf-http-ext@w3.org> mailing list. This list is archived at |
| 33 |
"http://lists.w3.org/Archives/Public/ietf-http-ext/". |
| 34 |
|
| 35 |
The contribution of World Wide Web Consortium (W3C) staff is part of |
| 36 |
the W3C HTTP Activity (see "http://www.w3.org/Protocols/Activity"). |
| 37 |
|
| 38 |
|
| 39 |
Abstract |
| 40 |
|
| 41 |
HTTP is used increasingly in applications that need more facilities |
| 42 |
than the standard version of the protocol provides, ranging from |
| 43 |
distributed authoring, collaboration, and printing, to various remote |
| 44 |
procedure call mechanisms. This document proposes the use of a |
| 45 |
mandatory extension mechanism designed to address the tension between |
| 46 |
private agreement and public specification and to accommodate |
| 47 |
extension of applications such as HTTP clients, servers, and proxies. |
| 48 |
The proposal associates each extension with a URI[2], and use a few |
| 49 |
new RFC 822[1] style header fields to carry the extension identifier |
| 50 |
and related information between the parties involved in an extended |
| 51 |
transaction. |
| 52 |
|
| 53 |
|
| 54 |
Table of Contents |
| 55 |
|
| 56 |
1. Introduction.....................................................2 |
| 57 |
2. Notational Conventions...........................................2 |
| 58 |
3. Extension Declarations...........................................3 |
| 59 |
3.1 Header Field Prefixes.........................................4 |
| 60 |
|
| 61 |
Frystyk et al [Page 1]� |
| 62 |
|
| 63 |
|
| 64 |
|
| 65 |
|
| 66 |
|
| 67 |
|
| 68 |
INTERNET-DRAFT Mandatory Friday, March 13, 1998 |
| 69 |
|
| 70 |
4. Extension Header Fields..........................................4 |
| 71 |
4.1 End-to-End Extensions.........................................5 |
| 72 |
4.2 Hop-by-Hop Extensions.........................................6 |
| 73 |
5. Mandatory HTTP Requests..........................................6 |
| 74 |
6. Mandatory HTTP Responses.........................................7 |
| 75 |
7. 510 Not Extended.................................................7 |
| 76 |
8. Publishing an Extension..........................................8 |
| 77 |
9. Security Considerations..........................................8 |
| 78 |
10. References......................................................9 |
| 79 |
11. Acknowledgements................................................9 |
| 80 |
12. Authors Addresses..............................................10 |
| 81 |
13. Summary of Protocol Interactions...............................10 |
| 82 |
14. Examples.......................................................11 |
| 83 |
14.1 Client Queries Server for DAV...............................11 |
| 84 |
14.2 Server Uses ZipFlate Compression Extension..................11 |
| 85 |
|
| 86 |
1. Introduction |
| 87 |
|
| 88 |
The mandatory proposal is designed to accommodate dynamic extension of |
| 89 |
HTTP clients and servers by software components; and to address the |
| 90 |
tension between private agreement and public specification. The kind |
| 91 |
of extensions capable of being introduced range from: |
| 92 |
|
| 93 |
o extending a single HTTP message; |
| 94 |
o introducing new encodings; |
| 95 |
o initiating HTTP-derived protocols for new applications; to... |
| 96 |
o switching to protocols which, once initiated, run independent of |
| 97 |
the original protocol stack. |
| 98 |
|
| 99 |
The proposal is intended to be used as follows: |
| 100 |
|
| 101 |
o Some party designs and specifies an extension; the party assigns |
| 102 |
the extension an identifier, which is a URI, and makes one or |
| 103 |
more representations of the extension available at that address |
| 104 |
(see section 8). |
| 105 |
o An HTTP client, server, or proxy that implements the Mandatory |
| 106 |
extension mechanism (hereafter called an agent) declares the use |
| 107 |
of the extension by referencing its URI in an extension |
| 108 |
declaration in an HTTP message (see section 3). |
| 109 |
o The ultimate recipient of the extension declaration which can be |
| 110 |
the origin server, the user agent, or any intermediary in the |
| 111 |
request/response chain can based on the extension declaration |
| 112 |
deduce how to properly interpret the extended message. |
| 113 |
|
| 114 |
The proposal uses features in HTTP/1.1 but is compatible with both |
| 115 |
HTTP/1.0 and HTTP/1.1 applications in such a way that extended |
| 116 |
applications can coexist with existing HTTP applications. |
| 117 |
|
| 118 |
|
| 119 |
2. Notational Conventions |
| 120 |
|
| 121 |
This specification uses the same notational conventions and basic |
| 122 |
parsing constructs as RFC 2068[7]. In particular the BNF constructs |
| 123 |
|
| 124 |
Frystyk, et al [Page 2]� |
| 125 |
|
| 126 |
|
| 127 |
|
| 128 |
|
| 129 |
|
| 130 |
|
| 131 |
INTERNET-DRAFT Mandatory Friday, March 13, 1998 |
| 132 |
|
| 133 |
"token", "quoted-string", "field-name", and "URI" in this document are |
| 134 |
to be interpreted as described in RFC 2068[7]. |
| 135 |
|
| 136 |
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", |
| 137 |
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this |
| 138 |
document are to be interpreted as described in RFC 2119[8]. |
| 139 |
|
| 140 |
This proposal does not rely on particular features defined in URLs [3] |
| 141 |
that cannot potentially be expressed using URNs (see section 8). |
| 142 |
Therefore, the more generic term URI[2] is used throughout the |
| 143 |
specification. |
| 144 |
|
| 145 |
|
| 146 |
3. Extension Declarations |
| 147 |
|
| 148 |
An extension declaration can be used to indicate that an extension has |
| 149 |
been applied to a message and possibly to reserve a part of the header |
| 150 |
namespace identified by a header field prefix (see 3.1). |
| 151 |
|
| 152 |
This specification does not define any ramifications of applying an |
| 153 |
extension to a message nor whether two extensions can or cannot |
| 154 |
logically coexist within the same message. It is strictly a framework |
| 155 |
for describing which extensions have been applied and what the |
| 156 |
ultimate recipient either must or may do in order to properly |
| 157 |
interpret any extension declarations within that message. |
| 158 |
|
| 159 |
The grammar for an extension declaration is as follows: |
| 160 |
|
| 161 |
ext-decl = <"> URI <"> [ ext-params ] |
| 162 |
ext-params = ";" namespace *( ext-extension ) |
| 163 |
|
| 164 |
namespace = ";" "ns" "=" prefix |
| 165 |
prefix = 2*DIGIT "-" |
| 166 |
ext-extension = ";" token [ "=" ( token | quoted-string ) ] |
| 167 |
|
| 168 |
An extension is identified by a URI. Extension identifier URIs can be |
| 169 |
either relative or absolute. Relative extension identifiers are |
| 170 |
interpreted relative to the IANA registry (see RFC 1808[4]). Examples |
| 171 |
of extension declarations are |
| 172 |
|
| 173 |
"rfc2068"; SetCookie2 |
| 174 |
"Content-FooBar" |
| 175 |
"New-Registered-Header" |
| 176 |
"http://www.temporary.com/extension"; ns=33- |
| 177 |
|
| 178 |
An extension declaration can be extended through the use of one or |
| 179 |
more ext-extension parameters. Unrecognized ext-extension parameters |
| 180 |
SHOULD be ignored and MUST NOT be removed by proxies when forwarding |
| 181 |
the extension declaration. |
| 182 |
|
| 183 |
|
| 184 |
|
| 185 |
|
| 186 |
|
| 187 |
Frystyk, et al [Page 3]� |
| 188 |
|
| 189 |
|
| 190 |
|
| 191 |
|
| 192 |
|
| 193 |
|
| 194 |
INTERNET-DRAFT Mandatory Friday, March 13, 1998 |
| 195 |
|
| 196 |
Note: In layered implementations, unknown ext-extension parameters |
| 197 |
should be passed to the upper layers as they may have other mechanisms |
| 198 |
of knowing the semantics of the parameters. |
| 199 |
|
| 200 |
|
| 201 |
3.1 Header Field Prefixes |
| 202 |
|
| 203 |
The header-prefix can be used to indicate that all header fields in |
| 204 |
the message matching the header-prefix value using string prefix- |
| 205 |
matching are introduced by this extension instance. This allows an |
| 206 |
extension instance to dynamically reserve a subspace of the header |
| 207 |
space in a protocol message in order to prevent header field name |
| 208 |
clashes. |
| 209 |
|
| 210 |
Prefixes are primarily intended to avoid header field name conflicts |
| 211 |
and to allow multiple instances of a single extension using its own |
| 212 |
header fields to be applied to the same message without conflicting |
| 213 |
with each other. Alternatively, the extension declarations can contain |
| 214 |
the header field information as ext-params. |
| 215 |
|
| 216 |
Agents SHOULD NOT reuse header-prefix values in the same message |
| 217 |
unless explicitly allowed by the extension (see section 4.1 for a |
| 218 |
discussion of the ultimate recipient of an extension declaration). |
| 219 |
|
| 220 |
Examples of header-prefix values are |
| 221 |
|
| 222 |
1234- |
| 223 |
546- |
| 224 |
234345653- |
| 225 |
|
| 226 |
Linear white space (LWS) MUST NOT be used between the digits and the |
| 227 |
"-". The format of the prefix using a combination of digits and the |
| 228 |
dash "-" guarantees that no extension declaration can reserve the |
| 229 |
whole header field name space. |
| 230 |
|
| 231 |
Old applications may introduce header fields independent of this |
| 232 |
extension mechanism, potentially conflicting with header fields |
| 233 |
introduced by the prefix mechanism. In order to minimize this risk, |
| 234 |
prefixes MUST contain at least 2 digits. |
| 235 |
|
| 236 |
|
| 237 |
4. Extension Header Fields |
| 238 |
|
| 239 |
This proposal introduces two types of extension declaration strength: |
| 240 |
mandatory and optional, and two types of extension declaration scope: |
| 241 |
hop-by-hop and end-to-end (see section 4.1 and 4.2). |
| 242 |
|
| 243 |
A mandatory extension declaration indicates that the ultimate |
| 244 |
recipient MUST consult and adhere to the rules given by the extension |
| 245 |
when processing the message or report an error (see section 5 and 7). |
| 246 |
|
| 247 |
|
| 248 |
|
| 249 |
Frystyk, et al [Page 4]� |
| 250 |
|
| 251 |
|
| 252 |
|
| 253 |
|
| 254 |
|
| 255 |
|
| 256 |
INTERNET-DRAFT Mandatory Friday, March 13, 1998 |
| 257 |
|
| 258 |
An optional extension declaration indicates that the ultimate |
| 259 |
recipient of the extension MAY consult and adhere to the rules given |
| 260 |
by the extension when processing the message, or ignore the extension |
| 261 |
declaration completely. An agent may not be able to distinguish |
| 262 |
whether the ultimate recipient does not understand an extension |
| 263 |
referred to by an optional extension or simply ignores the extension |
| 264 |
declaration. |
| 265 |
|
| 266 |
The combination of the declaration strength and scope defines a 2x2 |
| 267 |
matrix which is distinguished by four new general HTTP header fields: |
| 268 |
Man, Opt, C-Man, and C-Opt (see section 4.1 and 4.2, and appendix 13 |
| 269 |
for a table of interactions with origin servers and proxies). |
| 270 |
|
| 271 |
The header fields are general header fields as they describe which |
| 272 |
extensions actually are applied to an HTTP message. Optional |
| 273 |
declarations MAY be applied to any HTTP message without any change to |
| 274 |
existing HTTP semantics. Mandatory declarations MUST be applied to a |
| 275 |
request message as described in section 5 and to a response message as |
| 276 |
described in section 6. |
| 277 |
|
| 278 |
|
| 279 |
4.1 End-to-End Extensions |
| 280 |
|
| 281 |
End-to-end declarations MUST be transmitted to the ultimate recipient |
| 282 |
of the declaration. The Man and the Opt general header fields are end- |
| 283 |
to-end header fields and are defined as follows: |
| 284 |
|
| 285 |
mandatory = "Man" ":" 1#ext-decl |
| 286 |
optional = "Opt" ":" 1#ext-decl |
| 287 |
|
| 288 |
For example |
| 289 |
|
| 290 |
HTTP/1.1 200 OK |
| 291 |
Content-Length: 421 |
| 292 |
Opt: "http://www.digest.org/Digest"; digest="4525dct344v@fsdfsg" |
| 293 |
... |
| 294 |
|
| 295 |
The ultimate recipient of an end-to-end extension declaration would |
| 296 |
often be but is not limited to either the origin server or the user |
| 297 |
agent. Proxies MAY act as both the initiator and the ultimate |
| 298 |
recipient of end-to-end extension declarations. It is outside the |
| 299 |
scope of this specification to define how an agreement is reached |
| 300 |
between a party representing the proxy and the party on which behalf |
| 301 |
it can act, but for example, the parties may be within the same trust |
| 302 |
domain. |
| 303 |
|
| 304 |
If a proxy is the ultimate recipient of a mandatory end-to-end |
| 305 |
extension declaration then it MUST handle that extension declaration |
| 306 |
as described in section 5. The proxy SHOULD remove all parts of the |
| 307 |
extension declaration from the message before forwarding it. |
| 308 |
|
| 309 |
|
| 310 |
|
| 311 |
|
| 312 |
Frystyk, et al [Page 5]� |
| 313 |
|
| 314 |
|
| 315 |
|
| 316 |
|
| 317 |
|
| 318 |
|
| 319 |
INTERNET-DRAFT Mandatory Friday, March 13, 1998 |
| 320 |
|
| 321 |
4.2 Hop-by-Hop Extensions |
| 322 |
|
| 323 |
Hop-by-hop extension declarations are meaningful only for a single |
| 324 |
transport-level connection. The C-Man and the C-Opt general header |
| 325 |
field are hop-by-hop header fields and MUST NOT be communicated by |
| 326 |
proxies over further connections. The two headers have the following |
| 327 |
grammar: |
| 328 |
|
| 329 |
c-mandatory = "C-Man" ":" 1#ext-decl |
| 330 |
c-optional = "C-Opt" ":" 1#ext-decl |
| 331 |
|
| 332 |
For example |
| 333 |
|
| 334 |
GET / HTTP/1.1 |
| 335 |
Host: some.host |
| 336 |
C-Man: "http://www.digest.org/ProxyAuth"; |
| 337 |
Credentials="g5gj262jdw@4df" |
| 338 |
Connection: C-Man |
| 339 |
|
| 340 |
In HTTP/1.1, the C-Man and the C-Opt header field MUST be protected by |
| 341 |
a Connection header. That is, the header fields are to be included as |
| 342 |
Connection header directives (see section [7], section 14.10). |
| 343 |
|
| 344 |
An agent MUST NOT send the C-Man or the C-Opt header field to an |
| 345 |
HTTP/1.0 proxy as it does not obey the HTTP/1.1 rules for parsing the |
| 346 |
Connection header field (see [7]). |
| 347 |
|
| 348 |
|
| 349 |
5. Mandatory HTTP Requests |
| 350 |
|
| 351 |
An HTTP request is called a mandatory request if it includes at least |
| 352 |
one mandatory extension declaration (using the Man or the C-Man header |
| 353 |
fields). The method name of a mandatory request MUST be prefixed by |
| 354 |
"M-". For example, a client might express the binding rights- |
| 355 |
management constraints in an HTTP PUT request as follows: |
| 356 |
|
| 357 |
M-PUT /a-resource HTTP/1.1 |
| 358 |
Man: "http://www.copyright.org/rights-management"; ns=43- |
| 359 |
43-copyright: http://www.copyright.org/COPYRIGHT.html- |
| 360 |
43-contributions: http://www.copyright.org/PATCHES.html |
| 361 |
Host: www.w3.org |
| 362 |
Content-Length: 1203 |
| 363 |
Content-Type: text/html |
| 364 |
|
| 365 |
<!doctype html ... |
| 366 |
|
| 367 |
An HTTP server MUST NOT return a 2xx status-code without understanding |
| 368 |
and obeying all mandatory extension declaration(s) in a mandatory |
| 369 |
request. A mandatory HTTP request invalidates cached entries as |
| 370 |
described in [7], section 13.10. |
| 371 |
|
| 372 |
The ultimate recipient of a mandatory HTTP request with the "M-" |
| 373 |
prefix on the method name MUST process the request by performing the |
| 374 |
following actions in the order they occur: |
| 375 |
|
| 376 |
Frystyk, et al [Page 6]� |
| 377 |
|
| 378 |
|
| 379 |
|
| 380 |
|
| 381 |
|
| 382 |
|
| 383 |
INTERNET-DRAFT Mandatory Friday, March 13, 1998 |
| 384 |
|
| 385 |
1. Identify all mandatory extension declarations (both hop-by-hop |
| 386 |
and end-to-end); the server MAY ignore optional declarations |
| 387 |
without affecting the result of the transaction; |
| 388 |
2. Evaluate and process the extensions identified in 1) or if the |
| 389 |
extension declarations do not match the policy for accessing |
| 390 |
the resource then respond with a 510 (Not Extended) status-code |
| 391 |
(see section 7); |
| 392 |
3. Strip the "M-" prefix from the method name and process the |
| 393 |
reminder of the request according to the semantics of the |
| 394 |
existing HTTP/1.1 method name as defined in [7]. |
| 395 |
|
| 396 |
An "M-" aware proxy that does not act as the ultimate recipient of a |
| 397 |
mandatory extension declaration MUST NOT remove the declaration or the |
| 398 |
"M-" method name prefix when forwarding the message. |
| 399 |
|
| 400 |
An agent receiving an HTTP/1.0 (or lower-version) message that |
| 401 |
includes a Connection header MUST, for each connection-token in this |
| 402 |
field, remove and ignore any header field(s) from the message with the |
| 403 |
same name as the connection-token. Any "M-" method name prefix |
| 404 |
introduced as a result of discarded hop-by-hop extensions MUST be |
| 405 |
ignored and removed by a proxy when forwarding the message. |
| 406 |
|
| 407 |
HTTP proxies that do not understand the "M-" method name prefix SHOULD |
| 408 |
return 501 (Not Implemented) or turn themselves into a tunnel ([7]) in |
| 409 |
which case they do not take any part in the communication. |
| 410 |
|
| 411 |
The "M-" prefix is reserved by this proposal and MUST NOT be used by |
| 412 |
other HTTP extensions. |
| 413 |
|
| 414 |
|
| 415 |
6. Mandatory HTTP Responses |
| 416 |
|
| 417 |
Mandatory extension declarations in HTTP responses are often a result |
| 418 |
of but not limited to mandatory HTTP requests. A server MAY use |
| 419 |
mandatory extension declarations in response to a non-mandatory HTTP |
| 420 |
request. This is primarily intended to facilitate extensions that can |
| 421 |
not be understood without using the extension or are authorized out- |
| 422 |
of-band. |
| 423 |
|
| 424 |
If a client receives an HTTP response which contains a Mandatory |
| 425 |
extension declaration which it does not understand or does not want to |
| 426 |
use, it SHOULD treat it as if the message was of type |
| 427 |
"application/octet-stream". |
| 428 |
|
| 429 |
|
| 430 |
7. 510 Not Extended |
| 431 |
|
| 432 |
The policy for accessing the resource has not been met in the request. |
| 433 |
The server SHOULD send back all the information necessary for the |
| 434 |
client to issue an extended request. It is outside the scope of this |
| 435 |
specification to specify how the extensions inform the client. |
| 436 |
|
| 437 |
|
| 438 |
Frystyk, et al [Page 7]� |
| 439 |
|
| 440 |
|
| 441 |
|
| 442 |
|
| 443 |
|
| 444 |
|
| 445 |
INTERNET-DRAFT Mandatory Friday, March 13, 1998 |
| 446 |
|
| 447 |
If the initial request already included the extensions requested in |
| 448 |
the 510 response, then the response indicates that access has been |
| 449 |
refused for those extension declarations. |
| 450 |
|
| 451 |
If the 510 response contains the same set of extension policies as the |
| 452 |
prior response, then the client MAY present any entity included in the |
| 453 |
response to the user, since that entity may include relevant |
| 454 |
diagnostic information. |
| 455 |
|
| 456 |
|
| 457 |
8. Publishing an Extension |
| 458 |
|
| 459 |
While the protocol extension definition should be published at the |
| 460 |
address of the extension identifier, this is not a requirement of this |
| 461 |
specification. The only absolute requirement is that distinct names be |
| 462 |
used for distinct semantics. For example, one way to achieve this is |
| 463 |
to use a mid, cid, or uuid URI. The association between the extension |
| 464 |
identifier and the specification might be made by distributing a |
| 465 |
specification, which references the extension identifier. |
| 466 |
|
| 467 |
It is strongly recommended that the integrity and persistence of the |
| 468 |
extension identifier is maintained and kept unquestioned throughout |
| 469 |
the lifetime of the extension. Care should be taken not to distribute |
| 470 |
conflicting specifications that reference the same name. Even when a |
| 471 |
URI is used to publish extension specifications, care must be taken |
| 472 |
that the specification made available at that address does not change |
| 473 |
significantly over time. One agent may associate the identifier with |
| 474 |
the old semantics, and another might associate it with the new |
| 475 |
semantics. |
| 476 |
|
| 477 |
The extension definition may be made available in different |
| 478 |
representations ranging from |
| 479 |
|
| 480 |
o a human-readable specification defining the extension semantics, |
| 481 |
o downloadable code which implements the semantics defined by the |
| 482 |
extension, |
| 483 |
o a formal interface description provided by the extension, to |
| 484 |
o a machine-readable specification defining the extension |
| 485 |
semantics. |
| 486 |
|
| 487 |
For example, a software component that implements the specification |
| 488 |
may reside at the same address as a human-readable specification |
| 489 |
(distinguished by content negotiation). The human-readable |
| 490 |
representation serves to document the extension and encourage |
| 491 |
deployment, while the software component allows clients and servers to |
| 492 |
be dynamically extended. |
| 493 |
|
| 494 |
|
| 495 |
9. Security Considerations |
| 496 |
|
| 497 |
o Dynamic installation of extension facilities as described in the |
| 498 |
introduction involves software written by one party (the provider |
| 499 |
of the implementation) to be executed under the authority of |
| 500 |
|
| 501 |
Frystyk, et al [Page 8]� |
| 502 |
|
| 503 |
|
| 504 |
|
| 505 |
|
| 506 |
|
| 507 |
|
| 508 |
INTERNET-DRAFT Mandatory Friday, March 13, 1998 |
| 509 |
|
| 510 |
another (the party operating the host software). This opens the |
| 511 |
host party to a variety of "Trojan horse" attacks by the |
| 512 |
provider, or a malicious third party that forges implementations |
| 513 |
under a provider's name. See, for example RFC2046[6], section |
| 514 |
4.5.2 for a discussion of these risks. |
| 515 |
|
| 516 |
10. References |
| 517 |
|
| 518 |
[1] D. H. Crocker. "Standard for the Format of ARPA Internet Text |
| 519 |
Messages", STD 11, RFC 822, UDEL, August 1982 |
| 520 |
[2] T. Berners-Lee, "Universal Resource Identifiers in WWW. A |
| 521 |
Unifying Syntax for the Expression of Names and Addresses of |
| 522 |
Objects on the Network as used in the World-Wide Web", RFC 1630, |
| 523 |
CERN, June 1994. |
| 524 |
[3] T. Berners-Lee, L. Masinter, M. McCahill. "Uniform Resource |
| 525 |
Locators (URL)" RFC 1738, CERN, Xerox PARC, University of |
| 526 |
Minnesota, December 1994. |
| 527 |
[4] R. Fielding, "Relative Uniform Resource Locators", RFC 1808, UC |
| 528 |
Irvine, June 1995. |
| 529 |
[5] T. Berners-Lee, R. Fielding, H. Frystyk, "Hypertext Transfer |
| 530 |
Protocol -- HTTP/1.0", RFC 1945, W3C/MIT, UC Irvine, W3C/MIT, May |
| 531 |
1996. |
| 532 |
[6] N. Freed, N. Borenstein, "Multipurpose Internet Mail Extensions |
| 533 |
(MIME) Part Two: Media Types", RFC 2046, Innosoft, First Virtual, |
| 534 |
November 1996. |
| 535 |
[7] R. Fielding, J. Gettys, J. C. Mogul, H. Frystyk, T. Berners-Lee, |
| 536 |
"Hypertext Transfer Protocol -- HTTP/1.1", RFC 2068, U.C. Irvine, |
| 537 |
DEC W3C/MIT, DEC, W3C/MIT, W3C/MIT, January 1997 |
| 538 |
[8] S. Bradner, "Key words for use in RFCs to Indicate Requirement |
| 539 |
Levels", RFC 2119, Harvard University, March 1997 |
| 540 |
[9] Y. Goland et al, "Extensions for Distributed Authoring and |
| 541 |
Versioning", Internet Draft, draft-jensen-webdav-ext-01, 26 March |
| 542 |
1997. This is work in progress. |
| 543 |
[10] H. F. Nielsen, D. Connolly, R. Khare, "PEP - an extension |
| 544 |
mechanism for HTTP", draft-http-pep-05.txt, November 21, 1997 |
| 545 |
|
| 546 |
11. Acknowledgements |
| 547 |
|
| 548 |
Rohit Khare deserves special recognition for his efforts in commenting |
| 549 |
in the design phase of the protocol. Also thanks to Josh Cohen, Ross |
| 550 |
Patterson, Jim Gettys and all the people who have been involved in |
| 551 |
PEP. |
| 552 |
|
| 553 |
|
| 554 |
|
| 555 |
|
| 556 |
|
| 557 |
|
| 558 |
|
| 559 |
|
| 560 |
|
| 561 |
|
| 562 |
Frystyk, et al [Page 9]� |
| 563 |
|
| 564 |
|
| 565 |
|
| 566 |
|
| 567 |
|
| 568 |
|
| 569 |
INTERNET-DRAFT Mandatory Friday, March 13, 1998 |
| 570 |
|
| 571 |
12. Authors Addresses |
| 572 |
|
| 573 |
Henrik Frystyk Nielsen |
| 574 |
Technical Staff, World Wide Web Consortium |
| 575 |
MIT Laboratory for Computer Science |
| 576 |
545 Technology Square |
| 577 |
Cambridge, MA 02139, USA |
| 578 |
Email: frystyk@w3.org |
| 579 |
|
| 580 |
Paul J. Leach |
| 581 |
Microsoft Corporation |
| 582 |
1 Microsoft Way |
| 583 |
Redmond, WA 98052, USA |
| 584 |
Email: paulle@microsoft.com |
| 585 |
|
| 586 |
Scott Lawrence |
| 587 |
Agranat Systems, Inc. |
| 588 |
1345 Main Street |
| 589 |
Waltham, MA 02154, USA |
| 590 |
Email: lawrence@agranat.com |
| 591 |
|
| 592 |
|
| 593 |
Appendices |
| 594 |
|
| 595 |
|
| 596 |
13. Summary of Protocol Interactions |
| 597 |
|
| 598 |
The following tables summarize the outcome of strength and scope rules |
| 599 |
of the mandatory proposal of compliant and non-compliant HTTP proxies |
| 600 |
and origin servers. The summary is intended as a guide and index to |
| 601 |
the text, but is necessarily cryptic and incomplete. This summary |
| 602 |
should never be used or referenced separately from the complete |
| 603 |
specification. |
| 604 |
|
| 605 |
|
| 606 |
Table 1: Origin Server |
| 607 |
|
| 608 |
Scope Hop-by-hop End-to-end |
| 609 |
|
| 610 |
Strength Optional Required Optional Required |
| 611 |
(may) (must) (may) (must) |
| 612 |
|
| 613 |
Mandatory Standard 501 (Not Standard 501 (Not |
| 614 |
unsupported processing Implemented)processing Implemented) |
| 615 |
|
| 616 |
Extension Standard 510 (Not Standard 510 (Not |
| 617 |
unsupported processing Extended) processing Extended) |
| 618 |
|
| 619 |
Extension Extended Extended Extended Extended |
| 620 |
supported processing processing processing processing |
| 621 |
|
| 622 |
|
| 623 |
|
| 624 |
|
| 625 |
|
| 626 |
Frystyk, et al [Page 10]� |
| 627 |
|
| 628 |
|
| 629 |
|
| 630 |
|
| 631 |
|
| 632 |
|
| 633 |
INTERNET-DRAFT Mandatory Friday, March 13, 1998 |
| 634 |
|
| 635 |
Table 2: Proxy Server |
| 636 |
|
| 637 |
Scope Hop-by-hop End-to-end |
| 638 |
|
| 639 |
Strength Optional Required Optional Required |
| 640 |
(may) (must) (may) (must) |
| 641 |
|
| 642 |
Mandatory Strip 501 (Not Forward 501 (Not |
| 643 |
unsupported extension Implemented)extension Implemented) |
| 644 |
or tunnel or tunnel |
| 645 |
|
| 646 |
Extension Strip 510 (Not Forward Forward |
| 647 |
unsupported extension Extended) extension extension |
| 648 |
|
| 649 |
Extension Extended Extended Extended Extended |
| 650 |
supported processing processing processing, processing, |
| 651 |
and strip and strip may strip may strip |
| 652 |
|
| 653 |
|
| 654 |
14. Examples |
| 655 |
|
| 656 |
The following examples show various scenarios using mandatory in |
| 657 |
HTTP/1.1 requests and responses. Information not essential for |
| 658 |
illustrating the examples is left out (referred to as "�") |
| 659 |
|
| 660 |
|
| 661 |
14.1 Client Queries Server for DAV |
| 662 |
|
| 663 |
In this example, the purpose is to determine whether a server |
| 664 |
understands and supports the Distributed Authoring and Versioning |
| 665 |
(DAV) protocol extension [9]. By making the request mandatory (see |
| 666 |
section 5), the client forces the server to process the extension |
| 667 |
declaration and obey the extension or report an error. |
| 668 |
|
| 669 |
M-GET /some.url HTTP/1.1 |
| 670 |
Host: some.host |
| 671 |
Man: "http://www.dav.org" |
| 672 |
... |
| 673 |
|
| 674 |
HTTP/1.1 200 OK |
| 675 |
... |
| 676 |
|
| 677 |
The response shows that the server does understand. It is not possible |
| 678 |
to distinguish between querying about or using an extension - the |
| 679 |
extension declaration is identical. Whether it in fact is a query may |
| 680 |
depend on the request method name and request modifiers. |
| 681 |
|
| 682 |
|
| 683 |
14.2 Server Uses ZipFlate Compression Extension |
| 684 |
|
| 685 |
This example shows a server using the zipflate compression extension |
| 686 |
in a response: |
| 687 |
|
| 688 |
|
| 689 |
|
| 690 |
|
| 691 |
|
| 692 |
Frystyk, et al [Page 11]� |
| 693 |
|
| 694 |
|
| 695 |
|
| 696 |
|
| 697 |
|
| 698 |
|
| 699 |
INTERNET-DRAFT Mandatory Friday, March 13, 1998 |
| 700 |
|
| 701 |
GET /Index HTTP/1.1 |
| 702 |
Host: some.host |
| 703 |
|
| 704 |
HTTP/1.1 200 OK |
| 705 |
Man: "http://www.encoding.com/zipflate" |
| 706 |
Cache-Control: no-transform |
| 707 |
Vary: * |
| 708 |
... |
| 709 |
|
| 710 |
The response shows that the server uses the extension the response. |
| 711 |
The response includes the no-transform cache-control directive in |
| 712 |
order to avoid that proxies add their own content-coding to the |
| 713 |
message and a Vary header field indicating that a cache may not use |
| 714 |
the response to reply to a subsequent request without revalidation. |
| 715 |
|
| 716 |
|
| 717 |
|
| 718 |
|
| 719 |
|
| 720 |
|
| 721 |
|
| 722 |
|
| 723 |
|
| 724 |
|
| 725 |
|
| 726 |
|
| 727 |
|
| 728 |
|
| 729 |
|
| 730 |
|
| 731 |
|
| 732 |
|
| 733 |
|
| 734 |
|
| 735 |
|
| 736 |
|
| 737 |
|
| 738 |
|
| 739 |
|
| 740 |
|
| 741 |
|
| 742 |
|
| 743 |
|
| 744 |
|
| 745 |
|
| 746 |
|
| 747 |
|
| 748 |
|
| 749 |
|
| 750 |
|
| 751 |
|
| 752 |
Frystyk, et al [Page 12]� |
Parent Directory
| 
Revision Log