source: draft-ietf-httpbis/17/draft-ietf-httpbis-p3-payload-17.txt @ 1529

Last change on this file since 1529 was 1467, checked in by julian.reschke@…, 8 years ago

Prepare publication of -17.

  • Property svn:eol-style set to native
  • Property svn:executable set to *
File size: 92.7 KB
Line 
1
2
3
4HTTPbis Working Group                                   R. Fielding, Ed.
5Internet-Draft                                                     Adobe
6Obsoletes: 2616 (if approved)                                  J. Gettys
7Intended status: Standards Track                          Alcatel-Lucent
8Expires: May 3, 2012                                            J. Mogul
9                                                                      HP
10                                                              H. Frystyk
11                                                               Microsoft
12                                                             L. Masinter
13                                                                   Adobe
14                                                                P. Leach
15                                                               Microsoft
16                                                          T. Berners-Lee
17                                                                 W3C/MIT
18                                                           Y. Lafon, Ed.
19                                                                     W3C
20                                                         J. Reschke, Ed.
21                                                              greenbytes
22                                                        October 31, 2011
23
24
25       HTTP/1.1, part 3: Message Payload and Content Negotiation
26                    draft-ietf-httpbis-p3-payload-17
27
28Abstract
29
30   The Hypertext Transfer Protocol (HTTP) is an application-level
31   protocol for distributed, collaborative, hypertext information
32   systems.  HTTP has been in use by the World Wide Web global
33   information initiative since 1990.  This document is Part 3 of the
34   seven-part specification that defines the protocol referred to as
35   "HTTP/1.1" and, taken together, obsoletes RFC 2616.
36
37   Part 3 defines HTTP message content, metadata, and content
38   negotiation.
39
40Editorial Note (To be removed by RFC Editor)
41
42   Discussion of this draft should take place on the HTTPBIS working
43   group mailing list (ietf-http-wg@w3.org), which is archived at
44   <http://lists.w3.org/Archives/Public/ietf-http-wg/>.
45
46   The current issues list is at
47   <http://tools.ietf.org/wg/httpbis/trac/report/3> and related
48   documents (including fancy diffs) can be found at
49   <http://tools.ietf.org/wg/httpbis/>.
50
51   The changes in this draft are summarized in Appendix E.18.
52
53
54
55Fielding, et al.           Expires May 3, 2012                  [Page 1]
56
57Internet-Draft              HTTP/1.1, Part 3                October 2011
58
59
60Status of This Memo
61
62   This Internet-Draft is submitted in full conformance with the
63   provisions of BCP 78 and BCP 79.
64
65   Internet-Drafts are working documents of the Internet Engineering
66   Task Force (IETF).  Note that other groups may also distribute
67   working documents as Internet-Drafts.  The list of current Internet-
68   Drafts is at http://datatracker.ietf.org/drafts/current/.
69
70   Internet-Drafts are draft documents valid for a maximum of six months
71   and may be updated, replaced, or obsoleted by other documents at any
72   time.  It is inappropriate to use Internet-Drafts as reference
73   material or to cite them other than as "work in progress."
74
75   This Internet-Draft will expire on May 3, 2012.
76
77Copyright Notice
78
79   Copyright (c) 2011 IETF Trust and the persons identified as the
80   document authors.  All rights reserved.
81
82   This document is subject to BCP 78 and the IETF Trust's Legal
83   Provisions Relating to IETF Documents
84   (http://trustee.ietf.org/license-info) in effect on the date of
85   publication of this document.  Please review these documents
86   carefully, as they describe your rights and restrictions with respect
87   to this document.  Code Components extracted from this document must
88   include Simplified BSD License text as described in Section 4.e of
89   the Trust Legal Provisions and are provided without warranty as
90   described in the Simplified BSD License.
91
92   This document may contain material from IETF Documents or IETF
93   Contributions published or made publicly available before November
94   10, 2008.  The person(s) controlling the copyright in some of this
95   material may not have granted the IETF Trust the right to allow
96   modifications of such material outside the IETF Standards Process.
97   Without obtaining an adequate license from the person(s) controlling
98   the copyright in such materials, this document may not be modified
99   outside the IETF Standards Process, and derivative works of it may
100   not be created outside the IETF Standards Process, except to format
101   it for publication as an RFC or to translate it into languages other
102   than English.
103
104Table of Contents
105
106   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  5
107     1.1.  Terminology  . . . . . . . . . . . . . . . . . . . . . . .  5
108
109
110
111Fielding, et al.           Expires May 3, 2012                  [Page 2]
112
113Internet-Draft              HTTP/1.1, Part 3                October 2011
114
115
116     1.2.  Conformance and Error Handling . . . . . . . . . . . . . .  5
117     1.3.  Syntax Notation  . . . . . . . . . . . . . . . . . . . . .  6
118       1.3.1.  Core Rules . . . . . . . . . . . . . . . . . . . . . .  6
119       1.3.2.  ABNF Rules defined in other Parts of the
120               Specification  . . . . . . . . . . . . . . . . . . . .  6
121   2.  Protocol Parameters  . . . . . . . . . . . . . . . . . . . . .  6
122     2.1.  Character Encodings (charset)  . . . . . . . . . . . . . .  6
123     2.2.  Content Codings  . . . . . . . . . . . . . . . . . . . . .  7
124       2.2.1.  Content Coding Registry  . . . . . . . . . . . . . . .  8
125     2.3.  Media Types  . . . . . . . . . . . . . . . . . . . . . . .  8
126       2.3.1.  Canonicalization and Text Defaults . . . . . . . . . .  9
127       2.3.2.  Multipart Types  . . . . . . . . . . . . . . . . . . .  9
128     2.4.  Language Tags  . . . . . . . . . . . . . . . . . . . . . . 10
129   3.  Payload  . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
130     3.1.  Payload Header Fields  . . . . . . . . . . . . . . . . . . 11
131     3.2.  Payload Body . . . . . . . . . . . . . . . . . . . . . . . 11
132   4.  Representation . . . . . . . . . . . . . . . . . . . . . . . . 11
133     4.1.  Representation Header Fields . . . . . . . . . . . . . . . 12
134     4.2.  Representation Data  . . . . . . . . . . . . . . . . . . . 12
135   5.  Content Negotiation  . . . . . . . . . . . . . . . . . . . . . 13
136     5.1.  Server-driven Negotiation  . . . . . . . . . . . . . . . . 14
137     5.2.  Agent-driven Negotiation . . . . . . . . . . . . . . . . . 15
138   6.  Header Field Definitions . . . . . . . . . . . . . . . . . . . 16
139     6.1.  Accept . . . . . . . . . . . . . . . . . . . . . . . . . . 16
140     6.2.  Accept-Charset . . . . . . . . . . . . . . . . . . . . . . 18
141     6.3.  Accept-Encoding  . . . . . . . . . . . . . . . . . . . . . 19
142     6.4.  Accept-Language  . . . . . . . . . . . . . . . . . . . . . 20
143     6.5.  Content-Encoding . . . . . . . . . . . . . . . . . . . . . 21
144     6.6.  Content-Language . . . . . . . . . . . . . . . . . . . . . 22
145     6.7.  Content-Location . . . . . . . . . . . . . . . . . . . . . 23
146     6.8.  Content-Type . . . . . . . . . . . . . . . . . . . . . . . 25
147   7.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 25
148     7.1.  Header Field Registration  . . . . . . . . . . . . . . . . 25
149     7.2.  Content Coding Registry  . . . . . . . . . . . . . . . . . 25
150   8.  Security Considerations  . . . . . . . . . . . . . . . . . . . 26
151     8.1.  Privacy Issues Connected to Accept Header Fields . . . . . 26
152   9.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 27
153   10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 27
154     10.1. Normative References . . . . . . . . . . . . . . . . . . . 27
155     10.2. Informative References . . . . . . . . . . . . . . . . . . 29
156   Appendix A.  Differences between HTTP and MIME . . . . . . . . . . 30
157     A.1.  MIME-Version . . . . . . . . . . . . . . . . . . . . . . . 30
158     A.2.  Conversion to Canonical Form . . . . . . . . . . . . . . . 31
159     A.3.  Conversion of Date Formats . . . . . . . . . . . . . . . . 31
160     A.4.  Introduction of Content-Encoding . . . . . . . . . . . . . 31
161     A.5.  No Content-Transfer-Encoding . . . . . . . . . . . . . . . 32
162     A.6.  Introduction of Transfer-Encoding  . . . . . . . . . . . . 32
163     A.7.  MHTML and Line Length Limitations  . . . . . . . . . . . . 32
164
165
166
167Fielding, et al.           Expires May 3, 2012                  [Page 3]
168
169Internet-Draft              HTTP/1.1, Part 3                October 2011
170
171
172   Appendix B.  Additional Features . . . . . . . . . . . . . . . . . 32
173   Appendix C.  Changes from RFC 2616 . . . . . . . . . . . . . . . . 33
174   Appendix D.  Collected ABNF  . . . . . . . . . . . . . . . . . . . 33
175   Appendix E.  Change Log (to be removed by RFC Editor before
176                publication)  . . . . . . . . . . . . . . . . . . . . 35
177     E.1.  Since RFC 2616 . . . . . . . . . . . . . . . . . . . . . . 35
178     E.2.  Since draft-ietf-httpbis-p3-payload-00 . . . . . . . . . . 35
179     E.3.  Since draft-ietf-httpbis-p3-payload-01 . . . . . . . . . . 36
180     E.4.  Since draft-ietf-httpbis-p3-payload-02 . . . . . . . . . . 36
181     E.5.  Since draft-ietf-httpbis-p3-payload-03 . . . . . . . . . . 36
182     E.6.  Since draft-ietf-httpbis-p3-payload-04 . . . . . . . . . . 37
183     E.7.  Since draft-ietf-httpbis-p3-payload-05 . . . . . . . . . . 37
184     E.8.  Since draft-ietf-httpbis-p3-payload-06 . . . . . . . . . . 37
185     E.9.  Since draft-ietf-httpbis-p3-payload-07 . . . . . . . . . . 38
186     E.10. Since draft-ietf-httpbis-p3-payload-08 . . . . . . . . . . 38
187     E.11. Since draft-ietf-httpbis-p3-payload-09 . . . . . . . . . . 38
188     E.12. Since draft-ietf-httpbis-p3-payload-10 . . . . . . . . . . 39
189     E.13. Since draft-ietf-httpbis-p3-payload-11 . . . . . . . . . . 40
190     E.14. Since draft-ietf-httpbis-p3-payload-12 . . . . . . . . . . 40
191     E.15. Since draft-ietf-httpbis-p3-payload-13 . . . . . . . . . . 40
192     E.16. Since draft-ietf-httpbis-p3-payload-14 . . . . . . . . . . 40
193     E.17. Since draft-ietf-httpbis-p3-payload-15 . . . . . . . . . . 40
194     E.18. Since draft-ietf-httpbis-p3-payload-16 . . . . . . . . . . 41
195   Index  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223Fielding, et al.           Expires May 3, 2012                  [Page 4]
224
225Internet-Draft              HTTP/1.1, Part 3                October 2011
226
227
2281.  Introduction
229
230   This document defines HTTP/1.1 message payloads (a.k.a., content),
231   the associated metadata header fields that define how the payload is
232   intended to be interpreted by a recipient, the request header fields
233   that might influence content selection, and the various selection
234   algorithms that are collectively referred to as HTTP content
235   negotiation.
236
237   This document is currently disorganized in order to minimize the
238   changes between drafts and enable reviewers to see the smaller errata
239   changes.  A future draft will reorganize the sections to better
240   reflect the content.  In particular, the sections on entities will be
241   renamed payload and moved to the first half of the document, while
242   the sections on content negotiation and associated request header
243   fields will be moved to the second half.  The current mess reflects
244   how widely dispersed these topics and associated requirements had
245   become in [RFC2616].
246
2471.1.  Terminology
248
249   This specification uses a number of terms to refer to the roles
250   played by participants in, and objects of, the HTTP communication.
251
252   content negotiation
253
254      The mechanism for selecting the appropriate representation when
255      servicing a request.  The representation in any response can be
256      negotiated (including error responses).
257
2581.2.  Conformance and Error Handling
259
260   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
261   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
262   document are to be interpreted as described in [RFC2119].
263
264   This document defines conformance criteria for several roles in HTTP
265   communication, including Senders, Recipients, Clients, Servers, User-
266   Agents, Origin Servers, Intermediaries, Proxies and Gateways.  See
267   Section 2 of [Part1] for definitions of these terms.
268
269   An implementation is considered conformant if it complies with all of
270   the requirements associated with its role(s).  Note that SHOULD-level
271   requirements are relevant here, unless one of the documented
272   exceptions is applicable.
273
274   This document also uses ABNF to define valid protocol elements
275   (Section 1.3).  In addition to the prose requirements placed upon
276
277
278
279Fielding, et al.           Expires May 3, 2012                  [Page 5]
280
281Internet-Draft              HTTP/1.1, Part 3                October 2011
282
283
284   them, Senders MUST NOT generate protocol elements that are invalid.
285
286   Unless noted otherwise, Recipients MAY take steps to recover a usable
287   protocol element from an invalid construct.  However, HTTP does not
288   define specific error handling mechanisms, except in cases where it
289   has direct impact on security.  This is because different uses of the
290   protocol require different error handling strategies; for example, a
291   Web browser may wish to transparently recover from a response where
292   the Location header field doesn't parse according to the ABNF,
293   whereby in a systems control protocol using HTTP, this type of error
294   recovery could lead to dangerous consequences.
295
2961.3.  Syntax Notation
297
298   This specification uses the ABNF syntax defined in Section 1.2 of
299   [Part1] (which extends the syntax defined in [RFC5234] with a list
300   rule).  Appendix D shows the collected ABNF, with the list rule
301   expanded.
302
303   The following core rules are included by reference, as defined in
304   [RFC5234], Appendix B.1: ALPHA (letters), CR (carriage return), CRLF
305   (CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote),
306   HEXDIG (hexadecimal 0-9/A-F/a-f), LF (line feed), OCTET (any 8-bit
307   sequence of data), SP (space), and VCHAR (any visible US-ASCII
308   character).
309
3101.3.1.  Core Rules
311
312   The core rules below are defined in [Part1]:
313
314     OWS            = <OWS, defined in [Part1], Section 1.2.2>
315     token          = <token, defined in [Part1], Section 3.2.3>
316     word           = <word, defined in [Part1], Section 3.2.3>
317
3181.3.2.  ABNF Rules defined in other Parts of the Specification
319
320   The ABNF rules below are defined in other parts:
321
322     absolute-URI   = <absolute-URI, defined in [Part1], Section 2.7>
323     partial-URI    = <partial-URI, defined in [Part1], Section 2.7>
324     qvalue         = <qvalue, defined in [Part1], Section 5.3>
325
3262.  Protocol Parameters
327
3282.1.  Character Encodings (charset)
329
330   HTTP uses charset names to indicate the character encoding of a
331   textual representation.
332
333
334
335Fielding, et al.           Expires May 3, 2012                  [Page 6]
336
337Internet-Draft              HTTP/1.1, Part 3                October 2011
338
339
340   A character encoding is identified by a case-insensitive token.  The
341   complete set of tokens is defined by the IANA Character Set registry
342   (<http://www.iana.org/assignments/character-sets>).
343
344     charset = token
345
346   Although HTTP allows an arbitrary token to be used as a charset
347   value, any token that has a predefined value within the IANA
348   Character Set registry MUST represent the character encoding defined
349   by that registry.  Applications SHOULD limit their use of character
350   encodings to those defined within the IANA registry.
351
352   HTTP uses charset in two contexts: within an Accept-Charset request
353   header field (in which the charset value is an unquoted token) and as
354   the value of a parameter in a Content-Type header field (within a
355   request or response), in which case the parameter value of the
356   charset parameter can be quoted.
357
358   Implementors need to be aware of IETF character set requirements
359   [RFC3629] [RFC2277].
360
3612.2.  Content Codings
362
363   Content coding values indicate an encoding transformation that has
364   been or can be applied to a representation.  Content codings are
365   primarily used to allow a representation to be compressed or
366   otherwise usefully transformed without losing the identity of its
367   underlying media type and without loss of information.  Frequently,
368   the representation is stored in coded form, transmitted directly, and
369   only decoded by the recipient.
370
371     content-coding   = token
372
373   All content-coding values are case-insensitive.  HTTP/1.1 uses
374   content-coding values in the Accept-Encoding (Section 6.3) and
375   Content-Encoding (Section 6.5) header fields.  Although the value
376   describes the content-coding, what is more important is that it
377   indicates what decoding mechanism will be required to remove the
378   encoding.
379
380   compress
381
382      See Section 5.1.2.1 of [Part1].
383
384   deflate
385
386      See Section 5.1.2.2 of [Part1].
387
388
389
390
391Fielding, et al.           Expires May 3, 2012                  [Page 7]
392
393Internet-Draft              HTTP/1.1, Part 3                October 2011
394
395
396   gzip
397
398      See Section 5.1.2.3 of [Part1].
399
4002.2.1.  Content Coding Registry
401
402   The HTTP Content Coding Registry defines the name space for the
403   content coding names.
404
405   Registrations MUST include the following fields:
406
407   o  Name
408
409   o  Description
410
411   o  Pointer to specification text
412
413   Names of content codings MUST NOT overlap with names of transfer
414   codings (Section 5.1 of [Part1]), unless the encoding transformation
415   is identical (as it is the case for the compression codings defined
416   in Section 5.1.2 of [Part1]).
417
418   Values to be added to this name space require a specification (see
419   "Specification Required" in Section 4.1 of [RFC5226]), and MUST
420   conform to the purpose of content coding defined in this section.
421
422   The registry itself is maintained at
423   <http://www.iana.org/assignments/http-parameters>.
424
4252.3.  Media Types
426
427   HTTP uses Internet Media Types [RFC2046] in the Content-Type
428   (Section 6.8) and Accept (Section 6.1) header fields in order to
429   provide open and extensible data typing and type negotiation.
430
431     media-type = type "/" subtype *( OWS ";" OWS parameter )
432     type       = token
433     subtype    = token
434
435   The type/subtype MAY be followed by parameters in the form of
436   attribute/value pairs.
437
438     parameter      = attribute "=" value
439     attribute      = token
440     value          = word
441
442   The type, subtype, and parameter attribute names are case-
443   insensitive.  Parameter values might or might not be case-sensitive,
444
445
446
447Fielding, et al.           Expires May 3, 2012                  [Page 8]
448
449Internet-Draft              HTTP/1.1, Part 3                October 2011
450
451
452   depending on the semantics of the parameter name.  The presence or
453   absence of a parameter might be significant to the processing of a
454   media-type, depending on its definition within the media type
455   registry.
456
457   A parameter value that matches the token production can be
458   transmitted as either a token or within a quoted-string.  The quoted
459   and unquoted values are equivalent.
460
461   Note that some older HTTP applications do not recognize media type
462   parameters.  When sending data to older HTTP applications,
463   implementations SHOULD only use media type parameters when they are
464   required by that type/subtype definition.
465
466   Media-type values are registered with the Internet Assigned Number
467   Authority (IANA).  The media type registration process is outlined in
468   [RFC4288].  Use of non-registered media types is discouraged.
469
4702.3.1.  Canonicalization and Text Defaults
471
472   Internet media types are registered with a canonical form.  A
473   representation transferred via HTTP messages MUST be in the
474   appropriate canonical form prior to its transmission except for
475   "text" types, as defined in the next paragraph.
476
477   When in canonical form, media subtypes of the "text" type use CRLF as
478   the text line break.  HTTP relaxes this requirement and allows the
479   transport of text media with plain CR or LF alone representing a line
480   break when it is done consistently for an entire representation.
481   HTTP applications MUST accept CRLF, bare CR, and bare LF as
482   indicating a line break in text media received via HTTP.  In
483   addition, if the text is in a character encoding that does not use
484   octets 13 and 10 for CR and LF respectively, as is the case for some
485   multi-byte character encodings, HTTP allows the use of whatever octet
486   sequences are defined by that character encoding to represent the
487   equivalent of CR and LF for line breaks.  This flexibility regarding
488   line breaks applies only to text media in the payload body; a bare CR
489   or LF MUST NOT be substituted for CRLF within any of the HTTP control
490   structures (such as header fields and multipart boundaries).
491
492   If a representation is encoded with a content-coding, the underlying
493   data MUST be in a form defined above prior to being encoded.
494
4952.3.2.  Multipart Types
496
497   MIME provides for a number of "multipart" types -- encapsulations of
498   one or more representations within a single message-body.  All
499   multipart types share a common syntax, as defined in Section 5.1.1 of
500
501
502
503Fielding, et al.           Expires May 3, 2012                  [Page 9]
504
505Internet-Draft              HTTP/1.1, Part 3                October 2011
506
507
508   [RFC2046], and MUST include a boundary parameter as part of the media
509   type value.  The message body is itself a protocol element and MUST
510   therefore use only CRLF to represent line breaks between body-parts.
511
512   In general, HTTP treats a multipart message-body no differently than
513   any other media type: strictly as payload.  HTTP does not use the
514   multipart boundary as an indicator of message-body length.  In all
515   other respects, an HTTP user agent SHOULD follow the same or similar
516   behavior as a MIME user agent would upon receipt of a multipart type.
517   The MIME header fields within each body-part of a multipart message-
518   body do not have any significance to HTTP beyond that defined by
519   their MIME semantics.
520
521   If an application receives an unrecognized multipart subtype, the
522   application MUST treat it as being equivalent to "multipart/mixed".
523
524      Note: The "multipart/form-data" type has been specifically defined
525      for carrying form data suitable for processing via the POST
526      request method, as described in [RFC2388].
527
5282.4.  Language Tags
529
530   A language tag, as defined in [RFC5646], identifies a natural
531   language spoken, written, or otherwise conveyed by human beings for
532   communication of information to other human beings.  Computer
533   languages are explicitly excluded.  HTTP uses language tags within
534   the Accept-Language and Content-Language fields.
535
536   In summary, a language tag is composed of one or more parts: A
537   primary language subtag followed by a possibly empty series of
538   subtags:
539
540     language-tag = <Language-Tag, defined in [RFC5646], Section 2.1>
541
542   White space is not allowed within the tag and all tags are case-
543   insensitive.  The name space of language subtags is administered by
544   the IANA (see
545   <http://www.iana.org/assignments/language-subtag-registry>).
546
547   Example tags include:
548
549     en, en-US, es-419, az-Arab, x-pig-latin, man-Nkoo-GN
550
551   See [RFC5646] for further information.
552
553
554
555
556
557
558
559Fielding, et al.           Expires May 3, 2012                 [Page 10]
560
561Internet-Draft              HTTP/1.1, Part 3                October 2011
562
563
5643.  Payload
565
566   HTTP messages MAY transfer a payload if not otherwise restricted by
567   the request method or response status code.  The payload consists of
568   metadata, in the form of header fields, and data, in the form of the
569   sequence of octets in the message-body after any transfer-coding has
570   been decoded.
571
572   A "payload" in HTTP is always a partial or complete representation of
573   some resource.  We use separate terms for payload and representation
574   because some messages contain only the associated representation's
575   header fields (e.g., responses to HEAD) or only some part(s) of the
576   representation (e.g., the 206 status code).
577
5783.1.  Payload Header Fields
579
580   HTTP header fields that specifically define the payload, rather than
581   the associated representation, are referred to as "payload header
582   fields".  The following payload header fields are defined by
583   HTTP/1.1:
584
585   +-------------------+------------------------+
586   | Header Field Name | Defined in...          |
587   +-------------------+------------------------+
588   | Content-Length    | Section 8.2 of [Part1] |
589   | Content-Range     | Section 5.2 of [Part5] |
590   +-------------------+------------------------+
591
5923.2.  Payload Body
593
594   A payload body is only present in a message when a message-body is
595   present, as described in Section 3.3 of [Part1].  The payload body is
596   obtained from the message-body by decoding any Transfer-Encoding that
597   might have been applied to ensure safe and proper transfer of the
598   message.
599
6004.  Representation
601
602   A "representation" is information in a format that can be readily
603   communicated from one party to another.  A resource representation is
604   information that reflects the state of that resource, as observed at
605   some point in the past (e.g., in a response to GET) or to be desired
606   at some point in the future (e.g., in a PUT request).
607
608   Most, but not all, representations transferred via HTTP are intended
609   to be a representation of the target resource (the resource
610   identified by the effective request URI).  The precise semantics of a
611   representation are determined by the type of message (request or
612
613
614
615Fielding, et al.           Expires May 3, 2012                 [Page 11]
616
617Internet-Draft              HTTP/1.1, Part 3                October 2011
618
619
620   response), the request method, the response status code, and the
621   representation metadata.  For example, the above semantic is true for
622   the representation in any 200 (OK) response to GET and for the
623   representation in any PUT request.  A 200 response to PUT, in
624   contrast, contains either a representation that describes the
625   successful action or a representation of the target resource, with
626   the latter indicated by a Content-Location header field with the same
627   value as the effective request URI.  Likewise, response messages with
628   an error status code usually contain a representation that describes
629   the error and what next steps are suggested for resolving it.
630
6314.1.  Representation Header Fields
632
633   Representation header fields define metadata about the representation
634   data enclosed in the message-body or, if no message-body is present,
635   about the representation that would have been transferred in a 200
636   response to a simultaneous GET request with the same effective
637   request URI.
638
639   The following header fields are defined as representation metadata:
640
641   +-------------------+------------------------+
642   | Header Field Name | Defined in...          |
643   +-------------------+------------------------+
644   | Content-Encoding  | Section 6.5            |
645   | Content-Language  | Section 6.6            |
646   | Content-Location  | Section 6.7            |
647   | Content-Type      | Section 6.8            |
648   | Expires           | Section 3.3 of [Part6] |
649   | Last-Modified     | Section 2.2 of [Part4] |
650   +-------------------+------------------------+
651
6524.2.  Representation Data
653
654   The representation body associated with an HTTP message is either
655   provided as the payload body of the message or referred to by the
656   message semantics and the effective request URI.  The representation
657   data is in a format and encoding defined by the representation
658   metadata header fields.
659
660   The data type of the representation data is determined via the header
661   fields Content-Type and Content-Encoding.  These define a two-layer,
662   ordered encoding model:
663
664     representation-data := Content-Encoding( Content-Type( bits ) )
665
666   Content-Type specifies the media type of the underlying data, which
667   defines both the data format and how that data SHOULD be processed by
668
669
670
671Fielding, et al.           Expires May 3, 2012                 [Page 12]
672
673Internet-Draft              HTTP/1.1, Part 3                October 2011
674
675
676   the recipient (within the scope of the request method semantics).
677   Any HTTP/1.1 message containing a payload body SHOULD include a
678   Content-Type header field defining the media type of the associated
679   representation unless that metadata is unknown to the sender.  If the
680   Content-Type header field is not present, it indicates that the
681   sender does not know the media type of the representation; recipients
682   MAY either assume that the media type is "application/octet-stream"
683   ([RFC2046], Section 4.5.1) or examine the content to determine its
684   type.
685
686   In practice, resource owners do not always properly configure their
687   origin server to provide the correct Content-Type for a given
688   representation, with the result that some clients will examine a
689   response body's content and override the specified type.  Clients
690   that do so risk drawing incorrect conclusions, which might expose
691   additional security risks (e.g., "privilege escalation").
692   Furthermore, it is impossible to determine the sender's intent by
693   examining the data format: many data formats match multiple media
694   types that differ only in processing semantics.  Implementers are
695   encouraged to provide a means of disabling such "content sniffing"
696   when it is used.
697
698   Content-Encoding is used to indicate any additional content codings
699   applied to the data, usually for the purpose of data compression,
700   that are a property of the representation.  If Content-Encoding is
701   not present, then there is no additional encoding beyond that defined
702   by the Content-Type.
703
7045.  Content Negotiation
705
706   HTTP responses include a representation which contains information
707   for interpretation, whether by a human user or for further
708   processing.  Often, the server has different ways of representing the
709   same information; for example, in different formats, languages, or
710   using different character encodings.
711
712   HTTP clients and their users might have different or variable
713   capabilities, characteristics or preferences which would influence
714   which representation, among those available from the server, would be
715   best for the server to deliver.  For this reason, HTTP provides
716   mechanisms for "content negotiation" -- a process of allowing
717   selection of a representation of a given resource, when more than one
718   is available.
719
720   This specification defines two patterns of content negotiation;
721   "server-driven", where the server selects the representation based
722   upon the client's stated preferences, and "agent-driven" negotiation,
723   where the server provides a list of representations for the client to
724
725
726
727Fielding, et al.           Expires May 3, 2012                 [Page 13]
728
729Internet-Draft              HTTP/1.1, Part 3                October 2011
730
731
732   choose from, based upon their metadata.  In addition, there are other
733   patterns: some applications use an "active content" pattern, where
734   the server returns active content which runs on the client and, based
735   on client available parameters, selects additional resources to
736   invoke.  "Transparent Content Negotiation" ([RFC2295]) has also been
737   proposed.
738
739   These patterns are all widely used, and have trade-offs in
740   applicability and practicality.  In particular, when the number of
741   preferences or capabilities to be expressed by a client are large
742   (such as when many different formats are supported by a user-agent),
743   server-driven negotiation becomes unwieldy, and might not be
744   appropriate.  Conversely, when the number of representations to
745   choose from is very large, agent-driven negotiation might not be
746   appropriate.
747
748   Note that in all cases, the supplier of representations has the
749   responsibility for determining which representations might be
750   considered to be the "same information".
751
7525.1.  Server-driven Negotiation
753
754   If the selection of the best representation for a response is made by
755   an algorithm located at the server, it is called server-driven
756   negotiation.  Selection is based on the available representations of
757   the response (the dimensions over which it can vary; e.g., language,
758   content-coding, etc.) and the contents of particular header fields in
759   the request message or on other information pertaining to the request
760   (such as the network address of the client).
761
762   Server-driven negotiation is advantageous when the algorithm for
763   selecting from among the available representations is difficult to
764   describe to the user agent, or when the server desires to send its
765   "best guess" to the client along with the first response (hoping to
766   avoid the round-trip delay of a subsequent request if the "best
767   guess" is good enough for the user).  In order to improve the
768   server's guess, the user agent MAY include request header fields
769   (Accept, Accept-Language, Accept-Encoding, etc.) which describe its
770   preferences for such a response.
771
772   Server-driven negotiation has disadvantages:
773
774   1.  It is impossible for the server to accurately determine what
775       might be "best" for any given user, since that would require
776       complete knowledge of both the capabilities of the user agent and
777       the intended use for the response (e.g., does the user want to
778       view it on screen or print it on paper?).
779
780
781
782
783Fielding, et al.           Expires May 3, 2012                 [Page 14]
784
785Internet-Draft              HTTP/1.1, Part 3                October 2011
786
787
788   2.  Having the user agent describe its capabilities in every request
789       can be both very inefficient (given that only a small percentage
790       of responses have multiple representations) and a potential
791       violation of the user's privacy.
792
793   3.  It complicates the implementation of an origin server and the
794       algorithms for generating responses to a request.
795
796   4.  It might limit a public cache's ability to use the same response
797       for multiple user's requests.
798
799   Server-driven negotiation allows the user agent to specify its
800   preferences, but it cannot expect responses to always honour them.
801   For example, the origin server might not implement server-driven
802   negotiation, or it might decide that sending a response that doesn't
803   conform to them is better than sending a 406 (Not Acceptable)
804   response.
805
806   Many of the mechanisms for expressing preferences use quality values
807   to declare relative preference.  See Section 5.3 of [Part1] for more
808   information.
809
810   HTTP/1.1 includes the following header fields for enabling server-
811   driven negotiation through description of user agent capabilities and
812   user preferences: Accept (Section 6.1), Accept-Charset (Section 6.2),
813   Accept-Encoding (Section 6.3), Accept-Language (Section 6.4), and
814   User-Agent (Section 9.10 of [Part2]).  However, an origin server is
815   not limited to these dimensions and MAY vary the response based on
816   any aspect of the request, including aspects of the connection (e.g.,
817   IP address) or information within extension header fields not defined
818   by this specification.
819
820      Note: In practice, User-Agent based negotiation is fragile,
821      because new clients might not be recognized.
822
823   The Vary header field (Section 3.5 of [Part6]) can be used to express
824   the parameters the server uses to select a representation that is
825   subject to server-driven negotiation.
826
8275.2.  Agent-driven Negotiation
828
829   With agent-driven negotiation, selection of the best representation
830   for a response is performed by the user agent after receiving an
831   initial response from the origin server.  Selection is based on a
832   list of the available representations of the response included within
833   the header fields or body of the initial response, with each
834   representation identified by its own URI.  Selection from among the
835   representations can be performed automatically (if the user agent is
836
837
838
839Fielding, et al.           Expires May 3, 2012                 [Page 15]
840
841Internet-Draft              HTTP/1.1, Part 3                October 2011
842
843
844   capable of doing so) or manually by the user selecting from a
845   generated (possibly hypertext) menu.
846
847   Agent-driven negotiation is advantageous when the response would vary
848   over commonly-used dimensions (such as type, language, or encoding),
849   when the origin server is unable to determine a user agent's
850   capabilities from examining the request, and generally when public
851   caches are used to distribute server load and reduce network usage.
852
853   Agent-driven negotiation suffers from the disadvantage of needing a
854   second request to obtain the best alternate representation.  This
855   second request is only efficient when caching is used.  In addition,
856   this specification does not define any mechanism for supporting
857   automatic selection, though it also does not prevent any such
858   mechanism from being developed as an extension and used within
859   HTTP/1.1.
860
861   This specification defines the 300 (Multiple Choices) and 406 (Not
862   Acceptable) status codes for enabling agent-driven negotiation when
863   the server is unwilling or unable to provide a varying response using
864   server-driven negotiation.
865
8666.  Header Field Definitions
867
868   This section defines the syntax and semantics of HTTP/1.1 header
869   fields related to the payload of messages.
870
8716.1.  Accept
872
873   The "Accept" header field can be used by user agents to specify
874   response media types that are acceptable.  Accept header fields can
875   be used to indicate that the request is specifically limited to a
876   small set of desired types, as in the case of a request for an in-
877   line image.
878
879     Accept = #( media-range [ accept-params ] )
880
881     media-range    = ( "*/*"
882                      / ( type "/" "*" )
883                      / ( type "/" subtype )
884                      ) *( OWS ";" OWS parameter )
885     accept-params  = OWS ";" OWS "q=" qvalue *( accept-ext )
886     accept-ext     = OWS ";" OWS token [ "=" word ]
887
888   The asterisk "*" character is used to group media types into ranges,
889   with "*/*" indicating all media types and "type/*" indicating all
890   subtypes of that type.  The media-range MAY include media type
891   parameters that are applicable to that range.
892
893
894
895Fielding, et al.           Expires May 3, 2012                 [Page 16]
896
897Internet-Draft              HTTP/1.1, Part 3                October 2011
898
899
900   Each media-range MAY be followed by one or more accept-params,
901   beginning with the "q" parameter for indicating a relative quality
902   factor.  The first "q" parameter (if any) separates the media-range
903   parameter(s) from the accept-params.  Quality factors allow the user
904   or user agent to indicate the relative degree of preference for that
905   media-range, using the qvalue scale from 0 to 1 (Section 5.3 of
906   [Part1]).  The default value is q=1.
907
908      Note: Use of the "q" parameter name to separate media type
909      parameters from Accept extension parameters is due to historical
910      practice.  Although this prevents any media type parameter named
911      "q" from being used with a media range, such an event is believed
912      to be unlikely given the lack of any "q" parameters in the IANA
913      media type registry and the rare usage of any media type
914      parameters in Accept.  Future media types are discouraged from
915      registering any parameter named "q".
916
917   The example
918
919     Accept: audio/*; q=0.2, audio/basic
920
921   SHOULD be interpreted as "I prefer audio/basic, but send me any audio
922   type if it is the best available after an 80% mark-down in quality".
923
924   A request without any Accept header field implies that the user agent
925   will accept any media type in response.  If an Accept header field is
926   present in a request and none of the available representations for
927   the response have a media type that is listed as acceptable, the
928   origin server MAY either honor the Accept header field by sending a
929   406 (Not Acceptable) response or disregard the Accept header field by
930   treating the response as if it is not subject to content negotiation.
931
932   A more elaborate example is
933
934     Accept: text/plain; q=0.5, text/html,
935             text/x-dvi; q=0.8, text/x-c
936
937   Verbally, this would be interpreted as "text/html and text/x-c are
938   the preferred media types, but if they do not exist, then send the
939   text/x-dvi representation, and if that does not exist, send the text/
940   plain representation".
941
942   Media ranges can be overridden by more specific media ranges or
943   specific media types.  If more than one media range applies to a
944   given type, the most specific reference has precedence.  For example,
945
946     Accept: text/*, text/plain, text/plain;format=flowed, */*
947
948
949
950
951Fielding, et al.           Expires May 3, 2012                 [Page 17]
952
953Internet-Draft              HTTP/1.1, Part 3                October 2011
954
955
956   have the following precedence:
957
958   1.  text/plain;format=flowed
959
960   2.  text/plain
961
962   3.  text/*
963
964   4.  */*
965
966   The media type quality factor associated with a given type is
967   determined by finding the media range with the highest precedence
968   which matches that type.  For example,
969
970     Accept: text/*;q=0.3, text/html;q=0.7, text/html;level=1,
971             text/html;level=2;q=0.4, */*;q=0.5
972
973   would cause the following values to be associated:
974
975   +-------------------+---------------+
976   | Media Type        | Quality Value |
977   +-------------------+---------------+
978   | text/html;level=1 | 1             |
979   | text/html         | 0.7           |
980   | text/plain        | 0.3           |
981   | image/jpeg        | 0.5           |
982   | text/html;level=2 | 0.4           |
983   | text/html;level=3 | 0.7           |
984   +-------------------+---------------+
985
986   Note: A user agent might be provided with a default set of quality
987   values for certain media ranges.  However, unless the user agent is a
988   closed system which cannot interact with other rendering agents, this
989   default set ought to be configurable by the user.
990
9916.2.  Accept-Charset
992
993   The "Accept-Charset" header field can be used by user agents to
994   indicate what character encodings are acceptable in a response
995   payload.  This field allows clients capable of understanding more
996   comprehensive or special-purpose character encodings to signal that
997   capability to a server which is capable of representing documents in
998   those character encodings.
999
1000     Accept-Charset = 1#( ( charset / "*" )
1001                            [ OWS ";" OWS "q=" qvalue ] )
1002
1003   Character encoding values (a.k.a., charsets) are described in
1004
1005
1006
1007Fielding, et al.           Expires May 3, 2012                 [Page 18]
1008
1009Internet-Draft              HTTP/1.1, Part 3                October 2011
1010
1011
1012   Section 2.1.  Each charset MAY be given an associated quality value
1013   which represents the user's preference for that charset.  The default
1014   value is q=1.  An example is
1015
1016     Accept-Charset: iso-8859-5, unicode-1-1;q=0.8
1017
1018   The special value "*", if present in the Accept-Charset field,
1019   matches every character encoding which is not mentioned elsewhere in
1020   the Accept-Charset field.  If no "*" is present in an Accept-Charset
1021   field, then all character encodings not explicitly mentioned get a
1022   quality value of 0.
1023
1024   A request without any Accept-Charset header field implies that the
1025   user agent will accept any character encoding in response.  If an
1026   Accept-Charset header field is present in a request and none of the
1027   available representations for the response have a character encoding
1028   that is listed as acceptable, the origin server MAY either honor the
1029   Accept-Charset header field by sending a 406 (Not Acceptable)
1030   response or disregard the Accept-Charset header field by treating the
1031   response as if it is not subject to content negotiation.
1032
10336.3.  Accept-Encoding
1034
1035   The "Accept-Encoding" header field can be used by user agents to
1036   indicate what response content-codings (Section 2.2) are acceptable
1037   in the response.  An "identity" token is used as a synonym for "no
1038   encoding" in order to communicate when no encoding is preferred.
1039
1040     Accept-Encoding  = #( codings [ OWS ";" OWS "q=" qvalue ] )
1041     codings          = content-coding / "identity" / "*"
1042
1043   Each codings value MAY be given an associated quality value which
1044   represents the preference for that encoding.  The default value is
1045   q=1.
1046
1047   For example,
1048
1049     Accept-Encoding: compress, gzip
1050     Accept-Encoding:
1051     Accept-Encoding: *
1052     Accept-Encoding: compress;q=0.5, gzip;q=1.0
1053     Accept-Encoding: gzip;q=1.0, identity; q=0.5, *;q=0
1054
1055   A server tests whether a content-coding for a given representation is
1056   acceptable, according to an Accept-Encoding field, using these rules:
1057
1058   1.  The special "*" symbol in an Accept-Encoding field matches any
1059       available content-coding not explicitly listed in the header
1060
1061
1062
1063Fielding, et al.           Expires May 3, 2012                 [Page 19]
1064
1065Internet-Draft              HTTP/1.1, Part 3                October 2011
1066
1067
1068       field.
1069
1070   2.  If the representation has no content-coding, then it is
1071       acceptable by default unless specifically excluded by the Accept-
1072       Encoding field stating either "identity;q=0" or "*;q=0" without a
1073       more specific entry for "identity".
1074
1075   3.  If the representation's content-coding is one of the content-
1076       codings listed in the Accept-Encoding field, then it is
1077       acceptable unless it is accompanied by a qvalue of 0.  (As
1078       defined in Section 5.3 of [Part1], a qvalue of 0 means "not
1079       acceptable".)
1080
1081   4.  If multiple content-codings are acceptable, then the acceptable
1082       content-coding with the highest non-zero qvalue is preferred.
1083
1084   An Accept-Encoding header field with a combined field-value that is
1085   empty implies that the user agent does not want any content-coding in
1086   response.  If an Accept-Encoding header field is present in a request
1087   and none of the available representations for the response have a
1088   content-coding that is listed as acceptable, the origin server SHOULD
1089   send a response without any content-coding.
1090
1091   A request without an Accept-Encoding header field implies that the
1092   user agent will accept any content-coding in response, but a
1093   representation without content-coding is preferred for compatibility
1094   with the widest variety of user agents.
1095
1096      Note: Most HTTP/1.0 applications do not recognize or obey qvalues
1097      associated with content-codings.  This means that qvalues will not
1098      work and are not permitted with x-gzip or x-compress.
1099
11006.4.  Accept-Language
1101
1102   The "Accept-Language" header field can be used by user agents to
1103   indicate the set of natural languages that are preferred in the
1104   response.  Language tags are defined in Section 2.4.
1105
1106     Accept-Language =
1107                       1#( language-range [ OWS ";" OWS "q=" qvalue ] )
1108     language-range  =
1109               <language-range, defined in [RFC4647], Section 2.1>
1110
1111   Each language-range can be given an associated quality value which
1112   represents an estimate of the user's preference for the languages
1113   specified by that range.  The quality value defaults to "q=1".  For
1114   example,
1115
1116
1117
1118
1119Fielding, et al.           Expires May 3, 2012                 [Page 20]
1120
1121Internet-Draft              HTTP/1.1, Part 3                October 2011
1122
1123
1124     Accept-Language: da, en-gb;q=0.8, en;q=0.7
1125
1126   would mean: "I prefer Danish, but will accept British English and
1127   other types of English". (see also Section 2.3 of [RFC4647])
1128
1129   For matching, Section 3 of [RFC4647] defines several matching
1130   schemes.  Implementations can offer the most appropriate matching
1131   scheme for their requirements.
1132
1133      Note: The "Basic Filtering" scheme ([RFC4647], Section 3.3.1) is
1134      identical to the matching scheme that was previously defined in
1135      Section 14.4 of [RFC2616].
1136
1137   It might be contrary to the privacy expectations of the user to send
1138   an Accept-Language header field with the complete linguistic
1139   preferences of the user in every request.  For a discussion of this
1140   issue, see Section 8.1.
1141
1142   As intelligibility is highly dependent on the individual user, it is
1143   recommended that client applications make the choice of linguistic
1144   preference available to the user.  If the choice is not made
1145   available, then the Accept-Language header field MUST NOT be given in
1146   the request.
1147
1148      Note: When making the choice of linguistic preference available to
1149      the user, we remind implementors of the fact that users are not
1150      familiar with the details of language matching as described above,
1151      and ought to be provided appropriate guidance.  As an example,
1152      users might assume that on selecting "en-gb", they will be served
1153      any kind of English document if British English is not available.
1154      A user agent might suggest in such a case to add "en" to get the
1155      best matching behavior.
1156
11576.5.  Content-Encoding
1158
1159   The "Content-Encoding" header field indicates what content-codings
1160   have been applied to the representation beyond those inherent in the
1161   media type, and thus what decoding mechanisms must be applied in
1162   order to obtain the media-type referenced by the Content-Type header
1163   field.  Content-Encoding is primarily used to allow a representation
1164   to be compressed without losing the identity of its underlying media
1165   type.
1166
1167     Content-Encoding = 1#content-coding
1168
1169   Content codings are defined in Section 2.2.  An example of its use is
1170
1171     Content-Encoding: gzip
1172
1173
1174
1175Fielding, et al.           Expires May 3, 2012                 [Page 21]
1176
1177Internet-Draft              HTTP/1.1, Part 3                October 2011
1178
1179
1180   The content-coding is a characteristic of the representation.
1181   Typically, the representation body is stored with this encoding and
1182   is only decoded before rendering or analogous usage.  However, a
1183   transforming proxy MAY modify the content-coding if the new coding is
1184   known to be acceptable to the recipient, unless the "no-transform"
1185   cache-control directive is present in the message.
1186
1187   If the media type includes an inherent encoding, such as a data
1188   format that is always compressed, then that encoding would not be
1189   restated as a Content-Encoding even if it happens to be the same
1190   algorithm as one of the content-codings.  Such a content-coding would
1191   only be listed if, for some bizarre reason, it is applied a second
1192   time to form the representation.  Likewise, an origin server might
1193   choose to publish the same payload data as multiple representations
1194   that differ only in whether the coding is defined as part of Content-
1195   Type or Content-Encoding, since some user agents will behave
1196   differently in their handling of each response (e.g., open a "Save as
1197   ..." dialog instead of automatic decompression and rendering of
1198   content).
1199
1200   A representation that has a content-coding applied to it MUST include
1201   a Content-Encoding header field (Section 6.5) that lists the content-
1202   coding(s) applied.
1203
1204   If multiple encodings have been applied to a representation, the
1205   content codings MUST be listed in the order in which they were
1206   applied.  Additional information about the encoding parameters MAY be
1207   provided by other header fields not defined by this specification.
1208
1209   If the content-coding of a representation in a request message is not
1210   acceptable to the origin server, the server SHOULD respond with a
1211   status code of 415 (Unsupported Media Type).
1212
12136.6.  Content-Language
1214
1215   The "Content-Language" header field describes the natural language(s)
1216   of the intended audience for the representation.  Note that this
1217   might not be equivalent to all the languages used within the
1218   representation.
1219
1220     Content-Language = 1#language-tag
1221
1222   Language tags are defined in Section 2.4.  The primary purpose of
1223   Content-Language is to allow a user to identify and differentiate
1224   representations according to the user's own preferred language.
1225   Thus, if the body content is intended only for a Danish-literate
1226   audience, the appropriate field is
1227
1228
1229
1230
1231Fielding, et al.           Expires May 3, 2012                 [Page 22]
1232
1233Internet-Draft              HTTP/1.1, Part 3                October 2011
1234
1235
1236     Content-Language: da
1237
1238   If no Content-Language is specified, the default is that the content
1239   is intended for all language audiences.  This might mean that the
1240   sender does not consider it to be specific to any natural language,
1241   or that the sender does not know for which language it is intended.
1242
1243   Multiple languages MAY be listed for content that is intended for
1244   multiple audiences.  For example, a rendition of the "Treaty of
1245   Waitangi", presented simultaneously in the original Maori and English
1246   versions, would call for
1247
1248     Content-Language: mi, en
1249
1250   However, just because multiple languages are present within a
1251   representation does not mean that it is intended for multiple
1252   linguistic audiences.  An example would be a beginner's language
1253   primer, such as "A First Lesson in Latin", which is clearly intended
1254   to be used by an English-literate audience.  In this case, the
1255   Content-Language would properly only include "en".
1256
1257   Content-Language MAY be applied to any media type -- it is not
1258   limited to textual documents.
1259
12606.7.  Content-Location
1261
1262   The "Content-Location" header field supplies a URI that can be used
1263   as a specific identifier for the representation in this message.  In
1264   other words, if one were to perform a GET on this URI at the time of
1265   this message's generation, then a 200 response would contain the same
1266   representation that is enclosed as payload in this message.
1267
1268     Content-Location = absolute-URI / partial-URI
1269
1270   The Content-Location value is not a replacement for the effective
1271   Request URI (Section 4.3 of [Part1]).  It is representation metadata.
1272   It has the same syntax and semantics as the header field of the same
1273   name defined for MIME body parts in Section 4 of [RFC2557].  However,
1274   its appearance in an HTTP message has some special implications for
1275   HTTP recipients.
1276
1277   If Content-Location is included in a response message and its value
1278   is the same as the effective request URI, then the response payload
1279   SHOULD be considered the current representation of that resource.
1280   For a GET or HEAD request, this is the same as the default semantics
1281   when no Content-Location is provided by the server.  For a state-
1282   changing request like PUT or POST, it implies that the server's
1283   response contains the new representation of that resource, thereby
1284
1285
1286
1287Fielding, et al.           Expires May 3, 2012                 [Page 23]
1288
1289Internet-Draft              HTTP/1.1, Part 3                October 2011
1290
1291
1292   distinguishing it from representations that might only report about
1293   the action (e.g., "It worked!").  This allows authoring applications
1294   to update their local copies without the need for a subsequent GET
1295   request.
1296
1297   If Content-Location is included in a response message and its value
1298   differs from the effective request URI, then the origin server is
1299   informing recipients that this representation has its own, presumably
1300   more specific, identifier.  For a GET or HEAD request, this is an
1301   indication that the effective request URI identifies a resource that
1302   is subject to content negotiation and the representation selected for
1303   this response can also be found at the identified URI.  For other
1304   methods, such a Content-Location indicates that this representation
1305   contains a report on the action's status and the same report is
1306   available (for future access with GET) at the given URI.  For
1307   example, a purchase transaction made via a POST request might include
1308   a receipt document as the payload of the 200 response; the Content-
1309   Location value provides an identifier for retrieving a copy of that
1310   same receipt in the future.
1311
1312   If Content-Location is included in a request message, then it MAY be
1313   interpreted by the origin server as an indication of where the user
1314   agent originally obtained the content of the enclosed representation
1315   (prior to any subsequent modification of the content by that user
1316   agent).  In other words, the user agent is providing the same
1317   representation metadata that it received with the original
1318   representation.  However, such interpretation MUST NOT be used to
1319   alter the semantics of the method requested by the client.  For
1320   example, if a client makes a PUT request on a negotiated resource and
1321   the origin server accepts that PUT (without redirection), then the
1322   new set of values for that resource is expected to be consistent with
1323   the one representation supplied in that PUT; the Content-Location
1324   cannot be used as a form of reverse content selection that identifies
1325   only one of the negotiated representations to be updated.  If the
1326   user agent had wanted the latter semantics, it would have applied the
1327   PUT directly to the Content-Location URI.
1328
1329   A Content-Location field received in a request message is transitory
1330   information that SHOULD NOT be saved with other representation
1331   metadata for use in later responses.  The Content-Location's value
1332   might be saved for use in other contexts, such as within source links
1333   or other metadata.
1334
1335   A cache cannot assume that a representation with a Content-Location
1336   different from the URI used to retrieve it can be used to respond to
1337   later requests on that Content-Location URI.
1338
1339   If the Content-Location value is a partial URI, the partial URI is
1340
1341
1342
1343Fielding, et al.           Expires May 3, 2012                 [Page 24]
1344
1345Internet-Draft              HTTP/1.1, Part 3                October 2011
1346
1347
1348   interpreted relative to the effective request URI.
1349
13506.8.  Content-Type
1351
1352   The "Content-Type" header field indicates the media type of the
1353   representation.  In the case of responses to the HEAD method, the
1354   media type is that which would have been sent had the request been a
1355   GET.
1356
1357     Content-Type = media-type
1358
1359   Media types are defined in Section 2.3.  An example of the field is
1360
1361     Content-Type: text/html; charset=ISO-8859-4
1362
1363   Further discussion of Content-Type is provided in Section 4.2.
1364
13657.  IANA Considerations
1366
13677.1.  Header Field Registration
1368
1369   The Message Header Field Registry located at <http://www.iana.org/
1370   assignments/message-headers/message-header-index.html> shall be
1371   updated with the permanent registrations below (see [RFC3864]):
1372
1373   +-------------------+----------+----------+--------------+
1374   | Header Field Name | Protocol | Status   | Reference    |
1375   +-------------------+----------+----------+--------------+
1376   | Accept            | http     | standard | Section 6.1  |
1377   | Accept-Charset    | http     | standard | Section 6.2  |
1378   | Accept-Encoding   | http     | standard | Section 6.3  |
1379   | Accept-Language   | http     | standard | Section 6.4  |
1380   | Content-Encoding  | http     | standard | Section 6.5  |
1381   | Content-Language  | http     | standard | Section 6.6  |
1382   | Content-Location  | http     | standard | Section 6.7  |
1383   | Content-Type      | http     | standard | Section 6.8  |
1384   | MIME-Version      | http     | standard | Appendix A.1 |
1385   +-------------------+----------+----------+--------------+
1386
1387   The change controller is: "IETF (iesg@ietf.org) - Internet
1388   Engineering Task Force".
1389
13907.2.  Content Coding Registry
1391
1392   The registration procedure for HTTP Content Codings is now defined by
1393   Section 2.2.1 of this document.
1394
1395   The HTTP Content Codings Registry located at
1396
1397
1398
1399Fielding, et al.           Expires May 3, 2012                 [Page 25]
1400
1401Internet-Draft              HTTP/1.1, Part 3                October 2011
1402
1403
1404   <http://www.iana.org/assignments/http-parameters> shall be updated
1405   with the registration below:
1406
1407   +----------+-----------------------------------------+--------------+
1408   | Name     | Description                             | Reference    |
1409   +----------+-----------------------------------------+--------------+
1410   | compress | UNIX "compress" program method          | Section      |
1411   |          |                                         | 5.1.2.1 of   |
1412   |          |                                         | [Part1]      |
1413   | deflate  | "deflate" compression mechanism         | Section      |
1414   |          | ([RFC1951]) used inside the "zlib" data | 5.1.2.2 of   |
1415   |          | format ([RFC1950])                      | [Part1]      |
1416   | gzip     | Same as GNU zip [RFC1952]               | Section      |
1417   |          |                                         | 5.1.2.3 of   |
1418   |          |                                         | [Part1]      |
1419   | identity | reserved (synonym for "no encoding" in  | Section 6.3  |
1420   |          | Accept-Encoding header field)           |              |
1421   +----------+-----------------------------------------+--------------+
1422
14238.  Security Considerations
1424
1425   This section is meant to inform application developers, information
1426   providers, and users of the security limitations in HTTP/1.1 as
1427   described by this document.  The discussion does not include
1428   definitive solutions to the problems revealed, though it does make
1429   some suggestions for reducing security risks.
1430
14318.1.  Privacy Issues Connected to Accept Header Fields
1432
1433   Accept headers fields can reveal information about the user to all
1434   servers which are accessed.  The Accept-Language header field in
1435   particular can reveal information the user would consider to be of a
1436   private nature, because the understanding of particular languages is
1437   often strongly correlated to the membership of a particular ethnic
1438   group.  User agents which offer the option to configure the contents
1439   of an Accept-Language header field to be sent in every request are
1440   strongly encouraged to let the configuration process include a
1441   message which makes the user aware of the loss of privacy involved.
1442
1443   An approach that limits the loss of privacy would be for a user agent
1444   to omit the sending of Accept-Language header fields by default, and
1445   to ask the user whether or not to start sending Accept-Language
1446   header fields to a server if it detects, by looking for any Vary
1447   header fields generated by the server, that such sending could
1448   improve the quality of service.
1449
1450   Elaborate user-customized accept header fields sent in every request,
1451   in particular if these include quality values, can be used by servers
1452
1453
1454
1455Fielding, et al.           Expires May 3, 2012                 [Page 26]
1456
1457Internet-Draft              HTTP/1.1, Part 3                October 2011
1458
1459
1460   as relatively reliable and long-lived user identifiers.  Such user
1461   identifiers would allow content providers to do click-trail tracking,
1462   and would allow collaborating content providers to match cross-server
1463   click-trails or form submissions of individual users.  Note that for
1464   many users not behind a proxy, the network address of the host
1465   running the user agent will also serve as a long-lived user
1466   identifier.  In environments where proxies are used to enhance
1467   privacy, user agents ought to be conservative in offering accept
1468   header configuration options to end users.  As an extreme privacy
1469   measure, proxies could filter the accept header fields in relayed
1470   requests.  General purpose user agents which provide a high degree of
1471   header configurability SHOULD warn users about the loss of privacy
1472   which can be involved.
1473
14749.  Acknowledgments
1475
1476   See Section 11 of [Part1].
1477
147810.  References
1479
148010.1.  Normative References
1481
1482   [Part1]    Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,
1483              Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,
1484              and J. Reschke, Ed., "HTTP/1.1, part 1: URIs, Connections,
1485              and Message Parsing", draft-ietf-httpbis-p1-messaging-17
1486              (work in progress), October 2011.
1487
1488   [Part2]    Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,
1489              Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,
1490              and J. Reschke, Ed., "HTTP/1.1, part 2: Message
1491              Semantics", draft-ietf-httpbis-p2-semantics-17 (work in
1492              progress), October 2011.
1493
1494   [Part4]    Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,
1495              Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,
1496              and J. Reschke, Ed., "HTTP/1.1, part 4: Conditional
1497              Requests", draft-ietf-httpbis-p4-conditional-17 (work in
1498              progress), October 2011.
1499
1500   [Part5]    Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,
1501              Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,
1502              and J. Reschke, Ed., "HTTP/1.1, part 5: Range Requests and
1503              Partial Responses", draft-ietf-httpbis-p5-range-17 (work
1504              in progress), October 2011.
1505
1506   [Part6]    Fielding, R., Ed., Gettys, J., Mogul, J., Frystyk, H.,
1507              Masinter, L., Leach, P., Berners-Lee, T., Lafon, Y., Ed.,
1508
1509
1510
1511Fielding, et al.           Expires May 3, 2012                 [Page 27]
1512
1513Internet-Draft              HTTP/1.1, Part 3                October 2011
1514
1515
1516              Nottingham, M., Ed., and J. Reschke, Ed., "HTTP/1.1, part
1517              6: Caching", draft-ietf-httpbis-p6-cache-17 (work in
1518              progress), October 2011.
1519
1520   [RFC1950]  Deutsch, L. and J-L. Gailly, "ZLIB Compressed Data Format
1521              Specification version 3.3", RFC 1950, May 1996.
1522
1523              RFC 1950 is an Informational RFC, thus it might be less
1524              stable than this specification.  On the other hand, this
1525              downward reference was present since the publication of
1526              RFC 2068 in 1997, therefore it is unlikely to cause
1527              problems in practice.  See also [BCP97].
1528
1529   [RFC1951]  Deutsch, P., "DEFLATE Compressed Data Format Specification
1530              version 1.3", RFC 1951, May 1996.
1531
1532              RFC 1951 is an Informational RFC, thus it might be less
1533              stable than this specification.  On the other hand, this
1534              downward reference was present since the publication of
1535              RFC 2068 in 1997, therefore it is unlikely to cause
1536              problems in practice.  See also [BCP97].
1537
1538   [RFC1952]  Deutsch, P., Gailly, J-L., Adler, M., Deutsch, L., and G.
1539              Randers-Pehrson, "GZIP file format specification version
1540              4.3", RFC 1952, May 1996.
1541
1542              RFC 1952 is an Informational RFC, thus it might be less
1543              stable than this specification.  On the other hand, this
1544              downward reference was present since the publication of
1545              RFC 2068 in 1997, therefore it is unlikely to cause
1546              problems in practice.  See also [BCP97].
1547
1548   [RFC2045]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
1549              Extensions (MIME) Part One: Format of Internet Message
1550              Bodies", RFC 2045, November 1996.
1551
1552   [RFC2046]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
1553              Extensions (MIME) Part Two: Media Types", RFC 2046,
1554              November 1996.
1555
1556   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
1557              Requirement Levels", BCP 14, RFC 2119, March 1997.
1558
1559   [RFC4647]  Phillips, A., Ed. and M. Davis, Ed., "Matching of Language
1560              Tags", BCP 47, RFC 4647, September 2006.
1561
1562   [RFC5234]  Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
1563              Specifications: ABNF", STD 68, RFC 5234, January 2008.
1564
1565
1566
1567Fielding, et al.           Expires May 3, 2012                 [Page 28]
1568
1569Internet-Draft              HTTP/1.1, Part 3                October 2011
1570
1571
1572   [RFC5646]  Phillips, A., Ed. and M. Davis, Ed., "Tags for Identifying
1573              Languages", BCP 47, RFC 5646, September 2009.
1574
157510.2.  Informative References
1576
1577   [BCP97]    Klensin, J. and S. Hartman, "Handling Normative References
1578              to Standards-Track Documents", BCP 97, RFC 4897,
1579              June 2007.
1580
1581   [RFC1945]  Berners-Lee, T., Fielding, R., and H. Nielsen, "Hypertext
1582              Transfer Protocol -- HTTP/1.0", RFC 1945, May 1996.
1583
1584   [RFC2049]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
1585              Extensions (MIME) Part Five: Conformance Criteria and
1586              Examples", RFC 2049, November 1996.
1587
1588   [RFC2068]  Fielding, R., Gettys, J., Mogul, J., Nielsen, H., and T.
1589              Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1",
1590              RFC 2068, January 1997.
1591
1592   [RFC2076]  Palme, J., "Common Internet Message Headers", RFC 2076,
1593              February 1997.
1594
1595   [RFC2277]  Alvestrand, H., "IETF Policy on Character Sets and
1596              Languages", BCP 18, RFC 2277, January 1998.
1597
1598   [RFC2295]  Holtman, K. and A. Mutz, "Transparent Content Negotiation
1599              in HTTP", RFC 2295, March 1998.
1600
1601   [RFC2388]  Masinter, L., "Returning Values from Forms:  multipart/
1602              form-data", RFC 2388, August 1998.
1603
1604   [RFC2557]  Palme, F., Hopmann, A., Shelness, N., and E. Stefferud,
1605              "MIME Encapsulation of Aggregate Documents, such as HTML
1606              (MHTML)", RFC 2557, March 1999.
1607
1608   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
1609              Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
1610              Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
1611
1612   [RFC3629]  Yergeau, F., "UTF-8, a transformation format of ISO
1613              10646", STD 63, RFC 3629, November 2003.
1614
1615   [RFC3864]  Klyne, G., Nottingham, M., and J. Mogul, "Registration
1616              Procedures for Message Header Fields", BCP 90, RFC 3864,
1617              September 2004.
1618
1619   [RFC4288]  Freed, N. and J. Klensin, "Media Type Specifications and
1620
1621
1622
1623Fielding, et al.           Expires May 3, 2012                 [Page 29]
1624
1625Internet-Draft              HTTP/1.1, Part 3                October 2011
1626
1627
1628              Registration Procedures", BCP 13, RFC 4288, December 2005.
1629
1630   [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
1631              IANA Considerations Section in RFCs", BCP 26, RFC 5226,
1632              May 2008.
1633
1634   [RFC5322]  Resnick, P., "Internet Message Format", RFC 5322,
1635              October 2008.
1636
1637   [RFC6151]  Turner, S. and L. Chen, "Updated Security Considerations
1638              for the MD5 Message-Digest and the HMAC-MD5 Algorithms",
1639              RFC 6151, March 2011.
1640
1641   [RFC6266]  Reschke, J., "Use of the Content-Disposition Header Field
1642              in the Hypertext Transfer Protocol (HTTP)", RFC 6266,
1643              June 2011.
1644
1645Appendix A.  Differences between HTTP and MIME
1646
1647   HTTP/1.1 uses many of the constructs defined for Internet Mail
1648   ([RFC5322]) and the Multipurpose Internet Mail Extensions (MIME
1649   [RFC2045]) to allow a message-body to be transmitted in an open
1650   variety of representations and with extensible mechanisms.  However,
1651   RFC 2045 discusses mail, and HTTP has a few features that are
1652   different from those described in MIME.  These differences were
1653   carefully chosen to optimize performance over binary connections, to
1654   allow greater freedom in the use of new media types, to make date
1655   comparisons easier, and to acknowledge the practice of some early
1656   HTTP servers and clients.
1657
1658   This appendix describes specific areas where HTTP differs from MIME.
1659   Proxies and gateways to strict MIME environments SHOULD be aware of
1660   these differences and provide the appropriate conversions where
1661   necessary.  Proxies and gateways from MIME environments to HTTP also
1662   need to be aware of the differences because some conversions might be
1663   required.
1664
1665A.1.  MIME-Version
1666
1667   HTTP is not a MIME-compliant protocol.  However, HTTP/1.1 messages
1668   MAY include a single MIME-Version header field to indicate what
1669   version of the MIME protocol was used to construct the message.  Use
1670   of the MIME-Version header field indicates that the message is in
1671   full compliance with the MIME protocol (as defined in [RFC2045]).
1672   Proxies/gateways are responsible for ensuring full compliance (where
1673   possible) when exporting HTTP messages to strict MIME environments.
1674
1675     MIME-Version = 1*DIGIT "." 1*DIGIT
1676
1677
1678
1679Fielding, et al.           Expires May 3, 2012                 [Page 30]
1680
1681Internet-Draft              HTTP/1.1, Part 3                October 2011
1682
1683
1684   MIME version "1.0" is the default for use in HTTP/1.1.  However,
1685   HTTP/1.1 message parsing and semantics are defined by this document
1686   and not the MIME specification.
1687
1688A.2.  Conversion to Canonical Form
1689
1690   MIME requires that an Internet mail body-part be converted to
1691   canonical form prior to being transferred, as described in Section 4
1692   of [RFC2049].  Section 2.3.1 of this document describes the forms
1693   allowed for subtypes of the "text" media type when transmitted over
1694   HTTP.  [RFC2046] requires that content with a type of "text"
1695   represent line breaks as CRLF and forbids the use of CR or LF outside
1696   of line break sequences.  HTTP allows CRLF, bare CR, and bare LF to
1697   indicate a line break within text content when a message is
1698   transmitted over HTTP.
1699
1700   Where it is possible, a proxy or gateway from HTTP to a strict MIME
1701   environment SHOULD translate all line breaks within the text media
1702   types described in Section 2.3.1 of this document to the RFC 2049
1703   canonical form of CRLF.  Note, however, that this might be
1704   complicated by the presence of a Content-Encoding and by the fact
1705   that HTTP allows the use of some character encodings which do not use
1706   octets 13 and 10 to represent CR and LF, respectively, as is the case
1707   for some multi-byte character encodings.
1708
1709   Conversion will break any cryptographic checksums applied to the
1710   original content unless the original content is already in canonical
1711   form.  Therefore, the canonical form is recommended for any content
1712   that uses such checksums in HTTP.
1713
1714A.3.  Conversion of Date Formats
1715
1716   HTTP/1.1 uses a restricted set of date formats (Section 8 of [Part2])
1717   to simplify the process of date comparison.  Proxies and gateways
1718   from other protocols SHOULD ensure that any Date header field present
1719   in a message conforms to one of the HTTP/1.1 formats and rewrite the
1720   date if necessary.
1721
1722A.4.  Introduction of Content-Encoding
1723
1724   MIME does not include any concept equivalent to HTTP/1.1's Content-
1725   Encoding header field.  Since this acts as a modifier on the media
1726   type, proxies and gateways from HTTP to MIME-compliant protocols MUST
1727   either change the value of the Content-Type header field or decode
1728   the representation before forwarding the message.  (Some experimental
1729   applications of Content-Type for Internet mail have used a media-type
1730   parameter of ";conversions=<content-coding>" to perform a function
1731   equivalent to Content-Encoding.  However, this parameter is not part
1732
1733
1734
1735Fielding, et al.           Expires May 3, 2012                 [Page 31]
1736
1737Internet-Draft              HTTP/1.1, Part 3                October 2011
1738
1739
1740   of the MIME standards).
1741
1742A.5.  No Content-Transfer-Encoding
1743
1744   HTTP does not use the Content-Transfer-Encoding field of MIME.
1745   Proxies and gateways from MIME-compliant protocols to HTTP MUST
1746   remove any Content-Transfer-Encoding prior to delivering the response
1747   message to an HTTP client.
1748
1749   Proxies and gateways from HTTP to MIME-compliant protocols are
1750   responsible for ensuring that the message is in the correct format
1751   and encoding for safe transport on that protocol, where "safe
1752   transport" is defined by the limitations of the protocol being used.
1753   Such a proxy or gateway SHOULD label the data with an appropriate
1754   Content-Transfer-Encoding if doing so will improve the likelihood of
1755   safe transport over the destination protocol.
1756
1757A.6.  Introduction of Transfer-Encoding
1758
1759   HTTP/1.1 introduces the Transfer-Encoding header field (Section 8.6
1760   of [Part1]).  Proxies/gateways MUST remove any transfer-coding prior
1761   to forwarding a message via a MIME-compliant protocol.
1762
1763A.7.  MHTML and Line Length Limitations
1764
1765   HTTP implementations which share code with MHTML [RFC2557]
1766   implementations need to be aware of MIME line length limitations.
1767   Since HTTP does not have this limitation, HTTP does not fold long
1768   lines.  MHTML messages being transported by HTTP follow all
1769   conventions of MHTML, including line length limitations and folding,
1770   canonicalization, etc., since HTTP transports all message-bodies as
1771   payload (see Section 2.3.2) and does not interpret the content or any
1772   MIME header lines that might be contained therein.
1773
1774Appendix B.  Additional Features
1775
1776   [RFC1945] and [RFC2068] document protocol elements used by some
1777   existing HTTP implementations, but not consistently and correctly
1778   across most HTTP/1.1 applications.  Implementors are advised to be
1779   aware of these features, but cannot rely upon their presence in, or
1780   interoperability with, other HTTP/1.1 applications.  Some of these
1781   describe proposed experimental features, and some describe features
1782   that experimental deployment found lacking that are now addressed in
1783   the base HTTP/1.1 specification.
1784
1785   A number of other header fields, such as Content-Disposition and
1786   Title, from SMTP and MIME are also often implemented (see [RFC6266]
1787   and [RFC2076]).
1788
1789
1790
1791Fielding, et al.           Expires May 3, 2012                 [Page 32]
1792
1793Internet-Draft              HTTP/1.1, Part 3                October 2011
1794
1795
1796Appendix C.  Changes from RFC 2616
1797
1798   Clarify contexts that charset is used in.  (Section 2.1)
1799
1800   Remove the default character encoding for text media types; the
1801   default now is whatever the media type definition says.
1802   (Section 2.3.1)
1803
1804   Change ABNF productions for header fields to only define the field
1805   value.  (Section 6)
1806
1807   Remove definition of Content-MD5 header field because it was
1808   inconsistently implemented with respect to partial responses, and
1809   also because of known deficiencies in the hash algorithm itself (see
1810   [RFC6151] for details).  (Section 6)
1811
1812   Remove ISO-8859-1 special-casing in Accept-Charset.  (Section 6.2)
1813
1814   Remove base URI setting semantics for Content-Location due to poor
1815   implementation support, which was caused by too many broken servers
1816   emitting bogus Content-Location header fields, and also the
1817   potentially undesirable effect of potentially breaking relative links
1818   in content-negotiated resources.  (Section 6.7)
1819
1820   Remove discussion of Content-Disposition header field, it is now
1821   defined by [RFC6266].  (Appendix B)
1822
1823   Remove reference to non-existant identity transfer-coding value
1824   tokens.  (Appendix A.5)
1825
1826Appendix D.  Collected ABNF
1827
1828   Accept = [ ( "," / ( media-range [ accept-params ] ) ) *( OWS "," [
1829    OWS media-range [ accept-params ] ] ) ]
1830   Accept-Charset = *( "," OWS ) ( charset / "*" ) [ OWS ";" OWS "q="
1831    qvalue ] *( OWS "," [ OWS ( charset / "*" ) [ OWS ";" OWS "q="
1832    qvalue ] ] )
1833   Accept-Encoding = [ ( "," / ( codings [ OWS ";" OWS "q=" qvalue ] ) )
1834    *( OWS "," [ OWS codings [ OWS ";" OWS "q=" qvalue ] ] ) ]
1835   Accept-Language = *( "," OWS ) language-range [ OWS ";" OWS "q="
1836    qvalue ] *( OWS "," [ OWS language-range [ OWS ";" OWS "q=" qvalue ]
1837    ] )
1838
1839   Content-Encoding = *( "," OWS ) content-coding *( OWS "," [ OWS
1840    content-coding ] )
1841   Content-Language = *( "," OWS ) language-tag *( OWS "," [ OWS
1842    language-tag ] )
1843   Content-Location = absolute-URI / partial-URI
1844
1845
1846
1847Fielding, et al.           Expires May 3, 2012                 [Page 33]
1848
1849Internet-Draft              HTTP/1.1, Part 3                October 2011
1850
1851
1852   Content-Type = media-type
1853
1854   MIME-Version = 1*DIGIT "." 1*DIGIT
1855
1856   OWS = <OWS, defined in [Part1], Section 1.2.2>
1857
1858   absolute-URI = <absolute-URI, defined in [Part1], Section 2.7>
1859   accept-ext = OWS ";" OWS token [ "=" word ]
1860   accept-params = OWS ";" OWS "q=" qvalue *accept-ext
1861   attribute = token
1862
1863   charset = token
1864   codings = content-coding / "identity" / "*"
1865   content-coding = token
1866
1867   language-range = <language-range, defined in [RFC4647], Section 2.1>
1868   language-tag = <Language-Tag, defined in [RFC5646], Section 2.1>
1869
1870   media-range = ( "*/*" / ( type "/*" ) / ( type "/" subtype ) ) *( OWS
1871    ";" OWS parameter )
1872   media-type = type "/" subtype *( OWS ";" OWS parameter )
1873
1874   parameter = attribute "=" value
1875   partial-URI = <partial-URI, defined in [Part1], Section 2.7>
1876
1877   qvalue = <qvalue, defined in [Part1], Section 5.3>
1878
1879   subtype = token
1880
1881   token = <token, defined in [Part1], Section 3.2.3>
1882   type = token
1883
1884   value = word
1885
1886   word = <word, defined in [Part1], Section 3.2.3>
1887
1888   ABNF diagnostics:
1889
1890   ; Accept defined but not used
1891   ; Accept-Charset defined but not used
1892   ; Accept-Encoding defined but not used
1893   ; Accept-Language defined but not used
1894   ; Content-Encoding defined but not used
1895   ; Content-Language defined but not used
1896   ; Content-Location defined but not used
1897   ; Content-Type defined but not used
1898   ; MIME-Version defined but not used
1899
1900
1901
1902
1903Fielding, et al.           Expires May 3, 2012                 [Page 34]
1904
1905Internet-Draft              HTTP/1.1, Part 3                October 2011
1906
1907
1908Appendix E.  Change Log (to be removed by RFC Editor before publication)
1909
1910E.1.  Since RFC 2616
1911
1912   Extracted relevant partitions from [RFC2616].
1913
1914E.2.  Since draft-ietf-httpbis-p3-payload-00
1915
1916   Closed issues:
1917
1918   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/8>: "Media Type
1919      Registrations" (<http://purl.org/NET/http-errata#media-reg>)
1920
1921   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/14>: "Clarification
1922      regarding quoting of charset values"
1923      (<http://purl.org/NET/http-errata#charactersets>)
1924
1925   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/16>: "Remove
1926      'identity' token references"
1927      (<http://purl.org/NET/http-errata#identity>)
1928
1929   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/25>: "Accept-
1930      Encoding BNF"
1931
1932   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/35>: "Normative and
1933      Informative references"
1934
1935   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/46>: "RFC1700
1936      references"
1937
1938   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/55>: "Updating to
1939      RFC4288"
1940
1941   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/65>: "Informative
1942      references"
1943
1944   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/66>: "ISO-8859-1
1945      Reference"
1946
1947   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/68>: "Encoding
1948      References Normative"
1949
1950   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/86>: "Normative up-
1951      to-date references"
1952
1953
1954
1955
1956
1957
1958
1959Fielding, et al.           Expires May 3, 2012                 [Page 35]
1960
1961Internet-Draft              HTTP/1.1, Part 3                October 2011
1962
1963
1964E.3.  Since draft-ietf-httpbis-p3-payload-01
1965
1966   Ongoing work on ABNF conversion
1967   (<http://tools.ietf.org/wg/httpbis/trac/ticket/36>):
1968
1969   o  Add explicit references to BNF syntax and rules imported from
1970      other parts of the specification.
1971
1972E.4.  Since draft-ietf-httpbis-p3-payload-02
1973
1974   Closed issues:
1975
1976   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/67>: "Quoting
1977      Charsets"
1978
1979   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/105>:
1980      "Classification for Allow header"
1981
1982   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/115>: "missing
1983      default for qvalue in description of Accept-Encoding"
1984
1985   Ongoing work on IANA Message Header Field Registration
1986   (<http://tools.ietf.org/wg/httpbis/trac/ticket/40>):
1987
1988   o  Reference RFC 3984, and update header field registrations for
1989      headers defined in this document.
1990
1991E.5.  Since draft-ietf-httpbis-p3-payload-03
1992
1993   Closed issues:
1994
1995   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/67>: "Quoting
1996      Charsets"
1997
1998   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/113>: "language tag
1999      matching (Accept-Language) vs RFC4647"
2000
2001   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/121>: "RFC 1806 has
2002      been replaced by RFC2183"
2003
2004   Other changes:
2005
2006   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/68>: "Encoding
2007      References Normative" -- rephrase the annotation and reference
2008      [BCP97].
2009
2010
2011
2012
2013
2014
2015Fielding, et al.           Expires May 3, 2012                 [Page 36]
2016
2017Internet-Draft              HTTP/1.1, Part 3                October 2011
2018
2019
2020E.6.  Since draft-ietf-httpbis-p3-payload-04
2021
2022   Closed issues:
2023
2024   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/132>: "RFC 2822 is
2025      updated by RFC 5322"
2026
2027   Ongoing work on ABNF conversion
2028   (<http://tools.ietf.org/wg/httpbis/trac/ticket/36>):
2029
2030   o  Use "/" instead of "|" for alternatives.
2031
2032   o  Introduce new ABNF rules for "bad" whitespace ("BWS"), optional
2033      whitespace ("OWS") and required whitespace ("RWS").
2034
2035   o  Rewrite ABNFs to spell out whitespace rules, factor out header
2036      field value format definitions.
2037
2038E.7.  Since draft-ietf-httpbis-p3-payload-05
2039
2040   Closed issues:
2041
2042   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/118>: "Join
2043      "Differences Between HTTP Entities and RFC 2045 Entities"?"
2044
2045   Final work on ABNF conversion
2046   (<http://tools.ietf.org/wg/httpbis/trac/ticket/36>):
2047
2048   o  Add appendix containing collected and expanded ABNF, reorganize
2049      ABNF introduction.
2050
2051   Other changes:
2052
2053   o  Move definition of quality values into Part 1.
2054
2055E.8.  Since draft-ietf-httpbis-p3-payload-06
2056
2057   Closed issues:
2058
2059   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/80>: "Content-
2060      Location isn't special"
2061
2062   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/155>: "Content
2063      Sniffing"
2064
2065
2066
2067
2068
2069
2070
2071Fielding, et al.           Expires May 3, 2012                 [Page 37]
2072
2073Internet-Draft              HTTP/1.1, Part 3                October 2011
2074
2075
2076E.9.  Since draft-ietf-httpbis-p3-payload-07
2077
2078   Closed issues:
2079
2080   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/13>: "Updated
2081      reference for language tags"
2082
2083   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/110>: "Clarify rules
2084      for determining what entities a response carries"
2085
2086   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/154>: "Content-
2087      Location base-setting problems"
2088
2089   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/155>: "Content
2090      Sniffing"
2091
2092   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/188>: "pick IANA
2093      policy (RFC5226) for Transfer Coding / Content Coding"
2094
2095   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/189>: "move
2096      definitions of gzip/deflate/compress to part 1"
2097
2098   Partly resolved issues:
2099
2100   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/148>: "update IANA
2101      requirements wrt Transfer-Coding values" (add the IANA
2102      Considerations subsection)
2103
2104   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/149>: "update IANA
2105      requirements wrt Content-Coding values" (add the IANA
2106      Considerations subsection)
2107
2108E.10.  Since draft-ietf-httpbis-p3-payload-08
2109
2110   Closed issues:
2111
2112   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/81>: "Content
2113      Negotiation for media types"
2114
2115   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/181>: "Accept-
2116      Language: which RFC4647 filtering?"
2117
2118E.11.  Since draft-ietf-httpbis-p3-payload-09
2119
2120   Closed issues:
2121
2122   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/122>: "MIME-Version
2123      not listed in P1, general header fields"
2124
2125
2126
2127Fielding, et al.           Expires May 3, 2012                 [Page 38]
2128
2129Internet-Draft              HTTP/1.1, Part 3                October 2011
2130
2131
2132   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/143>: "IANA registry
2133      for content/transfer encodings"
2134
2135   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/155>: "Content
2136      Sniffing"
2137
2138   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/200>: "use of term
2139      "word" when talking about header structure"
2140
2141   Partly resolved issues:
2142
2143   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/196>: "Term for the
2144      requested resource's URI"
2145
2146E.12.  Since draft-ietf-httpbis-p3-payload-10
2147
2148   Closed issues:
2149
2150   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/69>: "Clarify
2151      'Requested Variant'"
2152
2153   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/80>: "Content-
2154      Location isn't special"
2155
2156   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/90>: "Delimiting
2157      messages with multipart/byteranges"
2158
2159   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/109>: "Clarify
2160      entity / representation / variant terminology"
2161
2162   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/136>: "confusing
2163      req. language for Content-Location"
2164
2165   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/167>: "Content-
2166      Location on 304 responses"
2167
2168   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/183>: "'requested
2169      resource' in content-encoding definition"
2170
2171   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/220>: "consider
2172      removing the 'changes from 2068' sections"
2173
2174   Partly resolved issues:
2175
2176   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/178>: "Content-MD5
2177      and partial responses"
2178
2179
2180
2181
2182
2183Fielding, et al.           Expires May 3, 2012                 [Page 39]
2184
2185Internet-Draft              HTTP/1.1, Part 3                October 2011
2186
2187
2188E.13.  Since draft-ietf-httpbis-p3-payload-11
2189
2190   Closed issues:
2191
2192   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/123>: "Factor out
2193      Content-Disposition"
2194
2195E.14.  Since draft-ietf-httpbis-p3-payload-12
2196
2197   Closed issues:
2198
2199   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/224>: "Header
2200      Classification"
2201
2202   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/276>: "untangle
2203      ABNFs for header fields"
2204
2205   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/277>: "potentially
2206      misleading MAY in media-type def"
2207
2208E.15.  Since draft-ietf-httpbis-p3-payload-13
2209
2210   Closed issues:
2211
2212   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/20>: "Default
2213      charsets for text media types"
2214
2215   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/178>: "Content-MD5
2216      and partial responses"
2217
2218   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/276>: "untangle
2219      ABNFs for header fields"
2220
2221   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/281>: "confusing
2222      undefined parameter in media range example"
2223
2224E.16.  Since draft-ietf-httpbis-p3-payload-14
2225
2226   None.
2227
2228E.17.  Since draft-ietf-httpbis-p3-payload-15
2229
2230   Closed issues:
2231
2232   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/285>: "Strength of
2233      requirements on Accept re: 406"
2234
2235
2236
2237
2238
2239Fielding, et al.           Expires May 3, 2012                 [Page 40]
2240
2241Internet-Draft              HTTP/1.1, Part 3                October 2011
2242
2243
2244E.18.  Since draft-ietf-httpbis-p3-payload-16
2245
2246   Closed issues:
2247
2248   o  <http://tools.ietf.org/wg/httpbis/trac/ticket/186>: "Document
2249      HTTP's error-handling philosophy"
2250
2251Index
2252
2253   A
2254      Accept header field  16
2255      Accept-Charset header field  18
2256      Accept-Encoding header field  19
2257      Accept-Language header field  20
2258
2259   C
2260      Coding Format
2261         compress  7
2262         deflate  7
2263         gzip  8
2264      compress (Coding Format)  7
2265      content negotiation  5
2266      Content-Encoding header field  21
2267      Content-Language header field  22
2268      Content-Location header field  23
2269      Content-Type header field  25
2270
2271   D
2272      deflate (Coding Format)  7
2273
2274   G
2275      Grammar
2276         Accept  16
2277         Accept-Charset  18
2278         Accept-Encoding  19
2279         accept-ext  16
2280         Accept-Language  20
2281         accept-params  16
2282         attribute  8
2283         charset  7
2284         codings  19
2285         content-coding  7
2286         Content-Encoding  21
2287         Content-Language  22
2288         Content-Location  23
2289         Content-Type  25
2290         language-range  20
2291         language-tag  10
2292
2293
2294
2295Fielding, et al.           Expires May 3, 2012                 [Page 41]
2296
2297Internet-Draft              HTTP/1.1, Part 3                October 2011
2298
2299
2300         media-range  16
2301         media-type  8
2302         MIME-Version  30
2303         parameter  8
2304         subtype  8
2305         type  8
2306         value  8
2307      gzip (Coding Format)  8
2308
2309   H
2310      Header Fields
2311         Accept  16
2312         Accept-Charset  18
2313         Accept-Encoding  19
2314         Accept-Language  20
2315         Content-Encoding  21
2316         Content-Language  22
2317         Content-Location  23
2318         Content-Type  25
2319         MIME-Version  30
2320
2321   M
2322      MIME-Version header field  30
2323
2324   P
2325      payload  11
2326
2327   R
2328      representation  11
2329
2330Authors' Addresses
2331
2332   Roy T. Fielding (editor)
2333   Adobe Systems Incorporated
2334   345 Park Ave
2335   San Jose, CA  95110
2336   USA
2337
2338   EMail: fielding@gbiv.com
2339   URI:   http://roy.gbiv.com/
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351Fielding, et al.           Expires May 3, 2012                 [Page 42]
2352
2353Internet-Draft              HTTP/1.1, Part 3                October 2011
2354
2355
2356   Jim Gettys
2357   Alcatel-Lucent Bell Labs
2358   21 Oak Knoll Road
2359   Carlisle, MA  01741
2360   USA
2361
2362   EMail: jg@freedesktop.org
2363   URI:   http://gettys.wordpress.com/
2364
2365
2366   Jeffrey C. Mogul
2367   Hewlett-Packard Company
2368   HP Labs, Large Scale Systems Group
2369   1501 Page Mill Road, MS 1177
2370   Palo Alto, CA  94304
2371   USA
2372
2373   EMail: JeffMogul@acm.org
2374
2375
2376   Henrik Frystyk Nielsen
2377   Microsoft Corporation
2378   1 Microsoft Way
2379   Redmond, WA  98052
2380   USA
2381
2382   EMail: henrikn@microsoft.com
2383
2384
2385   Larry Masinter
2386   Adobe Systems Incorporated
2387   345 Park Ave
2388   San Jose, CA  95110
2389   USA
2390
2391   EMail: LMM@acm.org
2392   URI:   http://larry.masinter.net/
2393
2394
2395   Paul J. Leach
2396   Microsoft Corporation
2397   1 Microsoft Way
2398   Redmond, WA  98052
2399
2400   EMail: paulle@microsoft.com
2401
2402
2403
2404
2405
2406
2407Fielding, et al.           Expires May 3, 2012                 [Page 43]
2408
2409Internet-Draft              HTTP/1.1, Part 3                October 2011
2410
2411
2412   Tim Berners-Lee
2413   World Wide Web Consortium
2414   MIT Computer Science and Artificial Intelligence Laboratory
2415   The Stata Center, Building 32
2416   32 Vassar Street
2417   Cambridge, MA  02139
2418   USA
2419
2420   EMail: timbl@w3.org
2421   URI:   http://www.w3.org/People/Berners-Lee/
2422
2423
2424   Yves Lafon (editor)
2425   World Wide Web Consortium
2426   W3C / ERCIM
2427   2004, rte des Lucioles
2428   Sophia-Antipolis, AM  06902
2429   France
2430
2431   EMail: ylafon@w3.org
2432   URI:   http://www.raubacapeu.net/people/yves/
2433
2434
2435   Julian F. Reschke (editor)
2436   greenbytes GmbH
2437   Hafenweg 16
2438   Muenster, NW  48155
2439   Germany
2440
2441   Phone: +49 251 2807760
2442   Fax:   +49 251 2807761
2443   EMail: julian.reschke@greenbytes.de
2444   URI:   http://greenbytes.de/tech/webdav/
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463Fielding, et al.           Expires May 3, 2012                 [Page 44]
2464
Note: See TracBrowser for help on using the repository browser.