Ticket #196: i196.6.diff

p1-messaging.xml

@@ -1589 +1589 @@
 </t>
 </section>
 
+<section title="Effective Request URI" anchor="effective.request.uri">
+  <iref primary="true" item="Effective Request URI"/>
+<t>
+   HTTP requests often do not carry the absolute URI (<xref target="RFC3986" x:fmt="," x:sec="4.3"/>)
+   for the resource they are intended for; instead, the value needs to be inferred from the
+   request-target, Host header and other context. The result of this process is
+   the "Effective Request URI".
+</t>
+<t>
+   If the request-target is an absolute-URI, then the Effective Request URI is
+   the request-target.
+</t>
+<t>
+   If the request-target uses the path-absolute (plus optional query) syntax
+   or if it is just the asterisk "*", then the Effective Request URI is
+   constructed by concatenating
+</t>
+<t>
+  <list style="symbols">
+    <t>
+      the scheme name: "http" if the request was received over an insecure
+      TCP connection, or "https" when received over SSL/TLS-secured TCP
+      connection,
+    </t>
+    <t>
+      the character sequence "://",
+    </t>
+    <t>
+      the authority component, as specified in the Host header
+      (<xref target="header.host"/>) and determined by the rules in
+      <xref target="the.resource.identified.by.a.request"/>,
+      <cref anchor="effrequri-nohost" source="jre">Do we need to include the handling of missing hosts in HTTP/1.0 messages, as
+      described in <xref target="the.resource.identified.by.a.request"/>?</cref>
+      and
+    </t>
+    <t>
+      the request-target obtained from the Request-Line, unless the
+      request-target is just the asterisk "*".
+    </t>
+  </list>
+</t>
+<t>
+   Otherwise, when request-target uses the authority form, the Effective
+   Request URI is undefined.
+</t>
+<figure>
+<preamble>
+   Example 1: the Effective Request URI for the message
+</preamble> 
+<artwork type="example" x:indent-with="  ">
+GET /pub/WWW/TheProject.html HTTP/1.1
+Host: www.example.org:8080
+</artwork>
+<postamble>
+  (received over an insecure TCP connection) is "http", plus "://", plus the
+  authority component "www.example.org:8080", plus the request-target
+  "/pub/WWW/TheProject.html", thus
+  "http://www.example.org:8080/pub/WWW/TheProject.html".
+</postamble>
+</figure>
+<figure>
+<preamble>
+   Example 2: the Effective Request URI for the message
+</preamble> 
+<artwork type="example" x:indent-with="  ">
+GET * HTTP/1.1
+Host: www.example.org
+</artwork>
+<postamble>
+  (received over an SSL/TLS secured TCP connection) is "https", plus "://", plus the
+  authority component "www.example.org", thus "https://www.example.org".
+</postamble>
+</figure>
+<t>
+   Effective Request URIs are compared using the rules described in 
+   <xref target="uri.comparison"/>, except that empty path components &MUST-NOT;
+   be treated as equivalent to an absolute path of "/".
+</t>  
 </section>
 
+</section>
 
+
 <section title="Response" anchor="response">
   <x:anchor-alias value="Response"/>
 <t>

p2-semantics.xml

@@ -26 +26 @@
   <!ENTITY notation-abnf              "<xref target='Part1' x:rel='#notation.abnf' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY basic-rules                "<xref target='Part1' x:rel='#basic.rules' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY uri                        "<xref target='Part1' x:rel='#uri' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
+  <!ENTITY effective-request-uri      "<xref target='Part1' x:rel='#effective.request.uri' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY full-date                  "<xref target='Part1' x:rel='#date.time.formats.full.date' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY http-url                   "<xref target='Part1' x:rel='#http-url' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY http-version               "<xref target='Part1' x:rel='#http.version' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
@@ -670 +671 @@
 </t>
 <t>
    In the common case, an HTTP response is a representation of the resource
-   located at the request-URI. However, this is not always the case. To
-   determine the URI of the resource a response is associated with, the
-   following rules are used (with the first applicable one being selected):
+   located at the Effective Request URI (see &effective-request-uri;). However,
+   this is not always the case. To determine the URI of the resource a
+   response is associated with, the following rules are used (with the first
+   applicable one being selected):
 </t>
 <t><list style="numbers">
    <t>If the response status code is 200 or 203 and the request method was GET,
-   the response is a representation of the resource at the request-URI.</t>
+   the response is a representation of the resource at the Effective Request URI.</t>
    <t>If the response status is 204, 206, or 304 and the request method was GET
    or HEAD, the response is a partial representation of the resource at the
-   request-URI (see &caching-combining-headers;).</t>
+   Effective Request URI (see &caching-combining-headers;).</t>
    <t>If the response has a Content-Location header, and that URI is the same
-   as the request-URI <cref anchor="TODO-missref-requri">(see [ref])</cref>, the response is a representation of the
-   resource at the request-URI.</t>
+   as the Effective Request URI, the response is a representation of the
+   resource at the Effective Request URI.</t>
    <t>If the response has a Content-Location header, and that URI is not the
-   same as the request-URI, the response asserts that it is a representation of
-   the resource at the Content-Location URI (but it may not be).</t>
+   same as the Effective Request URI, the response asserts that it is a
+   representation of the resource at the Content-Location URI (but it may not
+   be).</t>
    <t>Otherwise, the response is a representation of an anonymous (i.e.,
    unidentified) resource.</t>
 </list></t>
 <t>
   <cref anchor="TODO-req-uri">
-   Note that "request-URI" is used here; however, we need to come up with a
-   term to denote "the URI that can be inferred from examining the
-   request-target and the Host header." (see <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/196" />).
-   Also, the comparison function is going to have to be defined somewhere,
+   The comparison function is going to have to be defined somewhere,
    because we already need to compare URIs for things like cache invalidation.</cref>
 </t>
 </section>
@@ -760 +760 @@
 <t>
    The OPTIONS method represents a request for information about the
    communication options available on the request/response chain
-   identified by the request-target. This method allows the client to
+   identified by the Effective Request URI. This method allows the client to
    determine the options and/or requirements associated with a resource,
    or the capabilities of a server, without implying a resource action
    or initiating a resource retrieval.
@@ -825 +825 @@
 <t>
    The GET method means retrieve whatever information (in the form of an
    entity) currently corresponds to the resource identified by the
-   request-target.
+   Effective Request URI.
 </t>
 <t>   
-   If the request-target identifies a data-producing process, it is the
+   If the Effective Request URI identifies a data-producing process, it is the
    produced data which shall be returned as the entity in the response and not
    the source text of the process, unless that text happens to be the output of
    the process.
@@ -893 +893 @@
 <t>
    The POST method is used to request that the origin server accept the
    entity enclosed in the request as data to be processed by the resource
-   identified by the request-target in the Request-Line. POST is designed
+   identified by the Effective Request URI. POST is designed
    to allow a uniform method to cover the following functions:
   <list style="symbols">
     <t>
@@ -914 +914 @@
 </t>
 <t>
    The actual function performed by the POST method is determined by the
-   server and is usually dependent on the request-target.
+   server and is usually dependent on the Effective Request URI.
 </t>
 <t>
    The action performed by the POST method might not result in a
@@ -942 +942 @@
   <iref primary="true" item="Methods" subitem="PUT" x:for-anchor=""/>
 <t>
    The PUT method requests that the enclosed entity be stored at the
-   supplied request-target. If the request-target refers to an already
+   Effective Request URI. If the Effective Request URI refers to an already
    existing resource, the enclosed entity &SHOULD; be considered as a
-   modified version of the one residing on the origin server. If the
-   request-target does not point to an existing resource, and that URI is
+   modified version of the one residing on the origin server. Otherwise, if the
+   Effective Request URI does not point to an existing resource, and that URI is
    capable of being defined as a new resource by the requesting user
-   agent, the origin server can create the resource with that URI. If a
-   new resource is created at the request-target, the origin server &MUST;
-   inform the user agent
+   agent, the origin server can create the resource with that URI.
+</t>
+<t>   
+   If a new resource is created at the Effective Request URI, the origin
+   server &MUST; inform the user agent
    via the 201 (Created) response. If an existing resource is modified,
    either the 200 (OK) or 204 (No Content) response codes &SHOULD; be sent
-   to indicate successful completion of the request. If the resource
-   could not be created or modified with the request-target, an appropriate
-   error response &SHOULD; be given that reflects the nature of the
-   problem. The recipient of the entity &MUST-NOT; ignore any Content-*
+   to indicate successful completion of the request.
+</t>
+<t>   
+   If the resource could not be created or modified with the Effective Request 
+   URI, an appropriate error response &SHOULD; be given that reflects the nature
+   of the problem. The recipient of the entity &MUST-NOT; ignore any Content-*
    headers (headers starting with the prefix "Content-") that it does
    not understand or implement
    and &MUST; return a 501 (Not Implemented) response in such cases.
 </t>
 <t>
-   If the request passes through a cache and the request-target identifies
-   one or more currently cached entities, those entries &SHOULD; be
+   If the request passes through a cache and the Effective Request URI
+   identifies one or more currently cached entities, those entries &SHOULD; be
    treated as stale. Responses to this method are not cacheable.
 </t>
 <t>
    The fundamental difference between the POST and PUT requests is
-   reflected in the different meaning of the request-target. The URI in a
+   reflected in the different meaning of the Effective Request URI. The URI in a
    POST request identifies the resource that will handle the enclosed
    entity. That resource might be a data-accepting process, a gateway to
    some other protocol, or a separate entity that accepts annotations.
@@ -1002 +1006 @@
   <iref primary="true" item="Methods" subitem="DELETE" x:for-anchor=""/>
 <t>
    The DELETE method requests that the origin server delete the resource
-   identified by the request-target. This method &MAY; be overridden by human
-   intervention (or other means) on the origin server. The client cannot
+   identified by the Effective Request URI. This method &MAY; be overridden by
+   human intervention (or other means) on the origin server. The client cannot
    be guaranteed that the operation has been carried out, even if the
    status code returned from the origin server indicates that the action
    has been completed successfully. However, the server &SHOULD-NOT; 
@@ -1018 +1022 @@
    but the response does not include an entity.
 </t>
 <t>
-   If the request passes through a cache and the request-target identifies
-   one or more currently cached entities, those entries &SHOULD; be
+   If the request passes through a cache and the Effective Request URI
+   identifies one or more currently cached entities, those entries &SHOULD; be
    treated as stale. Responses to this method are not cacheable.
 </t>
 </section>
@@ -1330 +1334 @@
    The requested resource has been assigned a new permanent URI and any
    future references to this resource &SHOULD; use one of the returned
    URIs.  Clients with link editing capabilities ought to automatically
-   re-link references to the request-target to one or more of the new
+   re-link references to the Effective Request URI to one or more of the new
    references returned by the server, where possible. This response is
    cacheable unless indicated otherwise.
 </t>
@@ -1363 +1367 @@
 <t>
    The requested resource resides temporarily under a different URI.
    Since the redirection might be altered on occasion, the client &SHOULD;
-   continue to use the request-target for future requests.  This response
+   continue to use the Effectice Request URI for future requests.  This response
    is only cacheable if indicated by a Cache-Control or Expires header
    field.
 </t>
@@ -1476 +1480 @@
 <t>
    The requested resource resides temporarily under a different URI.
    Since the redirection &MAY; be altered on occasion, the client &SHOULD;
-   continue to use the request-target for future requests.  This response
+   continue to use the Effective Request URI for future requests.  This response
    is only cacheable if indicated by a Cache-Control or Expires header
    field.
 </t>
@@ -1566 +1570 @@
   <iref primary="true" item="404 Not Found (status code)" x:for-anchor=""/>
   <iref primary="true" item="Status Codes" subitem="404 Not Found" x:for-anchor=""/>
 <t>
-   The server has not found anything matching the request-target. No
+   The server has not found anything matching the Effective Request URI. No
    indication is given of whether the condition is temporary or
    permanent. The 410 (Gone) status code &SHOULD; be used if the server
    knows, through some internally configurable mechanism, that an old
@@ -1582 +1586 @@
   <iref primary="true" item="Status Codes" subitem="405 Method Not Allowed" x:for-anchor=""/>
 <t>
    The method specified in the Request-Line is not allowed for the
-   resource identified by the request-target. The response &MUST; include an
+   resource identified by the Effective Request URI. The response &MUST; include an
    Allow header containing a list of valid methods for the requested
    resource.
 </t>
@@ -1673 +1677 @@
    The requested resource is no longer available at the server and no
    forwarding address is known. This condition is expected to be
    considered permanent. Clients with link editing capabilities &SHOULD;
-   delete references to the request-target after user approval. If the
+   delete references to the Effective Request URI after user approval. If the
    server does not know, or has no facility to determine, whether or not
    the condition is permanent, the status code 404 (Not Found) &SHOULD; be
    used instead. This response is cacheable unless indicated otherwise.
@@ -1735 +1739 @@
   <iref primary="true" item="414 URI Too Long (status code)" x:for-anchor=""/>
   <iref primary="true" item="Status Codes" subitem="414 URI Too Long" x:for-anchor=""/>
 <t>
-   The server is refusing to service the request because the request-target
+   The server is refusing to service the request because the Effective Request URI
    is longer than the server is willing to interpret. This rare
    condition is only likely to occur when a client has improperly
    converted a POST request to a GET request with long query
@@ -1743 +1747 @@
    redirection (e.g., a redirected URI prefix that points to a suffix of
    itself), or when the server is under attack by a client attempting to
    exploit security holes present in some servers using fixed-length
-   buffers for reading or manipulating the request-target.
+   buffers for reading or manipulating the Effective Request URI.
 </t>
 </section>
 
@@ -1895 +1899 @@
   <x:anchor-alias value="Allow-v"/>
 <t>
    The "Allow" response-header field lists the set of methods advertised as
-   supported by the resource identified by the request-target. The purpose of
+   supported by the resource identified by the Effective Request URI. The purpose of
    this field is strictly to inform the recipient of valid methods
    associated with the resource.
 </t>
@@ -2128 +2132 @@
   <x:anchor-alias value="Referer-v"/>
 <t>
    The "Referer" [sic] request-header field allows the client to specify the
-   URI of the resource from which the request-target was obtained (the
+   URI of the resource from which the Effective Request URI was obtained (the
    "referrer", although the header field is misspelled.).
 </t>
 <t>
@@ -2140 +2144 @@
    required to contain a Referer header field.
 </t>
 <t>
-   If the request-target was obtained from a source that does not have its own
+   If the Effective Request URI was obtained from a source that does not have its own
    URI (e.g., input from the user keyboard), the Referer field &MUST; either be
    sent with the value "about:blank", or not be sent at all. Note that this
    requirement does not apply to sources with non-HTTP URIs (e.g., FTP).
@@ -2157 +2161 @@
 </artwork></figure>
 <t>
    If the field value is a relative URI, it &SHOULD; be interpreted
-   relative to the request-target. The URI &MUST-NOT; include a fragment. See
+   relative to the Effective Request URI. The URI &MUST-NOT; include a fragment. See
    <xref target="encoding.sensitive.information.in.uris"/> for security considerations.
 </t>
 </section>

p6-cache.xml

@@ -17 +17 @@
   <!ENTITY notation                    "<xref target='Part1' x:rel='#notation' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY basic-rules                 "<xref target='Part1' x:rel='#basic.rules' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY uri                         "<xref target='Part1' x:rel='#uri' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
+  <!ENTITY effective-request-uri      "<xref target='Part1' x:rel='#effective.request.uri' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY messaging                   "<xref target='Part1' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY conditional                 "<xref target='Part4' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY partial                     "<xref target='Part5' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
@@ -477 +478 @@
 <t>
   For a presented request, a cache &MUST-NOT; return a stored response, unless: 
   <list style="symbols">
-    <t>The presented Request-URI and that of the stored response match
-      (<cref anchor="TODO-Request-URI">Need to find a new term for this, as Part
-      1 doesn't define Request-URI anymore; the new term request-target does not
-      work for this. (see <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/196" />)</cref>), and</t>
+    <t>The presented Effective Request URI (&effective-request-uri;) and that of the stored response match, and</t>
     <t>the request method associated with the stored response allows it to be 
       used for the presented request, and</t>
     <t>selecting request-headers nominated by the stored response (if any) match those presented (see <xref
@@ -797 +795 @@
   up-to-date.
 </t>
 <t>
-  The following HTTP methods &MUST; cause a cache to invalidate the Request-URI as well
+  The following HTTP methods &MUST; cause a cache to invalidate the Effective Request URI (&effective-request-uri;) as well
   as the URI(s) in the Location and Content-Location headers (if present):
   <list style="symbols">
     <t>PUT</t>
@@ -807 +805 @@
 </t>
 <t>
   An invalidation based on a URI from a Location or Content-Location header &MUST-NOT;
-  be performed if the host part of that URI differs from the host part in the Request-URI.
+  be performed if the host part of that URI differs from the host part in the Effective Request URI (&effective-request-uri;).
   This helps prevent denial of service attacks.
 </t>
 <t>
@@ -815 +813 @@
 </t>
 <t>
   A cache that passes through requests for methods it does not understand &SHOULD;
-  invalidate the Request-URI.
+  invalidate the Effective Request URI (&effective-request-uri;).
 </t>
 <t>
   Here, "invalidate" means that the cache will either remove all stored responses related
-  to the Request-URI, or will mark these as "invalid" and in need of a mandatory validation
+  to the Effective Request URI, or will mark these as "invalid" and in need of a mandatory validation
   before they can be returned in response to a subsequent request.
 </t>
 <t>