Ticket #160: 160.2.diff

File 160.2.diff, 7.1 KB (added by julian.reschke@…, 9 years ago)

(work in progress)

  • p2-semantics.xml

     
    2424  <!ENTITY caching                    "<xref target='Part6' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
    2525  <!ENTITY auth                       "<xref target='Part7' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
    2626  <!ENTITY content-negotiation        "<xref target='Part3' x:rel='#content.negotiation' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
     27  <!ENTITY agent-driven-negotiation    "<xref target='Part3' x:rel='#agent-driven.negotiation' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
    2728  <!ENTITY notation-abnf              "<xref target='Part1' x:rel='#notation.abnf' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
    2829  <!ENTITY basic-rules                "<xref target='Part1' x:rel='#basic.rules' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
    2930  <!ENTITY field-rules                "<xref target='Part1' x:rel='#field.rules' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
     
    15661567<section title="Redirection 3xx" anchor="status.3xx">
    15671568<t>
    15681569   This class of status code indicates that further action needs to be
    1569    taken by the user agent in order to fulfill the request.  The action
    1570    required &MAY; be carried out by the user agent without interaction
    1571    with the user if and only if the method used in the second request is
    1572    known to be "safe", as defined in <xref target="safe.methods"/>.
    1573    A client &SHOULD; detect infinite redirection loops, since such loops
    1574    generate network traffic for each redirection.
     1570   taken by the user agent in order to fulfill the request.  If the required
     1571   action involves a subsequent HTTP request, it &MAY; be carried out by the
     1572   user agent without interaction with the user if and only if the method used
     1573   in the second request is known to be "safe", as defined in
     1574   <xref target="safe.methods"/>.
    15751575</t>
     1576<t>
     1577   There are several types of redirects:
     1578   <list style="numbers">
     1579      <x:lt>
     1580        <t>
     1581          Redirects of the request to another URI, either temporarily or
     1582          permanently. The new URI is specified in the Location header field.
     1583          In this specification, the status codes 301 (Moved Permanently),
     1584          302 (Found), and 307 (Temporary Redirect) fall under this category.
     1585        </t>
     1586      </x:lt>
     1587      <x:lt>
     1588        <t>
     1589          Redirection to a new location that represents an indirect response to
     1590          the request, such as the result of a POST operation to be retrieved
     1591          with a subsequent GET request. This is status code 303 (See Other).
     1592        </t>
     1593      </x:lt>
     1594      <x:lt>
     1595        <t>
     1596          Redirection offering a choice of matching resources for use by
     1597          agent-driven content negotiation (&agent-driven-negotiation;). This
     1598          is status code 300 (Multiple Choices).
     1599        </t>
     1600      </x:lt>
     1601      <x:lt>
     1602        <t>
     1603          Other kinds of redirection, such as to a cached result (status code 304
     1604          (Not Modified)).
     1605        </t>
     1606      </x:lt>
     1607   </list>
     1608</t>
    15761609<x:note>
    15771610  <t>
     1611    <x:h>Note:</x:h> In HTTP/1.0, only the status codes 301 (Moved Permanently)
     1612    and 302 (Found) were defined for the first type of redirect, and the second
     1613    type did not exist at all (<xref target="RFC1945" x:fmt="," x:sec="9.3"/>).
     1614    However it turned out that web forms using POST expected redirects to change
     1615    the operation for the subsequent request to retrieval (GET). To address this
     1616    use case, HTTP/1.1 introduced the second type of redirect with the status
     1617    code 303 (See Other) (<xref target="RFC2068" x:fmt="," x:sec="10.3.4"/>).
     1618    As user agents did not change their behavior due to backwards compatibility
     1619    reasons, the first revision of HTTP/1.1 added yet another status code, 307
     1620    (Temporary Redirect), for which the backwards compatibility problems did
     1621    not apply (<xref target="RFC2616" x:fmt="," x:sec="10.3.8"/>).
     1622    Over 10 years later, most user agents still do method rewriting for
     1623    status codes 301 and 302, therefore this specification make that behavior
     1624    compliant in case the original request was POST.
     1625  </t>
     1626</x:note>
     1627<t>
     1628   Clients &SHOULD; detect and intervene in cyclical redirections (i.e.,
     1629   "infinite" redirection loops).
     1630</t>
     1631<x:note>
     1632  <t>
    15781633    <x:h>Note:</x:h> An earlier version of this specification recommended a
    15791634    maximum of five redirections (<xref target="RFC2068" x:fmt="," x:sec="10.3"/>).
    15801635    Content developers need to be aware that some clients might
     
    16451700</t>
    16461701<x:note>
    16471702  <t>
    1648     <x:h>Note:</x:h> When automatically redirecting a POST request after
    1649     receiving a 301 status code, some existing HTTP/1.0 user agents
    1650     will erroneously change it into a GET request.
     1703    <x:h>Note:</x:h> For historic reasons, user agents &MAY; change the
     1704    request method to GET for the subsequent request. If this behavior is
     1705    undesired, status code 307 (Temporary Redirect) can be used instead.
    16511706  </t>
    16521707</x:note>
    16531708</section>
     
    16761731</t>
    16771732<x:note>
    16781733  <t>
    1679     <x:h>Note:</x:h> HTTP/1.0 (<xref target="RFC1945" x:fmt="," x:sec="9.3"/>)
    1680     and the first version of HTTP/1.1 (<xref target="RFC2068" x:fmt="," x:sec ="10.3.3"/>)
    1681     specify that the client is not allowed to change the method on the
    1682     redirected request.  However, most existing user agent implementations
    1683     treat 302 as if it were a 303 response, performing a GET on the Location
    1684     field-value regardless of the original request method. Therefore, a
    1685     previous version of this specification
    1686     (<xref target="RFC2616" x:fmt="," x:sec="10.3.3"/>) has added the
    1687     status codes
    1688     <xref target="status.303" format="none">303</xref> and
    1689     <xref target="status.307" format="none">307</xref> for servers that wish
    1690     to make unambiguously clear which kind of reaction is expected of the
    1691     client.
     1734    <x:h>Note:</x:h> For historic reasons, user agents &MAY; change the
     1735    request method to GET for the subsequent request. If this behavior is
     1736    undesired, status code 307 (Temporary Redirect) can be used instead.
     1737    <cref anchor="issue312">but see <eref target="http://trac.tools.ietf.org/wg/httpbis/trac/ticket/312"/></cref>
    16921738  </t>
    16931739</x:note>
    16941740</section>
     
    36163662  (<xref target="status.203"/>)
    36173663</t>
    36183664<t>
    3619   Failed to consider that there are
    3620   many other request methods that are safe to automatically redirect,
    3621   and further that the user agent is able to make that determination
    3622   based on the request method semantics.
     3665  Failed to consider that there are many other request methods that are safe
     3666  to automatically redirect, and further that the user agent is able to make
     3667  that determination based on the request method semantics.
     3668  Furthermore, allow user agents to rewrite the method from POST to GET
     3669  for status codes 301 and 302.
    36233670  (Sections <xref format="counter" target="status.301"/>,
    36243671  <xref format="counter" target="status.302"/> and
    36253672  <xref format="counter" target="status.307"/>)