source: draft-ietf-httpbis/latest/p5-range.xml @ 2157

Last change on this file since 2157 was 2157, checked in by fielding@…, 7 years ago

Address range flooding security issue (#175 and #311) by direct
requirements and recommendations.

Actually require Content-Range and Content-Type (when appropriate) inside
multipart/byteranges body parts instead of assuming that the reader will
read between the lines of the MIME registration template.

Simplify description of required headers in 206 responses.

  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/xml
File size: 62.0 KB
Line 
1<?xml version="1.0" encoding="utf-8"?>
2<?xml-stylesheet type='text/xsl' href='../myxml2rfc.xslt'?>
3<!DOCTYPE rfc [
4  <!ENTITY MAY "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>MAY</bcp14>">
5  <!ENTITY MUST "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>MUST</bcp14>">
6  <!ENTITY MUST-NOT "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>MUST NOT</bcp14>">
7  <!ENTITY OPTIONAL "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>OPTIONAL</bcp14>">
8  <!ENTITY RECOMMENDED "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>RECOMMENDED</bcp14>">
9  <!ENTITY REQUIRED "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>REQUIRED</bcp14>">
10  <!ENTITY SHALL "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>SHALL</bcp14>">
11  <!ENTITY SHALL-NOT "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>SHALL NOT</bcp14>">
12  <!ENTITY SHOULD "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>SHOULD</bcp14>">
13  <!ENTITY SHOULD-NOT "<bcp14 xmlns='http://purl.org/net/xml2rfc/ext'>SHOULD NOT</bcp14>">
14  <!ENTITY ID-VERSION "latest">
15  <!ENTITY ID-MONTH "January">
16  <!ENTITY ID-YEAR "2013">
17  <!ENTITY Note "<x:h xmlns:x='http://purl.org/net/xml2rfc/ext'>Note:</x:h>">
18  <!ENTITY architecture               "<xref target='Part1' x:rel='#architecture' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
19  <!ENTITY conformance                "<xref target='Part1' x:rel='#conformance' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
20  <!ENTITY notation                   "<xref target='Part1' x:rel='#notation' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
21  <!ENTITY abnf-extension             "<xref target='Part1' x:rel='#abnf.extension' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
22  <!ENTITY acks                       "<xref target='Part1' x:rel='#acks' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
23  <!ENTITY whitespace                 "<xref target='Part1' x:rel='#whitespace' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
24  <!ENTITY field-components           "<xref target='Part1' x:rel='#field.components' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
25  <!ENTITY messaging                  "<xref target='Part1' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
26  <!ENTITY semantics                  "<xref target='Part2' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
27  <!ENTITY http-date                  "<xref target='Part2' x:rel='#http.date' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
28  <!ENTITY representation             "<xref target='Part2' x:rel='#representations' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
29  <!ENTITY entity-tags                "<xref target='Part4' x:rel='#header.etag' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
30  <!ENTITY weak-and-strong-validators "<xref target='Part4' x:rel='#weak.and.strong.validators' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
31  <!ENTITY lastmod-comparison         "<xref target='Part4' x:rel='#lastmod.comparison' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
32  <!ENTITY p6-heuristic               "<xref target='Part6' x:rel='#heuristic.freshness' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
33]>
34<?rfc toc="yes" ?>
35<?rfc symrefs="yes" ?>
36<?rfc sortrefs="yes" ?>
37<?rfc compact="yes"?>
38<?rfc subcompact="no" ?>
39<?rfc linkmailto="no" ?>
40<?rfc editing="no" ?>
41<?rfc comments="yes"?>
42<?rfc inline="yes"?>
43<?rfc rfcedstyle="yes"?>
44<?rfc-ext allow-markup-in-artwork="yes" ?>
45<?rfc-ext include-references-in-index="yes" ?>
46<rfc obsoletes="2616" category="std" x:maturity-level="proposed"
47     ipr="pre5378Trust200902" docName="draft-ietf-httpbis-p5-range-&ID-VERSION;"
48     xmlns:x='http://purl.org/net/xml2rfc/ext'>
49<x:link rel="prev" basename="p4-conditional"/>
50<x:link rel="next" basename="p6-cache"/>
51<x:feedback template="mailto:ietf-http-wg@w3.org?subject={docname},%20%22{section}%22&amp;body=&lt;{ref}&gt;:"/>
52<front>
53
54  <title abbrev="HTTP/1.1 Range Requests">Hypertext Transfer Protocol (HTTP/1.1): Range Requests</title>
55
56  <author initials="R." surname="Fielding" fullname="Roy T. Fielding" role="editor">
57    <organization abbrev="Adobe">Adobe Systems Incorporated</organization>
58    <address>
59      <postal>
60        <street>345 Park Ave</street>
61        <city>San Jose</city>
62        <region>CA</region>
63        <code>95110</code>
64        <country>USA</country>
65      </postal>
66      <email>fielding@gbiv.com</email>
67      <uri>http://roy.gbiv.com/</uri>
68    </address>
69  </author>
70
71  <author initials="Y." surname="Lafon" fullname="Yves Lafon" role="editor">
72    <organization abbrev="W3C">World Wide Web Consortium</organization>
73    <address>
74      <postal>
75        <street>W3C / ERCIM</street>
76        <street>2004, rte des Lucioles</street>
77        <city>Sophia-Antipolis</city>
78        <region>AM</region>
79        <code>06902</code>
80        <country>France</country>
81      </postal>
82      <email>ylafon@w3.org</email>
83      <uri>http://www.raubacapeu.net/people/yves/</uri>
84    </address>
85  </author>
86
87  <author initials="J. F." surname="Reschke" fullname="Julian F. Reschke" role="editor">
88    <organization abbrev="greenbytes">greenbytes GmbH</organization>
89    <address>
90      <postal>
91        <street>Hafenweg 16</street>
92        <city>Muenster</city><region>NW</region><code>48155</code>
93        <country>Germany</country>
94      </postal>
95      <email>julian.reschke@greenbytes.de</email>
96      <uri>http://greenbytes.de/tech/webdav/</uri>
97    </address>
98  </author>
99
100  <date month="&ID-MONTH;" year="&ID-YEAR;"/>
101  <workgroup>HTTPbis Working Group</workgroup>
102
103<abstract>
104<t>
105   The Hypertext Transfer Protocol (HTTP) is an application-level protocol for
106   distributed, collaborative, hypertext information systems. This document
107   defines range requests and the rules for constructing and combining
108   responses to those requests.
109</t>
110</abstract>
111
112<note title="Editorial Note (To be removed by RFC Editor)">
113  <t>
114    Discussion of this draft takes place on the HTTPBIS working group
115    mailing list (ietf-http-wg@w3.org), which is archived at
116    <eref target="http://lists.w3.org/Archives/Public/ietf-http-wg/"/>.
117  </t>
118  <t>
119    The current issues list is at
120    <eref target="http://tools.ietf.org/wg/httpbis/trac/report/3"/> and related
121    documents (including fancy diffs) can be found at
122    <eref target="http://tools.ietf.org/wg/httpbis/"/>.
123  </t>
124  <t>
125    The changes in this draft are summarized in <xref target="changes.since.21"/>.
126  </t>
127</note>
128</front>
129<middle>
130<section title="Introduction" anchor="introduction">
131<t>
132   Hypertext Transfer Protocol (HTTP) clients often encounter interrupted data
133   transfers as a result of canceled requests or dropped connections. When a
134   client has stored a partial representation, it is desirable to request the
135   remainder of that representation in a subsequent request rather than
136   transfer the entire representation. Likewise, devices with limited local
137   storage might benefit from being able to request only a subset of a larger
138   representation, such as a single page of a very large document, or the
139   dimensions of an embedded image.
140</t>
141<t>
142   This document defines HTTP/1.1 range requests, partial responses, and the
143   multipart/byteranges media type, obsoleting those parts previously defined
144   in <xref target="RFC2616"/>. Range requests are an &OPTIONAL; feature
145   of HTTP, designed so that recipients not implementing this feature (or not
146   supporting it for the target resource) can respond as if it is a normal
147   GET request without impacting interoperability. Partial responses are
148   indicated by a distinct status code to not be mistaken for full responses
149   by caches that might not implement the feature.
150</t>
151<t>
152   Although the range request mechanism is designed to allow for
153   extensible range types, this specification only defines requests for
154   byte ranges.
155</t>
156
157<section title="Conformance and Error Handling" anchor="conformance">
158<t>
159   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
160   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
161   document are to be interpreted as described in <xref target="RFC2119"/>.
162</t>
163<t>
164   Conformance criteria and considerations regarding error handling
165   are defined in &conformance;.
166</t>
167</section>
168
169<section title="Syntax Notation" anchor="notation">
170<t>
171   This specification uses the Augmented Backus-Naur Form (ABNF) notation
172   of <xref target="RFC5234"/> with the list rule extension defined in
173   &notation;. <xref target="imported.abnf"/> describes rules imported from
174   other documents. <xref target="collected.abnf"/> shows the collected ABNF
175   with the list rule expanded.
176</t>
177</section>
178</section>
179
180
181<section title="Range Units" anchor="range.units">
182  <x:anchor-alias value="range-unit"/>
183  <x:anchor-alias value="range unit"/>
184<t>
185   A representation can be partitioned into subranges according to various
186   structural units, depending on the structure inherent in the
187   representation's media type. This "<x:dfn>range unit</x:dfn>" is used
188   in the <x:ref>Accept-Ranges</x:ref> (<xref target="header.accept-ranges"/>)
189   response header field to advertise support for range requests, the
190   <x:ref>Range</x:ref> (<xref target="header.range"/>) request header field
191   to delineate the parts of a representation that are requested, and the
192   <x:ref>Content-Range</x:ref> (<xref target="header.content-range"/>)
193   payload header field to describe which part of a representation is being
194   transferred.
195</t>
196<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="range-unit"/><iref item="Grammar" subitem="bytes-unit"/><iref item="Grammar" subitem="other-range-unit"/>
197  <x:ref>range-unit</x:ref>       = <x:ref>bytes-unit</x:ref> / <x:ref>other-range-unit</x:ref>
198</artwork></figure>
199
200<section title="Byte Ranges" anchor="byte.ranges">
201  <x:anchor-alias value="bytes-unit"/>
202<t>
203   Since representation data is transferred in payloads as a sequence of
204   octets, a byte range is a meaningful substructure for any representation
205   transferable over HTTP (&representation;). We define the "bytes" range
206   unit for expressing subranges of the data's octet sequence.
207</t>
208<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="bytes-unit"/>
209  <x:ref>bytes-unit</x:ref>       = "bytes"
210</artwork></figure>
211<t anchor="rule.ranges-specifier">
212  <x:anchor-alias value="byte-range-set"/>
213  <x:anchor-alias value="byte-range-spec"/>
214  <x:anchor-alias value="byte-ranges-specifier"/>
215  <x:anchor-alias value="first-byte-pos"/>
216  <x:anchor-alias value="last-byte-pos"/>
217  <x:anchor-alias value="ranges-specifier"/>
218  <x:anchor-alias value="suffix-byte-range-spec"/>
219  <x:anchor-alias value="suffix-length"/>
220   A byte range operation &MAY; specify a single range of bytes, or a set
221   of ranges within a single representation.
222</t>
223<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="ranges-specifier"/><iref primary="true" item="Grammar" subitem="byte-ranges-specifier"/><iref primary="true" item="Grammar" subitem="byte-range-set"/><iref primary="true" item="Grammar" subitem="byte-range-spec"/><iref primary="true" item="Grammar" subitem="first-byte-pos"/><iref primary="true" item="Grammar" subitem="last-byte-pos"/>
224  <x:ref>byte-ranges-specifier</x:ref> = <x:ref>bytes-unit</x:ref> "=" <x:ref>byte-range-set</x:ref>
225  <x:ref>byte-range-set</x:ref>  = 1#( <x:ref>byte-range-spec</x:ref> / <x:ref>suffix-byte-range-spec</x:ref> )
226  <x:ref>byte-range-spec</x:ref> = <x:ref>first-byte-pos</x:ref> "-" [ <x:ref>last-byte-pos</x:ref> ]
227  <x:ref>first-byte-pos</x:ref>  = 1*<x:ref>DIGIT</x:ref>
228  <x:ref>last-byte-pos</x:ref>   = 1*<x:ref>DIGIT</x:ref>
229</artwork></figure>
230<t>
231   The <x:ref>first-byte-pos</x:ref> value in a <x:ref>byte-range-spec</x:ref>
232   gives the byte-offset of the first byte in a range.
233   The <x:ref>last-byte-pos</x:ref> value gives the byte-offset of the last
234   byte in the range; that is, the byte positions specified are inclusive.
235   Byte offsets start at zero.
236</t>
237<t>
238   Examples of <x:ref>byte-ranges-specifier</x:ref> values:
239  <list style="symbols">
240     <t>The first 500 bytes (byte offsets 0-499, inclusive):
241<figure><artwork type="example" x:indent-with="   ">
242  bytes=0-499
243</artwork></figure>
244    </t>
245     <t>The second 500 bytes (byte offsets 500-999, inclusive):
246<figure><artwork type="example" x:indent-with="   ">
247  bytes=500-999
248</artwork></figure>
249    </t>
250  </list>
251</t>
252<t>
253   A <x:ref>byte-range-spec</x:ref> is invalid if the
254   <x:ref>last-byte-pos</x:ref> value is present and less than the
255   <x:ref>first-byte-pos</x:ref>.
256</t>
257<t>
258   A client can limit the number of bytes requested without knowing the size
259   of the selected representation.
260   If the <x:ref>last-byte-pos</x:ref> value is absent, or if the value is
261   greater than or equal to the current length of the representation data, the
262   byte range is interpreted as the remainder of the representation (i.e., the
263   server replaces the value of <x:ref>last-byte-pos</x:ref> with a value that
264   is one less than the current length of the selected representation).
265</t>
266<t>
267   A client can request the last N bytes of the selected representation using
268   a <x:ref>suffix-byte-range-spec</x:ref>.
269</t>
270<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="suffix-byte-range-spec"/><iref primary="true" item="Grammar" subitem="suffix-length"/>
271  <x:ref>suffix-byte-range-spec</x:ref> = "-" <x:ref>suffix-length</x:ref>
272  <x:ref>suffix-length</x:ref> = 1*<x:ref>DIGIT</x:ref>
273</artwork></figure>
274<t>
275   If the selected representation is shorter than the specified
276   <x:ref>suffix-length</x:ref>, the entire representation is used.
277   For example (assuming a representation of length 10000):
278  <list style="symbols">
279     <t>The final 500 bytes (byte offsets 9500-9999, inclusive):
280<figure><artwork type="example" x:indent-with="   ">
281  bytes=-500
282</artwork></figure>
283    Or:
284<figure><artwork type="example" x:indent-with="   ">
285  bytes=9500-
286</artwork></figure>
287    </t>
288     <t>The first and last bytes only (bytes 0 and 9999):
289<figure><artwork type="example" x:indent-with="   ">
290  bytes=0-0,-1
291</artwork></figure>
292     </t>
293     <t>Other valid (but not canonical) specifications of the second 500
294        bytes (byte offsets 500-999, inclusive):
295<figure><artwork type="example" x:indent-with="   ">
296  bytes=500-600,601-999
297  bytes=500-700,601-999
298</artwork></figure>
299     </t>
300  </list>
301</t>
302<t>
303   If a valid <x:ref>byte-range-set</x:ref> includes at least one
304   <x:ref>byte-range-spec</x:ref> with a <x:ref>first-byte-pos</x:ref> that is
305   less than the current length of the representation, or at least one
306   <x:ref>suffix-byte-range-spec</x:ref> with a non-zero
307   <x:ref>suffix-length</x:ref>, then the <x:ref>byte-range-set</x:ref> is
308   satisfiable. Otherwise, the <x:ref>byte-range-set</x:ref> is unsatisfiable.
309</t>
310<t>
311   In the byte range syntax, <x:ref>first-byte-pos</x:ref>,
312   <x:ref>last-byte-pos</x:ref>, and <x:ref>suffix-length</x:ref> are
313   expressed as decimal number of octets. Since there is no predefined limit
314   to the length of a payload, recipients ought to anticipate potentially
315   large decimal numerals and prevent parsing errors due to integer conversion
316   overflows.
317</t>
318</section>
319
320<section title="Other Range Units" anchor="range.units.other">
321  <x:anchor-alias value="other-range-unit"/>
322<t>
323  Range units are intended to be extensible.  New range units ought to be
324  registered with IANA, as defined in <xref target="range.unit.registry"/>.
325</t>
326<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="other-range-unit"/>
327  <x:ref>other-range-unit</x:ref> = <x:ref>token</x:ref>
328</artwork></figure>
329</section>
330
331<section title="Accept-Ranges" anchor="header.accept-ranges">
332  <iref primary="true" item="Accept-Ranges header field" x:for-anchor=""/>
333  <x:anchor-alias value="Accept-Ranges"/>
334  <x:anchor-alias value="acceptable-ranges"/>
335<t>
336   The "Accept-Ranges" header field allows a server to indicate that it
337   supports range requests for the target resource.
338</t>
339<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Accept-Ranges"/><iref primary="true" item="Grammar" subitem="acceptable-ranges"/>
340  <x:ref>Accept-Ranges</x:ref>     = <x:ref>acceptable-ranges</x:ref>
341  <x:ref>acceptable-ranges</x:ref> = 1#<x:ref>range-unit</x:ref> / "none"
342</artwork></figure>
343<t>
344   Origin servers that support byte-range requests &MAY; send
345</t>
346<figure><artwork type="example">
347  Accept-Ranges: bytes
348</artwork></figure>
349<t>
350   but are not required to do so. Clients &MAY; generate range
351   requests without having received this header field for the resource
352   involved. Range units are defined in <xref target="range.units"/>.
353</t>
354<t>
355   Servers that do not support any kind of range request for the target
356   resource resource &MAY; send
357</t>
358<figure><artwork type="example">
359  Accept-Ranges: none
360</artwork></figure>
361<t>
362   to advise the client not to attempt a range request.
363</t>
364</section>
365</section>
366
367
368<section title="Range Requests" anchor="range.requests">
369<section title="Range" anchor="header.range">
370  <iref primary="true" item="Range header field" x:for-anchor=""/>
371  <x:anchor-alias value="Range"/>
372  <x:anchor-alias value="other-ranges-specifier"/>
373  <x:anchor-alias value="other-range-set"/>
374<t>
375   The "Range" header field on a GET request modifies the method semantics to
376   request transfer of only one or more subranges of the selected
377   representation data, rather than the entire selected representation data.
378</t>
379<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Range"/>
380  <x:ref>Range</x:ref> = <x:ref>byte-ranges-specifier</x:ref> / <x:ref>other-ranges-specifier</x:ref>
381  <x:ref>other-ranges-specifier</x:ref> = <x:ref>other-range-unit</x:ref> "=" <x:ref>other-range-set</x:ref>
382  <x:ref>other-range-set</x:ref> = 1*<x:ref>CHAR</x:ref>
383</artwork></figure>
384<t>
385   A server &MAY; ignore the Range header field. However, origin servers and
386   intermediate caches ought to support byte ranges when possible, since Range
387   supports efficient recovery from partially failed transfers and partial
388   retrieval of large representations. A server &MUST; ignore a Range header
389   field received with a request method other than GET.
390</t>
391<t>
392   An origin server &MUST; ignore a Range header field that contains a range
393   unit it does not understand. A proxy &MAY; either discard a Range header
394   field that contains a range unit it does not understand or pass it to the
395   next inbound server when forwarding the request.
396</t>
397<t>
398   A server that supports range requests ought to ignore or reject a
399   <x:ref>Range</x:ref> header field that consists of more than two
400   overlapping ranges, or a set of many small ranges that are not listed
401   in ascending order, since both are indications of either a broken client or
402   a deliberate denial of service attack (<xref target="overlapping.ranges"/>).
403   A client &SHOULD-NOT; request multiple ranges that are inherently less
404   efficient to process and transfer than a single range that encompasses the
405   same data.
406</t>
407<t>
408   A client that is requesting multiple ranges &SHOULD; list those ranges in
409   ascending order (the order in which they would typically be received in a
410   complete representation) unless there is a specific need to request a later
411   part earlier. For example, a user agent processing a large representation
412   with an internal catalog of parts might need to request later parts first,
413   particularly if the representation consists of pages stored in reverse
414   order and the user agent wishes to transfer one page at a time.
415</t>
416<t>
417   The Range header field is evaluated after evaluating the preconditions of
418   <xref target="Part4"/> and only if the result of their evaluation is
419   leading toward a <x:ref>200 (OK)</x:ref> response. In other words, Range
420   is ignored when a conditional GET would result in a
421   <x:ref>304 (Not Modified)</x:ref> response.
422</t>
423<t>
424   The If-Range header field (<xref target="header.if-range"/>) can be used as
425   a precondition to applying the Range header field.
426</t>
427<t>
428   If all of the preconditions are true, the server supports the Range header
429   field for the target resource, and the specified range(s) are valid and
430   satisfiable (as defined in <xref target="byte.ranges"/>), the
431   server &SHOULD; send a <x:ref>206 (Partial Content)</x:ref> response with a
432   payload containing one or more partial representations that correspond to
433   the satisfiable ranges requested, as defined in
434   <xref target="range.response"/>.
435</t>
436<t>
437   If all of the preconditions are true, the server supports the Range header
438   field for the target resource, and the specified range(s) are invalid or
439   unsatisfiable, the server &SHOULD; send a
440   <x:ref>416 (Range Not Satisfiable)</x:ref> response.
441</t>
442</section>
443
444<section title="If-Range" anchor="header.if-range">
445  <iref primary="true" item="If-Range header field" x:for-anchor=""/>
446  <x:anchor-alias value="If-Range"/>
447<t>
448   If a client has a partial copy of a representation and wishes
449   to have an up-to-date copy of the entire representation, it could use the
450   <x:ref>Range</x:ref> header field with a conditional GET (using
451   either or both of <x:ref>If-Unmodified-Since</x:ref> and
452   <x:ref>If-Match</x:ref>.) However, if the condition fails because the
453   representation has been modified, the client would then have to make a
454   second request to obtain the entire current representation.
455</t>
456<t>
457   The "If-Range" header field allows a client to "short-circuit" the second
458   request. Informally, its meaning is: if the representation is unchanged,
459   send me the part(s) that I am requesting in Range; otherwise, send me the
460   entire representation.
461</t>
462<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="If-Range"/>
463  <x:ref>If-Range</x:ref> = <x:ref>entity-tag</x:ref> / <x:ref>HTTP-date</x:ref>
464</artwork></figure>
465<t>
466   Clients &MUST-NOT; use an entity-tag marked as weak in an If-Range
467   field value and &MUST-NOT; use a <x:ref>Last-Modified</x:ref> date in an
468   If-Range field value unless it has no entity-tag for the representation and
469   the Last-Modified date it does have for the representation is strong
470   in the sense defined by &lastmod-comparison;.
471</t>
472<t>
473   A server that evaluates a conditional range request that is applicable
474   to one of its representations &MUST; evaluate the condition as false if
475   the entity-tag used as a validator is marked as weak or, when an HTTP-date
476   is used as the validator, if the date value is not strong in the sense
477   defined by &lastmod-comparison;. (A server can distinguish between a
478   valid HTTP-date and any form of entity-tag by examining the first
479   two characters.)
480</t>
481<t>
482   A client &MUST-NOT; generate an If-Range header field in a request that
483   does not contain a <x:ref>Range</x:ref> header field.
484   A server &MUST; ignore an If-Range header field received in a request that
485   does not contain a <x:ref>Range</x:ref> header field.
486   An origin server &MUST; ignore an If-Range header field received in a
487   request for a target resource that does not support Range requests.
488</t>
489<t>
490   If the validator given in the If-Range header field matches the current
491   validator for the selected representation of the target resource, then
492   the server &SHOULD; process the Range header field as requested.
493   If the validator does not match, then the server &MUST; ignore the
494   <x:ref>Range</x:ref> header field.
495</t>
496</section>
497</section>
498
499
500<section title="Responses to a Range Request" anchor="range.response">
501
502<section title="206 Partial Content" anchor="status.206">
503  <iref primary="true" item="206 Partial Content (status code)" x:for-anchor=""/>
504  <x:anchor-alias value="206"/>
505  <x:anchor-alias value="206 (Partial Content)"/>
506<t>
507   The <x:dfn>206 (Partial Content)</x:dfn> status code indicates that the
508   server is successfully fulfilling a range request for the target resource
509   by transferring one or more parts of the selected representation that
510   correspond to the satisfiable ranges found in the requests's
511   <x:ref>Range</x:ref> header field (<xref target="header.range"/>).
512</t>
513<t>
514   If a single part is being transferred, the server generating the 206
515   response &MUST; generate a <x:ref>Content-Range</x:ref> header field,
516   describing what range of the selected representation is enclosed, and a
517   payload consisting of the range. For example:
518</t>
519<figure><artwork type="message/http; msgtype=&#34;response&#34;" x:indent-with="  ">
520HTTP/1.1 206 Partial Content
521Date: Wed, 15 Nov 1995 06:25:24 GMT
522Last-Modified: Wed, 15 Nov 1995 04:58:08 GMT
523Content-Range: bytes 21010-47021/47022
524Content-Length: 26012
525Content-Type: image/gif
526
527... 26012 bytes of partial image data ...
528</artwork></figure>
529<t>
530   If multiple parts are being transferred, the server generating the 206
531   response &MUST; generate a "multipart/byteranges" payload, as defined
532   in <xref target="internet.media.type.multipart.byteranges"/>, and send a
533   <x:ref>Content-Type</x:ref> header field containing the
534   multipart/byteranges media type and its required boundary parameter.
535   Within the header area of each body part in the multipart payload, the
536   server &MUST; generate a <x:ref>Content-Range</x:ref> header field
537   corresponding to the range being enclosed in that body part.
538   If the selected representation would have had a <x:ref>Content-Type</x:ref>
539   header field in a <x:ref>200 (OK)</x:ref> response, the server &SHOULD;
540   generate that same <x:ref>Content-Type</x:ref> field in the header area of
541   each body part. For example:
542</t>
543<figure><artwork type="message/http; msgtype=&#34;response&#34;" x:indent-with="  ">
544HTTP/1.1 206 Partial Content
545Date: Wed, 15 Nov 1995 06:25:24 GMT
546Last-Modified: Wed, 15 Nov 1995 04:58:08 GMT
547Content-Length: 1741
548Content-Type: multipart/byteranges; boundary=THIS_STRING_SEPARATES
549
550--THIS_STRING_SEPARATES
551Content-Type: application/pdf
552Content-Range: bytes 500-999/8000
553
554...the first range...
555--THIS_STRING_SEPARATES
556Content-Type: application/pdf
557Content-Range: bytes 7000-7999/8000
558
559...the second range
560--THIS_STRING_SEPARATES--
561</artwork></figure>
562<t>
563   When multiple ranges are requested, a server &MAY; coalesce any of the
564   ranges that overlap or that are separated by a gap that is smaller than the
565   overhead of sending multiple parts, regardless of the order in which the
566   corresponding byte-range-spec appeared in the received <x:ref>Range</x:ref>
567   header field. Since the typical overhead between parts of a
568   multipart/byteranges payload is around 80 bytes, depending on the selected
569   representation's media type and the chosen boundary parameter length, it
570   can be less efficient to transfer many small disjoint parts than it is to
571   transfer the entire selected representation.
572</t>
573<t>
574   A server &MUST-NOT; generate a multipart response to a request for a single
575   range, since a client that does not request multiple parts might not
576   support multipart responses. However, a server &MAY; generate a
577   multipart/byteranges payload with only a single body part if multiple
578   ranges were requested and only one range was found to be satisfiable or
579   only one range remained after coalescing.
580   A client that cannot process a multipart/byteranges response &MUST-NOT; ask
581   for multiple ranges in a single request.
582</t>
583<t>
584   When a multipart response payload is generated, the server &SHOULD; send
585   the parts in the same order that the corresponding byte-range-spec appeared
586   in the received <x:ref>Range</x:ref> header field, excluding those ranges
587   that were deemed unsatisfiable or that were coalesced into other ranges.
588   A client that receives a multipart response &MUST; inspect the
589   <x:ref>Content-Range</x:ref> header field present in each body part in
590   order to determine which range is contained in that body part; a client
591   cannot rely on receiving the same ranges that it requested, nor the same
592   order that it requested.
593</t>
594<t>
595   When a 206 response is generated, the server &MUST; generate the following
596   header fields, in addition to those described above, if the field would
597   have been sent in a <x:ref>200 (OK)</x:ref> response to the same request:
598   <x:ref>Date</x:ref>, <x:ref>Cache-Control</x:ref>, <x:ref>ETag</x:ref>,
599   <x:ref>Expires</x:ref>, <x:ref>Content-Location</x:ref>, and
600   <x:ref>Vary</x:ref>.
601</t>
602<t>
603   If a 206 is generated in response to a request with an <x:ref>If-Range</x:ref>
604   header field, the sender &SHOULD-NOT; generate other representation header
605   fields beyond those described above because the client is understood to
606   already have a prior response containing those header fields.
607   Otherwise, the sender &MUST; generate all of the representation header
608   fields that would have been sent in a <x:ref>200 (OK)</x:ref> response
609   to the same request.
610</t>
611<t>
612   Caches &MAY; use a heuristic (see &p6-heuristic;) to determine
613   freshness for 206 responses.
614</t>
615</section>
616
617<section title="Content-Range" anchor="header.content-range">
618  <iref primary="true" item="Content-Range header field" x:for-anchor=""/>
619  <x:anchor-alias value="Content-Range"/>
620  <x:anchor-alias value="byte-content-range"/>
621  <x:anchor-alias value="byte-range-resp"/>
622  <x:anchor-alias value="byte-range"/>
623  <x:anchor-alias value="unsatisfied-range"/>
624  <x:anchor-alias value="complete-length"/>
625  <x:anchor-alias value="other-content-range"/>
626  <x:anchor-alias value="other-range-resp"/>
627<t>
628   The "Content-Range" header field is sent with a partial representation to
629   specify what range of the full representation is enclosed as payload.
630</t>
631<figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Content-Range"/><iref primary="true" item="Grammar" subitem="byte-content-range"/><iref primary="true" item="Grammar" subitem="byte-range-resp"/><iref primary="true" item="Grammar" subitem="byte-range"/><iref primary="true" item="Grammar" subitem="unsatisfied-range"/><iref primary="true" item="Grammar" subitem="other-content-range"/><iref primary="true" item="Grammar" subitem="other-range-resp"/><iref primary="true" item="Grammar" subitem="complete-length"/>
632  <x:ref>Content-Range</x:ref>       = <x:ref>byte-content-range</x:ref>
633                      / <x:ref>other-content-range</x:ref>
634                         
635  <x:ref>byte-content-range</x:ref>  = <x:ref>bytes-unit</x:ref> <x:ref>SP</x:ref>
636                        ( <x:ref>byte-range-resp</x:ref> / <x:ref>unsatisfied-range</x:ref> )
637
638  <x:ref>byte-range-resp</x:ref>     = <x:ref>byte-range</x:ref> "/" ( <x:ref>complete-length</x:ref> / "*" )
639  <x:ref>byte-range</x:ref>          = <x:ref>first-byte-pos</x:ref> "-" <x:ref>last-byte-pos</x:ref>
640  <x:ref>unsatisfied-range</x:ref>   = "*/" <x:ref>complete-length</x:ref>
641                         
642  <x:ref>complete-length</x:ref>     = 1*<x:ref>DIGIT</x:ref>
643 
644  <x:ref>other-content-range</x:ref> = <x:ref>other-range-unit</x:ref> <x:ref>SP</x:ref> <x:ref>other-range-resp</x:ref>
645  <x:ref>other-range-resp</x:ref>    = *<x:ref>CHAR</x:ref>
646</artwork></figure>
647<t>   
648   Range units are defined in <xref target="range.units"/>. A recipient of a
649   <x:ref>206 (Partial Content)</x:ref> response containing a
650   <x:ref>Content-Range</x:ref> header field with a <x:ref>range unit</x:ref>
651   that the recipient does not understand &MUST-NOT; attempt to recombine it
652   with a stored representation. A proxy that receives such a message
653   &SHOULD; forward it downstream.
654</t>
655<t>
656   For byte ranges, a sender &SHOULD; indicate the complete length of the
657   representation from which the range has been extracted unless the complete
658   length is unknown or difficult to determine. An asterisk character ("*") in
659   place of the complete-length indicates that the representation length was
660   unknown when the header field was generated.
661</t>
662<t>
663   A Content-Range field value with a <x:ref>byte-range-resp</x:ref> that has
664   a <x:ref>last-byte-pos</x:ref> value less than its
665   <x:ref>first-byte-pos</x:ref> value, or a <x:ref>complete-length</x:ref>
666   value less than or equal to its <x:ref>last-byte-pos</x:ref> value, is
667   invalid. The recipient of an invalid <x:ref>Content-Range</x:ref> &MUST-NOT;
668   attempt to recombine the received content with a stored representation.
669</t>
670<t>
671   A server generating a <x:ref>206 (Partial Content)</x:ref> response to a
672   byte range request &MUST; send, in each body part of a multipart response
673   or in the header block of a single part response, a Content-Range header
674   field containing a <x:ref>byte-range-resp</x:ref> value that reflects the
675   corresponding range being sent. The following example would apply
676   when the complete length of the selected representation is known by the
677   sender to be 1234 bytes:
678</t>
679<figure><artwork type="example">
680  Content-Range: bytes 42-1233/1234
681</artwork></figure>
682<t>
683   or this second example would apply when the complete length is unknown:
684</t>
685<figure><artwork type="example">
686  Content-Range: bytes 42-1233/*
687</artwork></figure>
688<t>
689   A server generating a <x:ref>416 (Range Not Satisfiable)</x:ref> response
690   to a byte range request &SHOULD; send a Content-Range header field with an
691   <x:ref>unsatisfied-range</x:ref> value, as in the following example:
692</t>
693<figure><artwork type="example">
694  Content-Range: bytes */1234
695</artwork></figure>
696<t>
697   The complete-length in a 416 response indicates the current length of the
698   selected representation, which will be known by the server generating the
699   response because that is how it determined the range to be unsatisfiable.
700</t>
701<t>
702   The "Content-Range" header field has no meaning for status codes that do
703   not explicitly describe its semantic. For this specification, only the
704   <x:ref>206 (Partial Content)</x:ref> and
705   <x:ref>416 (Range Not Satisfiable)</x:ref> status codes describe a meaning
706   for Content-Range.
707</t>
708<t>
709   More examples of Content-Range values, assuming that the representation
710   contains a total of 1234 bytes:
711   <list style="symbols">
712      <t>
713        The first 500 bytes:
714<figure><artwork type="example" x:indent-with="   ">
715  Content-Range: bytes 0-499/1234
716</artwork></figure>
717      </t>   
718      <t>
719        The second 500 bytes:
720<figure><artwork type="example" x:indent-with="   ">
721  Content-Range: bytes 500-999/1234
722</artwork></figure>
723      </t>   
724      <t>
725        All except for the first 500 bytes:
726<figure><artwork type="example" x:indent-with="   ">
727  Content-Range: bytes 500-1233/1234
728</artwork></figure>
729      </t>   
730      <t>
731        The last 500 bytes:
732<figure><artwork type="example" x:indent-with="   ">
733  Content-Range: bytes 734-1233/1234
734</artwork></figure>
735      </t>   
736   </list>
737</t>
738</section>
739
740<section title="Combining Ranges" anchor="combining.byte.ranges">
741<t>
742   A response might transfer only a subrange of a representation if the
743   connection closed prematurely or if the request used one or more Range
744   specifications.  After several such transfers, a client might have
745   received several ranges of the same representation.  These ranges can only
746   be safely combined if they all have in common the same strong validator,
747   where "strong validator" is defined to be either an entity-tag that is
748   not marked as weak (&entity-tags;) or, if no entity-tag is provided, a
749   <x:ref>Last-Modified</x:ref> value that is strong in the sense defined by
750   &lastmod-comparison;.
751</t>
752<t>
753   When a client receives an incomplete <x:ref>200 (OK)</x:ref> response or a
754   <x:ref>206 (Partial Content)</x:ref> response, and already has one or more
755   partial responses for the same method and effective request URI that have
756   the same strong validator as present in the new response,
757   the recipient &MAY; combine some or all of those responses into a set of
758   continuous ranges. A client &MUST-NOT; combine responses that differ in the
759   strong validator or that do not have a strong validator.
760</t>
761<t>
762   If the new response is an incomplete <x:ref>200 (OK)</x:ref> response, then
763   the header fields of that new response are used for any combined response
764   and replace those of the matching stored responses.
765</t>
766<t>
767   If the new response is a <x:ref>206 (Partial Content)</x:ref> response and
768   at least one of the matching stored responses is a <x:ref>200 (OK)</x:ref>,
769   then the combined response header fields consist of the most recent 200
770   response's header fields. If all of the matching stored responses are 206
771   responses, then the stored response with the most recent header fields is
772   used as the source of header fields for the combined response, except that
773   the client &MUST; use other header fields provided in the new response,
774   aside from <x:ref>Content-Range</x:ref>, to replace all instances of the
775   corresponding header fields in the stored response.
776</t>
777<t>
778   The combined response message body consists of the union of partial
779   content ranges in the new response and each of the selected responses.
780   If the union consists of the entire range of the representation, then the
781   client &MUST; record the combined response as if it were a complete
782   <x:ref>200 (OK)</x:ref> response, including a <x:ref>Content-Length</x:ref>
783   header field that reflects the complete length.
784   Otherwise, the client &MUST; record the set of continuous ranges as one of
785   the following:
786   an incomplete <x:ref>200 (OK)</x:ref> response if the combined response is
787   a prefix of the representation,
788   a single <x:ref>206 (Partial Content)</x:ref> response containing a
789   multipart/byteranges body, or
790   multiple <x:ref>206 (Partial Content)</x:ref> responses, each with one
791   continuous range that is indicated by a <x:ref>Content-Range</x:ref> header
792   field.
793</t>
794</section>
795
796<section title="416 Range Not Satisfiable" anchor="status.416">
797  <iref primary="true" item="416 Range Not Satisfiable (status code)" x:for-anchor=""/>
798  <x:anchor-alias value="416 (Range Not Satisfiable)"/>
799<t>
800   The <x:dfn>416 (Range Not Satisfiable)</x:dfn> status code
801   indicates that none of the ranges-specifier values in the request's
802   <x:ref>Range</x:ref> header field (<xref target="header.range"/>)
803   overlap the current
804   extent of the selected resource and the request did not include an
805   <x:ref>If-Range</x:ref> header field (<xref target="header.if-range"/>).
806   (For byte-ranges, this means that the first-byte-pos of all of the
807   byte-range-spec values were greater than the current length of the selected
808   representation.)
809</t>
810<t>
811   When this status code is sent in response to a byte-range request, the
812   sender &SHOULD; generate a <x:ref>Content-Range</x:ref> header field
813   specifying the current length of the selected representation
814   (see <xref target="header.content-range"/>).
815</t>
816<figure>
817<preamble>For example:</preamble>
818<artwork type="message/http; msgtype=&#34;response&#34;" x:indent-with="  ">
819HTTP/1.1 416 Range Not Satisfiable
820Date: Mon, 20 Jan 2012 15:41:54 GMT
821Content-Range: bytes */47022
822Content-Type: image/gif
823</artwork></figure>
824<x:note>
825  <t>
826    &Note; Clients cannot depend on servers to send a <x:ref>416 (Range Not
827    Satisfiable)</x:ref> response instead of a <x:ref>200 (OK)</x:ref>
828    response for an unsatisfiable <x:ref>Range</x:ref> header field, since not
829    all servers implement this header field.
830  </t>
831</x:note>
832</section>
833</section>
834
835<section title="IANA Considerations" anchor="IANA.considerations">
836
837<section title="Range Unit Registry" anchor="range.unit.registry">
838<t>
839   The HTTP Range Unit Registry defines the name space for the range
840   unit names and refers to their corresponding specifications.
841   The registry is maintained at
842   <eref target="http://www.iana.org/assignments/http-parameters"/>.
843</t>
844
845<section title="Procedure" anchor="range.unit.registry.procedure">
846<t>
847   Registration of an HTTP Range Unit &MUST; include the following fields:
848   <list style="symbols">
849     <t>Name</t>
850     <t>Description</t>
851     <t>Pointer to specification text</t>
852   </list>
853</t>
854<t>
855  Values to be added to this name space require IETF Review
856  (see <xref target="RFC5226" x:fmt="," x:sec="4.1"/>).
857</t>
858</section>
859
860<section title="Registrations" anchor="range.unit.registration">
861<t>
862   The initial HTTP Range Unit Registry shall contain the registrations
863   below:
864</t>
865<texttable align="left" suppress-title="true" anchor="iana.range.units.table">
866   <ttcol>Range Unit Name</ttcol>
867   <ttcol>Description</ttcol>
868   <ttcol>Reference</ttcol>
869
870   <c>bytes</c>
871   <c>a range of octets</c>
872   <c><xref target="byte.ranges"/></c>
873
874   <c>none</c>
875   <c>reserved as keyword, indicating no ranges are supported</c>
876   <c><xref target="header.accept-ranges"/></c>
877</texttable>
878<t>
879   The change controller is: "IETF (iesg@ietf.org) - Internet Engineering Task Force".
880</t>
881</section>
882</section>
883
884<section title="Status Code Registration" anchor="status.code.registration">
885<t>
886   The HTTP Status Code Registry located at <eref target="http://www.iana.org/assignments/http-status-codes"/>
887   shall be updated with the registrations below:
888</t>
889<?BEGININC p5-range.iana-status-codes ?>
890<!--AUTOGENERATED FROM extract-status-code-defs.xslt, do not edit manually-->
891<texttable align="left" suppress-title="true" anchor="iana.status.code.registration.table">
892   <ttcol>Value</ttcol>
893   <ttcol>Description</ttcol>
894   <ttcol>Reference</ttcol>
895   <c>206</c>
896   <c>Partial Content</c>
897   <c>
898      <xref target="status.206"/>
899   </c>
900   <c>416</c>
901   <c>Range Not Satisfiable</c>
902   <c>
903      <xref target="status.416"/>
904   </c>
905</texttable>
906<!--(END)-->
907<?ENDINC p5-range.iana-status-codes ?>
908</section>
909
910<section title="Header Field Registration" anchor="header.field.registration">
911<t>
912   The Message Header Field Registry located at <eref target="http://www.iana.org/assignments/message-headers/message-header-index.html"/> shall be updated
913   with the permanent registrations below (see <xref target="BCP90"/>):
914</t>
915<?BEGININC p5-range.iana-headers ?>
916<!--AUTOGENERATED FROM extract-header-defs.xslt, do not edit manually-->
917<texttable align="left" suppress-title="true" anchor="iana.header.registration.table">
918   <ttcol>Header Field Name</ttcol>
919   <ttcol>Protocol</ttcol>
920   <ttcol>Status</ttcol>
921   <ttcol>Reference</ttcol>
922
923   <c>Accept-Ranges</c>
924   <c>http</c>
925   <c>standard</c>
926   <c>
927      <xref target="header.accept-ranges"/>
928   </c>
929   <c>Content-Range</c>
930   <c>http</c>
931   <c>standard</c>
932   <c>
933      <xref target="header.content-range"/>
934   </c>
935   <c>If-Range</c>
936   <c>http</c>
937   <c>standard</c>
938   <c>
939      <xref target="header.if-range"/>
940   </c>
941   <c>Range</c>
942   <c>http</c>
943   <c>standard</c>
944   <c>
945      <xref target="header.range"/>
946   </c>
947</texttable>
948<!--(END)-->
949<?ENDINC p5-range.iana-headers ?>
950<t>
951   The change controller is: "IETF (iesg@ietf.org) - Internet Engineering Task Force".
952</t>
953</section>
954
955</section>
956
957<section title="Security Considerations" anchor="security.considerations">
958<t>
959   This section is meant to inform developers, information providers, and
960   users of known security concerns specific to the HTTP/1.1 range
961   request mechanisms. More general security considerations are addressed
962   in HTTP messaging &messaging; and semantics &semantics;.
963</t>
964
965<section title="Denial of Service Attacks using Range" anchor="overlapping.ranges">
966<t>
967   Unconstrained multiple range requests are susceptible to denial of service
968   attacks because the effort required to request many overlapping ranges of
969   the same data is tiny compared to the time, memory, and bandwidth consumed
970   by attempting to serve the requested data in many parts.
971   Servers ought to ignore, coalesce, or reject egregious range requests, such
972   as requests for more than two overlapping ranges or for many small ranges
973   in a single set, particularly when the ranges are requested out of order
974   for no apparent reason. Multipart range requests are not designed to
975   support random access.
976</t>
977</section>
978</section>
979
980<section title="Acknowledgments" anchor="acks">
981<t>
982  See &acks;.
983</t>
984</section>
985</middle>
986<back>
987
988<references title="Normative References">
989
990<reference anchor="Part1">
991  <front>
992    <title>Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing</title>
993    <author initials="R." surname="Fielding" fullname="Roy T. Fielding" role="editor">
994      <organization abbrev="Adobe">Adobe Systems Incorporated</organization>
995      <address><email>fielding@gbiv.com</email></address>
996    </author>
997    <author initials="J. F." surname="Reschke" fullname="Julian F. Reschke" role="editor">
998      <organization abbrev="greenbytes">greenbytes GmbH</organization>
999      <address><email>julian.reschke@greenbytes.de</email></address>
1000    </author>
1001    <date month="&ID-MONTH;" year="&ID-YEAR;"/>
1002  </front>
1003  <seriesInfo name="Internet-Draft" value="draft-ietf-httpbis-p1-messaging-&ID-VERSION;"/>
1004  <x:source href="p1-messaging.xml" basename="p1-messaging">
1005    <x:defines>Content-Length</x:defines>
1006  </x:source>
1007</reference>
1008
1009<reference anchor="Part2">
1010  <front>
1011    <title>Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content</title>
1012    <author initials="R." surname="Fielding" fullname="Roy T. Fielding" role="editor">
1013      <organization abbrev="Adobe">Adobe Systems Incorporated</organization>
1014      <address><email>fielding@gbiv.com</email></address>
1015    </author>
1016    <author initials="J. F." surname="Reschke" fullname="Julian F. Reschke" role="editor">
1017      <organization abbrev="greenbytes">greenbytes GmbH</organization>
1018      <address><email>julian.reschke@greenbytes.de</email></address>
1019    </author>
1020    <date month="&ID-MONTH;" year="&ID-YEAR;"/>
1021  </front>
1022  <seriesInfo name="Internet-Draft" value="draft-ietf-httpbis-p2-semantics-&ID-VERSION;"/>
1023  <x:source href="p2-semantics.xml" basename="p2-semantics">
1024    <x:defines>200 (OK)</x:defines>
1025    <x:defines>410 (Gone)</x:defines>
1026    <x:defines>Content-Location</x:defines>
1027    <x:defines>Content-Type</x:defines>
1028    <x:defines>Date</x:defines>
1029    <x:defines>Location</x:defines>
1030    <x:defines>Vary</x:defines>
1031  </x:source>
1032</reference>
1033
1034<reference anchor="Part4">
1035  <front>
1036    <title>Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests</title>
1037    <author initials="R." surname="Fielding" fullname="Roy T. Fielding" role="editor">
1038      <organization abbrev="Adobe">Adobe Systems Incorporated</organization>
1039      <address><email>fielding@gbiv.com</email></address>
1040    </author>
1041    <author initials="J. F." surname="Reschke" fullname="Julian F. Reschke" role="editor">
1042      <organization abbrev="greenbytes">greenbytes GmbH</organization>
1043      <address><email>julian.reschke@greenbytes.de</email></address>
1044    </author>
1045    <date month="&ID-MONTH;" year="&ID-YEAR;"/>
1046  </front>
1047  <seriesInfo name="Internet-Draft" value="draft-ietf-httpbis-p4-conditional-&ID-VERSION;"/>
1048  <x:source href="p4-conditional.xml" basename="p4-conditional">
1049    <x:defines>304 (Not Modified)</x:defines>
1050    <x:defines>ETag</x:defines>
1051    <x:defines>If-Match</x:defines>
1052    <x:defines>If-Modified-Since</x:defines>
1053    <x:defines>If-None-Match</x:defines>
1054    <x:defines>If-Unmodified-Since</x:defines>
1055    <x:defines>Last-Modified</x:defines>
1056  </x:source>
1057</reference>
1058
1059<reference anchor="Part6">
1060  <front>
1061    <title>Hypertext Transfer Protocol (HTTP/1.1): Caching</title>
1062    <author initials="R." surname="Fielding" fullname="Roy T. Fielding" role="editor">
1063      <organization abbrev="Adobe">Adobe Systems Incorporated</organization>
1064      <address><email>fielding@gbiv.com</email></address>
1065    </author>
1066    <author initials="M." surname="Nottingham" fullname="Mark Nottingham" role="editor">
1067      <organization>Akamai</organization>
1068      <address><email>mnot@mnot.net</email></address>
1069    </author>
1070    <author initials="J. F." surname="Reschke" fullname="Julian F. Reschke" role="editor">
1071      <organization abbrev="greenbytes">greenbytes GmbH</organization>
1072      <address><email>julian.reschke@greenbytes.de</email></address>
1073    </author>
1074    <date month="&ID-MONTH;" year="&ID-YEAR;"/>
1075  </front>
1076  <seriesInfo name="Internet-Draft" value="draft-ietf-httpbis-p6-cache-&ID-VERSION;"/>
1077  <x:source href="p6-cache.xml" basename="p6-cache">
1078    <x:defines>Cache-Control</x:defines>
1079    <x:defines>Expires</x:defines>
1080  </x:source>
1081</reference>
1082
1083<reference anchor="RFC2046">
1084  <front>
1085    <title abbrev="Media Types">Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types</title>
1086    <author initials="N." surname="Freed" fullname="Ned Freed">
1087      <organization>Innosoft International, Inc.</organization>
1088      <address><email>ned@innosoft.com</email></address>
1089    </author>
1090    <author initials="N." surname="Borenstein" fullname="Nathaniel S. Borenstein">
1091      <organization>First Virtual Holdings</organization>
1092      <address><email>nsb@nsb.fv.com</email></address>
1093    </author>
1094    <date month="November" year="1996"/>
1095  </front>
1096  <seriesInfo name="RFC" value="2046"/>
1097</reference>
1098
1099<reference anchor="RFC2119">
1100  <front>
1101    <title>Key words for use in RFCs to Indicate Requirement Levels</title>
1102    <author initials="S." surname="Bradner" fullname="Scott Bradner">
1103      <organization>Harvard University</organization>
1104      <address><email>sob@harvard.edu</email></address>
1105    </author>
1106    <date month="March" year="1997"/>
1107  </front>
1108  <seriesInfo name="BCP" value="14"/>
1109  <seriesInfo name="RFC" value="2119"/>
1110</reference>
1111
1112<reference anchor="RFC5234">
1113  <front>
1114    <title abbrev="ABNF for Syntax Specifications">Augmented BNF for Syntax Specifications: ABNF</title>
1115    <author initials="D." surname="Crocker" fullname="Dave Crocker" role="editor">
1116      <organization>Brandenburg InternetWorking</organization>
1117      <address>
1118        <email>dcrocker@bbiw.net</email>
1119      </address> 
1120    </author>
1121    <author initials="P." surname="Overell" fullname="Paul Overell">
1122      <organization>THUS plc.</organization>
1123      <address>
1124        <email>paul.overell@thus.net</email>
1125      </address>
1126    </author>
1127    <date month="January" year="2008"/>
1128  </front>
1129  <seriesInfo name="STD" value="68"/>
1130  <seriesInfo name="RFC" value="5234"/>
1131</reference>
1132
1133</references>
1134
1135<references title="Informative References">
1136
1137<reference anchor="RFC2616">
1138  <front>
1139    <title>Hypertext Transfer Protocol -- HTTP/1.1</title>
1140    <author initials="R." surname="Fielding" fullname="R. Fielding">
1141      <organization>University of California, Irvine</organization>
1142      <address><email>fielding@ics.uci.edu</email></address>
1143    </author>
1144    <author initials="J." surname="Gettys" fullname="J. Gettys">
1145      <organization>W3C</organization>
1146      <address><email>jg@w3.org</email></address>
1147    </author>
1148    <author initials="J." surname="Mogul" fullname="J. Mogul">
1149      <organization>Compaq Computer Corporation</organization>
1150      <address><email>mogul@wrl.dec.com</email></address>
1151    </author>
1152    <author initials="H." surname="Frystyk" fullname="H. Frystyk">
1153      <organization>MIT Laboratory for Computer Science</organization>
1154      <address><email>frystyk@w3.org</email></address>
1155    </author>
1156    <author initials="L." surname="Masinter" fullname="L. Masinter">
1157      <organization>Xerox Corporation</organization>
1158      <address><email>masinter@parc.xerox.com</email></address>
1159    </author>
1160    <author initials="P." surname="Leach" fullname="P. Leach">
1161      <organization>Microsoft Corporation</organization>
1162      <address><email>paulle@microsoft.com</email></address>
1163    </author>
1164    <author initials="T." surname="Berners-Lee" fullname="T. Berners-Lee">
1165      <organization>W3C</organization>
1166      <address><email>timbl@w3.org</email></address>
1167    </author>
1168    <date month="June" year="1999"/>
1169  </front>
1170  <seriesInfo name="RFC" value="2616"/>
1171</reference>
1172
1173<reference anchor='BCP90'>
1174  <front>
1175    <title>Registration Procedures for Message Header Fields</title>
1176    <author initials='G.' surname='Klyne' fullname='G. Klyne'>
1177      <organization>Nine by Nine</organization>
1178      <address><email>GK-IETF@ninebynine.org</email></address>
1179    </author>
1180    <author initials='M.' surname='Nottingham' fullname='M. Nottingham'>
1181      <organization>BEA Systems</organization>
1182      <address><email>mnot@pobox.com</email></address>
1183    </author>
1184    <author initials='J.' surname='Mogul' fullname='J. Mogul'>
1185      <organization>HP Labs</organization>
1186      <address><email>JeffMogul@acm.org</email></address>
1187    </author>
1188    <date year='2004' month='September' />
1189  </front>
1190  <seriesInfo name='BCP' value='90' />
1191  <seriesInfo name='RFC' value='3864' />
1192</reference>
1193
1194<reference anchor="BCP13">
1195  <front>
1196    <title>Media Type Specifications and Registration Procedures</title>
1197    <author initials="N." surname="Freed" fullname="N. Freed">
1198      <organization>Sun Microsystems</organization>
1199      <address>
1200        <email>ned.freed@mrochek.com</email>
1201      </address>
1202    </author>
1203    <author initials="J." surname="Klensin" fullname="J. Klensin">
1204      <address>
1205        <email>klensin+ietf@jck.com</email>
1206      </address>
1207    </author>
1208    <date year="2005" month="December"/>
1209  </front>
1210  <seriesInfo name="BCP" value="13"/>
1211  <seriesInfo name="RFC" value="4288"/>
1212</reference>
1213
1214<reference anchor='RFC5226'>
1215  <front>
1216    <title>Guidelines for Writing an IANA Considerations Section in RFCs</title>
1217    <author initials='T.' surname='Narten' fullname='T. Narten'>
1218      <organization>IBM</organization>
1219      <address><email>narten@us.ibm.com</email></address>
1220    </author>
1221    <author initials='H.' surname='Alvestrand' fullname='H. Alvestrand'>
1222      <organization>Google</organization>
1223      <address><email>Harald@Alvestrand.no</email></address>
1224    </author>
1225    <date year='2008' month='May' />
1226  </front>
1227  <seriesInfo name='BCP' value='26' />
1228  <seriesInfo name='RFC' value='5226' />
1229</reference>
1230
1231</references>
1232
1233<section title="Internet Media Type multipart/byteranges" anchor="internet.media.type.multipart.byteranges">
1234<iref item="Media Type" subitem="multipart/byteranges" primary="true"/>
1235<iref item="multipart/byteranges Media Type" primary="true"/>
1236<t>
1237   When a <x:ref>206 (Partial Content)</x:ref> response message includes the
1238   content of multiple ranges, they are transmitted as body parts in a
1239   multipart message body (<xref target="RFC2046" x:fmt="," x:sec="5.1"/>)
1240   with the media type of "multipart/byteranges".  The following definition is
1241   to be registered with IANA <xref target="BCP13"/>.
1242</t>
1243<t>
1244   The multipart/byteranges media type includes one or more body parts, each
1245   with its own <x:ref>Content-Type</x:ref> and <x:ref>Content-Range</x:ref>
1246   fields. The required boundary parameter specifies the boundary string used
1247   to separate each body part.
1248</t>
1249<t>
1250  <list style="hanging" x:indent="12em">
1251    <t hangText="Type name:">
1252      multipart
1253    </t>
1254    <t hangText="Subtype name:">
1255      byteranges
1256    </t>
1257    <t hangText="Required parameters:">
1258      boundary
1259    </t>
1260    <t hangText="Optional parameters:">
1261      none
1262    </t>
1263    <t hangText="Encoding considerations:">
1264      only "7bit", "8bit", or "binary" are permitted
1265    </t>
1266    <t hangText="Security considerations:">
1267      none
1268    </t>
1269    <t hangText="Interoperability considerations:">
1270      none
1271    </t>
1272    <t hangText="Published specification:">
1273      This specification (see <xref target="internet.media.type.multipart.byteranges"/>).
1274    </t>
1275    <t hangText="Applications that use this media type:">
1276      HTTP components supporting multiple ranges in a single request.
1277    </t>
1278    <t hangText="Additional information:">
1279      <list style="hanging">
1280        <t hangText="Magic number(s):">none</t>
1281        <t hangText="File extension(s):">none</t>
1282        <t hangText="Macintosh file type code(s):">none</t>
1283      </list>
1284    </t>
1285    <t hangText="Person and email address to contact for further information:">
1286      See Authors Section.
1287    </t>
1288    <t hangText="Intended usage:">
1289      COMMON
1290    </t>
1291    <t hangText="Restrictions on usage:">
1292      none
1293    </t>
1294    <t hangText="Author/Change controller:">
1295      IESG
1296    </t>
1297  </list>
1298</t>
1299<t>
1300  Implementation Notes:
1301  <list style="numbers">
1302      <t>Additional CRLFs might precede the first boundary string in the body.</t>
1303
1304      <t>Although <xref target="RFC2046"/> permits the boundary string to be
1305         quoted, some existing implementations handle a quoted boundary
1306         string incorrectly.</t>
1307
1308      <t>A number of clients and servers were coded to an early draft
1309         of the byteranges specification that used a media type of
1310         multipart/x-byteranges<iref item="multipart/x-byteranges Media Type"/><iref item="Media Type" subitem="multipart/x-byteranges"/>,
1311         which is almost (but not quite) compatible with this type.</t>
1312  </list>
1313</t>
1314<t>
1315   Despite the name, the "multipart/byteranges" media type is not limited to
1316   byte ranges. The following example uses an "exampleunit" range unit:
1317</t>
1318<figure><artwork type="message/http; msgtype=&#34;response&#34;" x:indent-with="  ">
1319HTTP/1.1 206 Partial Content
1320Date: Tue, 14 Nov 1995 06:25:24 GMT
1321Last-Modified: Tue, 14 July 04:58:08 GMT
1322Content-Length: 2331785
1323Content-Type: multipart/byteranges; boundary=THIS_STRING_SEPARATES
1324
1325--THIS_STRING_SEPARATES
1326Content-Type: video/example
1327Content-Range: exampleunit 1.2-4.3/25
1328
1329...the first range...
1330--THIS_STRING_SEPARATES
1331Content-Type: video/example
1332Content-Range: exampleunit 11.2-14.3/25
1333
1334...the second range
1335--THIS_STRING_SEPARATES--
1336</artwork>
1337</figure>
1338</section>
1339
1340<section title="Changes from RFC 2616" anchor="changes.from.rfc.2616">
1341
1342<t>
1343  A weak validator cannot be used in a <x:ref>206</x:ref> response.
1344  (<xref target="status.206"/>)
1345</t>
1346<t>
1347  The Content-Range header field only has meaning when the status code
1348  explicitly defines its use.
1349  (<xref target="header.content-range" />)
1350</t>
1351<t>
1352  Servers are given more leeway in how they respond to a range request,
1353  in order to mitigate abuse by malicious (or just greedy) clients.
1354</t>
1355<t>
1356  multipart/byteranges can consist of a single part.
1357  (<xref target="internet.media.type.multipart.byteranges"/>)
1358</t>
1359<t>
1360  This specification introduces a Range Unit Registry.
1361  (<xref target="range.unit.registry"/>)
1362</t>
1363</section>
1364
1365<section title="Imported ABNF" anchor="imported.abnf">
1366  <x:anchor-alias value="ALPHA"/>
1367  <x:anchor-alias value="CHAR"/>
1368  <x:anchor-alias value="CR"/>
1369  <x:anchor-alias value="DIGIT"/>
1370  <x:anchor-alias value="LF"/>
1371  <x:anchor-alias value="OCTET"/>
1372  <x:anchor-alias value="SP"/>
1373  <x:anchor-alias value="VCHAR"/>
1374  <x:anchor-alias value="token"/>
1375  <x:anchor-alias value="OWS"/>
1376  <x:anchor-alias value="HTTP-date"/>
1377  <x:anchor-alias value="entity-tag"/>
1378<t>
1379  The following core rules are included by
1380  reference, as defined in <xref target="RFC5234" x:fmt="of" x:sec="B.1"/>:
1381  ALPHA (letters), CR (carriage return), CRLF (CR LF), CTL (controls),
1382  DIGIT (decimal 0-9), DQUOTE (double quote),
1383  HEXDIG (hexadecimal 0-9/A-F/a-f), LF (line feed),
1384  OCTET (any 8-bit sequence of data), SP (space), and
1385  VCHAR (any visible US-ASCII character).
1386</t>
1387<t>
1388  Note that all rules derived from <x:ref>token</x:ref> are to
1389  be compared case-insensitively, like <x:ref>range-unit</x:ref> and
1390  <x:ref>acceptable-ranges</x:ref>.
1391</t>
1392<t>
1393  The rules below are defined in <xref target="Part1"/>:
1394</t>
1395<figure><artwork type="abnf2616">
1396  <x:ref>OWS</x:ref>        = &lt;OWS, defined in &whitespace;&gt;
1397  <x:ref>token</x:ref>      = &lt;token, defined in &field-components;&gt;
1398</artwork></figure>
1399<t>
1400  The rules below are defined in other parts:
1401</t>
1402<figure><artwork type="abnf2616">
1403  <x:ref>HTTP-date</x:ref>  = &lt;HTTP-date, defined in &http-date;&gt;
1404  <x:ref>entity-tag</x:ref> = &lt;entity-tag, defined in &entity-tags;&gt;
1405</artwork></figure>
1406</section> 
1407
1408<?BEGININC p5-range.abnf-appendix ?>
1409<section xmlns:x="http://purl.org/net/xml2rfc/ext" title="Collected ABNF" anchor="collected.abnf">
1410<figure>
1411<artwork type="abnf" name="p5-range.parsed-abnf">
1412<x:ref>Accept-Ranges</x:ref> = acceptable-ranges
1413
1414<x:ref>Content-Range</x:ref> = byte-content-range / other-content-range
1415
1416<x:ref>HTTP-date</x:ref> = &lt;HTTP-date, defined in [Part2], Section 7.1.1.1&gt;
1417
1418<x:ref>If-Range</x:ref> = entity-tag / HTTP-date
1419
1420<x:ref>OWS</x:ref> = &lt;OWS, defined in [Part1], Section 3.2.3&gt;
1421
1422<x:ref>Range</x:ref> = byte-ranges-specifier / other-ranges-specifier
1423
1424<x:ref>acceptable-ranges</x:ref> = ( *( "," OWS ) range-unit *( OWS "," [ OWS
1425 range-unit ] ) ) / "none"
1426
1427<x:ref>byte-content-range</x:ref> = bytes-unit SP ( byte-range-resp /
1428 unsatisfied-range )
1429<x:ref>byte-range</x:ref> = first-byte-pos "-" last-byte-pos
1430<x:ref>byte-range-resp</x:ref> = byte-range "/" ( complete-length / "*" )
1431<x:ref>byte-range-set</x:ref> = *( "," OWS ) ( byte-range-spec /
1432 suffix-byte-range-spec ) *( OWS "," [ OWS ( byte-range-spec /
1433 suffix-byte-range-spec ) ] )
1434<x:ref>byte-range-spec</x:ref> = first-byte-pos "-" [ last-byte-pos ]
1435<x:ref>byte-ranges-specifier</x:ref> = bytes-unit "=" byte-range-set
1436<x:ref>bytes-unit</x:ref> = "bytes"
1437
1438<x:ref>complete-length</x:ref> = 1*DIGIT
1439
1440<x:ref>entity-tag</x:ref> = &lt;entity-tag, defined in [Part4], Section 2.3&gt;
1441
1442<x:ref>first-byte-pos</x:ref> = 1*DIGIT
1443
1444<x:ref>last-byte-pos</x:ref> = 1*DIGIT
1445
1446<x:ref>other-content-range</x:ref> = other-range-unit SP other-range-resp
1447<x:ref>other-range-resp</x:ref> = *CHAR
1448<x:ref>other-range-set</x:ref> = 1*CHAR
1449<x:ref>other-range-unit</x:ref> = token
1450<x:ref>other-ranges-specifier</x:ref> = other-range-unit "=" other-range-set
1451
1452<x:ref>range-unit</x:ref> = bytes-unit / other-range-unit
1453
1454<x:ref>suffix-byte-range-spec</x:ref> = "-" suffix-length
1455<x:ref>suffix-length</x:ref> = 1*DIGIT
1456
1457<x:ref>token</x:ref> = &lt;token, defined in [Part1], Section 3.2.6&gt;
1458
1459<x:ref>unsatisfied-range</x:ref> = "*/" complete-length
1460</artwork>
1461</figure>
1462</section>
1463<?ENDINC p5-range.abnf-appendix ?>
1464
1465
1466<section title="Change Log (to be removed by RFC Editor before publication)" anchor="change.log">
1467<t>
1468  Changes up to the first Working Group Last Call draft are summarized
1469  in <eref target="http://tools.ietf.org/html/draft-ietf-httpbis-p5-range-19#appendix-D"/>.
1470</t>
1471
1472<section title="Since draft-ietf-httpbis-p5-range-19" anchor="changes.since.19">
1473<t>
1474  Closed issues:
1475  <list style="symbols"> 
1476    <t>
1477      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/358"/>:
1478      "ABNF list expansion code problem"
1479    </t>
1480    <t>
1481      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/361"/>:
1482      "ABNF requirements for recipients"
1483    </t>
1484    <t>
1485      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/367"/>:
1486      "reserve 'none' as byte range unit"
1487    </t>
1488    <t>
1489      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/368"/>:
1490      "note introduction of new IANA registries as normative changes"
1491    </t>
1492    <t>
1493      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/369"/>:
1494      "range units vs leading zeroes vs size"
1495    </t>
1496  </list>
1497</t>
1498</section>
1499
1500<section title="Since draft-ietf-httpbis-p5-range-20" anchor="changes.since.20">
1501<t>
1502  <list style="symbols">
1503    <t>
1504      Conformance criteria and considerations regarding error handling are
1505      now defined in Part 1.
1506    </t>
1507  </list>
1508</t>
1509</section>
1510
1511<section title="Since draft-ietf-httpbis-p5-range-21" anchor="changes.since.21">
1512<t>
1513  None yet.
1514</t>
1515</section>
1516
1517</section>
1518
1519</back>
1520</rfc>
Note: See TracBrowser for help on using the repository browser.