![(please configure the [header_logo] section in trac.ini)](https://www.ietf.org/images/ietflogotrans.gif)
Ticket #144: 144.diff
| File 144.diff, 12.7 KB (added by julian.reschke@…, 14 years ago) |
|---|
-
p2-semantics.xml
2047 2047 <x:anchor-alias value="Referer"/> 2048 2048 <x:anchor-alias value="Referer-v"/> 2049 2049 <t> 2050 The request-header field "Referer" [sic] allows the client to specify, 2051 for the server's benefit, the address (URI) of the resource from 2052 which the request-target was obtained (the "referrer", although the 2053 header field is misspelled.) The Referer request-header allows a 2054 server to generate lists of back-links to resources for interest, 2055 logging, optimized caching, etc. It also allows obsolete or mistyped 2056 links to be traced for maintenance. The Referer field &MUST-NOT; be 2057 sent if the request-target was obtained from a source that does not have 2058 its own URI, such as input from the user keyboard. 2050 The request-header field "Referer" [sic] allows the client to specify, for 2051 the server's benefit, the address (URI) of the resource from which the 2052 request-target was obtained (the "referrer", although the header field is 2053 misspelled.). 2059 2054 </t> 2055 <t> 2056 The Referer header allows servers to generate lists of back-links to 2057 resources for interest, logging, optimized caching, etc. It also allows 2058 obsolete or mistyped links to be traced for maintenance. Some servers use 2059 Referer as a means of controlling where they allow links from (so-called 2060 "deep linking"), but it should be noted that legitimate requests are not 2061 required to contain a Referer header field. 2062 </t> 2063 <t> 2064 If the request-target was obtained from a source that does not have its own 2065 URI (e.g., input from the user keyboard), the Referer field MUST either be 2066 sent with the value "about:blank", or not be sent at all. Note that this 2067 requirement does not apply to sources with non-HTTP URIs (e.g., FTP). 2068 </t> 2060 2069 <figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Referer"/><iref primary="true" item="Grammar" subitem="Referer-v"/> 2061 2070 <x:ref>Referer</x:ref> = "Referer" ":" <x:ref>OWS</x:ref> <x:ref>Referer-v</x:ref> 2062 2071 <x:ref>Referer-v</x:ref> = <x:ref>absolute-URI</x:ref> / <x:ref>partial-URI</x:ref> … … 3209 3218 (<xref target="header.location"/>) 3210 3219 </t> 3211 3220 <t> 3221 Allow Referer value of "about:blank" as alternative to not specifying it. 3222 (<xref target="header.referer"/>) 3223 </t> 3224 <t> 3212 3225 In the description of the Server header, the Via field 3213 3226 was described as a SHOULD. The requirement was and is stated 3214 3227 correctly in the description of the Via header in &header-via;. … … 3570 3583 Closed issues: 3571 3584 <list style="symbols"> 3572 3585 <t> 3586 <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/144"/>: 3587 "Clarify when Referer is sent" 3588 </t> 3589 <t> 3573 3590 <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/164"/>: 3574 3591 "status codes vs methods" 3575 3592 </t> -
p2-semantics.html
470 470 </tr> 471 471 <tr> 472 472 <td class="header left"></td> 473 <td class="header right">June 4, 2009</td>473 <td class="header right">June 8, 2009</td> 474 474 </tr> 475 475 </table> 476 476 <p class="title">HTTP/1.1, part 2: Message Semantics<br><span class="filename">draft-ietf-httpbis-p2-semantics-latest</span></p> … … 1571 1571 <div id="rfc.iref.h.7"></div> 1572 1572 <h2 id="rfc.section.9.6"><a href="#rfc.section.9.6">9.6</a> <a id="header.referer" href="#header.referer">Referer</a></h2> 1573 1573 <p id="rfc.section.9.6.p.1">The request-header field "Referer" [sic] allows the client to specify, for the server's benefit, the address (URI) of the 1574 resource from which the request-target was obtained (the "referrer", although the header field is misspelled.) The Referer 1575 request-header allows a server to generate lists of back-links to resources for interest, logging, optimized caching, etc. 1576 It also allows obsolete or mistyped links to be traced for maintenance. The Referer field <em class="bcp14">MUST NOT</em> be sent if the request-target was obtained from a source that does not have its own URI, such as input from the user keyboard. 1574 resource from which the request-target was obtained (the "referrer", although the header field is misspelled.). 1577 1575 </p> 1576 <p id="rfc.section.9.6.p.2">The Referer header allows servers to generate lists of back-links to resources for interest, logging, optimized caching, etc. 1577 It also allows obsolete or mistyped links to be traced for maintenance. Some servers use Referer as a means of controlling 1578 where they allow links from (so-called "deep linking"), but it should be noted that legitimate requests are not required to 1579 contain a Referer header field. 1580 </p> 1581 <p id="rfc.section.9.6.p.3">If the request-target was obtained from a source that does not have its own URI (e.g., input from the user keyboard), the 1582 Referer field MUST either be sent with the value "about:blank", or not be sent at all. Note that this requirement does not 1583 apply to sources with non-HTTP URIs (e.g., FTP). 1584 </p> 1578 1585 <div id="rfc.figure.u.20"></div><pre class="inline"><span id="rfc.iref.g.22"></span><span id="rfc.iref.g.23"></span> <a href="#header.referer" class="smpl">Referer</a> = "Referer" ":" <a href="#core.rules" class="smpl">OWS</a> <a href="#header.referer" class="smpl">Referer-v</a> 1579 1586 <a href="#header.referer" class="smpl">Referer-v</a> = <a href="#abnf.dependencies" class="smpl">absolute-URI</a> / <a href="#abnf.dependencies" class="smpl">partial-URI</a> 1580 </pre><p id="rfc.section.9.6.p. 3">Example:</p>1587 </pre><p id="rfc.section.9.6.p.5">Example:</p> 1581 1588 <div id="rfc.figure.u.21"></div><pre class="text"> Referer: http://www.example.org/hypertext/Overview.html 1582 </pre><p id="rfc.section.9.6.p. 5">If the field value is a relative URI, it <em class="bcp14">SHOULD</em> be interpreted relative to the request-target. The URI <em class="bcp14">MUST NOT</em> include a fragment. See <a href="#encoding.sensitive.information.in.uris" title="Encoding Sensitive Information in URIs">Section 11.2</a> for security considerations.1589 </pre><p id="rfc.section.9.6.p.7">If the field value is a relative URI, it <em class="bcp14">SHOULD</em> be interpreted relative to the request-target. The URI <em class="bcp14">MUST NOT</em> include a fragment. See <a href="#encoding.sensitive.information.in.uris" title="Encoding Sensitive Information in URIs">Section 11.2</a> for security considerations. 1583 1590 </p> 1584 1591 <div id="rfc.iref.r.2"></div> 1585 1592 <div id="rfc.iref.h.8"></div> … … 2242 2249 <p id="rfc.section.A.2.p.6">Correct syntax of Location header to allow fragment, as referred symbol wasn't what was expected, and add some clarifications 2243 2250 as to when it would not be appropriate. (<a href="#header.location" id="rfc.xref.header.location.4" title="Location">Section 9.4</a>) 2244 2251 </p> 2245 <p id="rfc.section.A.2.p.7">In the description of the Server header, the Via field was described as a SHOULD. The requirement was and is stated correctly 2252 <p id="rfc.section.A.2.p.7">Allow Referer value of "about:blank" as alternative to not specifying it. (<a href="#header.referer" id="rfc.xref.header.referer.3" title="Referer">Section 9.6</a>) 2253 </p> 2254 <p id="rfc.section.A.2.p.8">In the description of the Server header, the Via field was described as a SHOULD. The requirement was and is stated correctly 2246 2255 in the description of the Via header in <a href="p1-messaging.html#header.via" title="Via">Section 8.9</a> of <a href="#Part1" id="rfc.xref.Part1.28"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>. (<a href="#header.server" id="rfc.xref.header.server.4" title="Server">Section 9.8</a>) 2247 2256 </p> 2248 2257 <h1 id="rfc.section.B"><a href="#rfc.section.B">B.</a> <a id="collected.abnf" href="#collected.abnf">Collected ABNF</a></h1> … … 2480 2489 <h2 id="rfc.section.C.8"><a href="#rfc.section.C.8">C.8</a> <a id="changes.since.06" href="#changes.since.06">Since draft-ietf-httpbis-p2-semantics-06</a></h2> 2481 2490 <p id="rfc.section.C.8.p.1">Closed issues: </p> 2482 2491 <ul> 2492 <li> <<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/144">http://tools.ietf.org/wg/httpbis/trac/ticket/144</a>>: "Clarify when Referer is sent" 2493 </li> 2483 2494 <li> <<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/164">http://tools.ietf.org/wg/httpbis/trac/ticket/164</a>>: "status codes vs methods" 2484 2495 </li> 2485 2496 <li> <<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/170">http://tools.ietf.org/wg/httpbis/trac/ticket/170</a>>: "Do not require "updates" relation for specs that register status codes or method names" … … 2612 2623 <li class="indline1">From <a class="iref" href="#rfc.xref.header.from.1">3</a>, <a class="iref" href="#rfc.iref.h.4"><b>9.3</b></a>, <a class="iref" href="#rfc.xref.header.from.2">10.3</a></li> 2613 2624 <li class="indline1">Location <a class="iref" href="#rfc.xref.header.location.1">5</a>, <a class="iref" href="#rfc.xref.header.location.2">7.5</a>, <a class="iref" href="#rfc.iref.h.5"><b>9.4</b></a>, <a class="iref" href="#rfc.xref.header.location.3">10.3</a>, <a class="iref" href="#rfc.xref.header.location.4">A.2</a></li> 2614 2625 <li class="indline1">Max-Forwards <a class="iref" href="#rfc.xref.header.max-forwards.1">3</a>, <a class="iref" href="#rfc.xref.header.max-forwards.2">7.8</a>, <a class="iref" href="#rfc.iref.h.6"><b>9.5</b></a>, <a class="iref" href="#rfc.xref.header.max-forwards.3">10.3</a></li> 2615 <li class="indline1">Referer <a class="iref" href="#rfc.xref.header.referer.1">3</a>, <a class="iref" href="#rfc.iref.h.7"><b>9.6</b></a>, <a class="iref" href="#rfc.xref.header.referer.2">10.3</a> </li>2626 <li class="indline1">Referer <a class="iref" href="#rfc.xref.header.referer.1">3</a>, <a class="iref" href="#rfc.iref.h.7"><b>9.6</b></a>, <a class="iref" href="#rfc.xref.header.referer.2">10.3</a>, <a class="iref" href="#rfc.xref.header.referer.3">A.2</a></li> 2616 2627 <li class="indline1">Retry-After <a class="iref" href="#rfc.xref.header.retry-after.1">5</a>, <a class="iref" href="#rfc.iref.h.8"><b>9.7</b></a>, <a class="iref" href="#rfc.xref.header.retry-after.2">10.3</a></li> 2617 2628 <li class="indline1">Server <a class="iref" href="#rfc.xref.header.server.1">5</a>, <a class="iref" href="#rfc.iref.h.9"><b>9.8</b></a>, <a class="iref" href="#rfc.xref.header.server.2">10.3</a>, <a class="iref" href="#rfc.xref.header.server.3">11.1</a>, <a class="iref" href="#rfc.xref.header.server.4">A.2</a></li> 2618 2629 <li class="indline1">User-Agent <a class="iref" href="#rfc.xref.header.user-agent.1">3</a>, <a class="iref" href="#rfc.iref.h.10"><b>9.9</b></a>, <a class="iref" href="#rfc.xref.header.user-agent.2">10.3</a>, <a class="iref" href="#rfc.xref.header.user-agent.3">11.1</a></li> … … 2709 2720 </ul> 2710 2721 </li> 2711 2722 <li class="indline0"><a id="rfc.index.R" href="#rfc.index.R"><b>R</b></a><ul class="ind"> 2712 <li class="indline1">Referer header <a class="iref" href="#rfc.xref.header.referer.1">3</a>, <a class="iref" href="#rfc.iref.r.1"><b>9.6</b></a>, <a class="iref" href="#rfc.xref.header.referer.2">10.3</a> </li>2723 <li class="indline1">Referer header <a class="iref" href="#rfc.xref.header.referer.1">3</a>, <a class="iref" href="#rfc.iref.r.1"><b>9.6</b></a>, <a class="iref" href="#rfc.xref.header.referer.2">10.3</a>, <a class="iref" href="#rfc.xref.header.referer.3">A.2</a></li> 2713 2724 <li class="indline1">Retry-After header <a class="iref" href="#rfc.xref.header.retry-after.1">5</a>, <a class="iref" href="#rfc.iref.r.2"><b>9.7</b></a>, <a class="iref" href="#rfc.xref.header.retry-after.2">10.3</a></li> 2714 2725 <li class="indline1"><em>RFC1945</em> <a class="iref" href="#rfc.xref.RFC1945.1">8.3.3</a>, <a class="iref" href="#RFC1945"><b>13.2</b></a></li> 2715 2726 <li class="indline1"><em>RFC2068</em> <a class="iref" href="#rfc.xref.RFC2068.1">8.3.3</a>, <a class="iref" href="#RFC2068"><b>13.2</b></a>, <a class="iref" href="#rfc.xref.RFC2068.2">A.1</a><ul class="ind">
