Ignore:
Timestamp:
Feb 8, 2011, 5:14:45 PM (9 years ago)
Author:
fielding@…
Message:

update HTML

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p1-messaging.html

    r1106 r1109  
    950950         through a common intermediary for the sake of security, annotation services, or shared caching.
    951951      </p>
    952       <p id="rfc.section.2.2.p.6"><span id="rfc.iref.g.24"></span><span id="rfc.iref.r.3"></span> A "gateway" (a.k.a., "reverse proxy") is a receiving agent that acts as a layer above some other server(s) and translates
     952      <p id="rfc.section.2.2.p.6"> <span id="rfc.iref.t.1"></span>  <span id="rfc.iref.n.1"></span> An HTTP-to-HTTP proxy is called a "transforming proxy" if it designed or configured to modify request or response messages
     953         in a semantically meaningful way (i.e., modifications, beyond those required by normal HTTP processing, that change the message
     954         in a way that would be significant to the original sender or potentially significant to downstream recipients). For example,
     955         a transforming proxy might be acting as a shared annotation server (modifying responses to include references to a local annotation
     956         database), a malware filter, a format transcoder, or an intranet-to-Internet privacy filter. Such transformations are presumed
     957         to be desired by the client (or client organization) that selected the proxy and are beyond the scope of this specification.
     958         However, when a proxy is not intended to transform a given message, we use the term "non-transforming proxy" to target requirements
     959         that preserve HTTP message semantics.
     960      </p>
     961      <p id="rfc.section.2.2.p.7"><span id="rfc.iref.g.24"></span><span id="rfc.iref.r.3"></span> A "gateway" (a.k.a., "reverse proxy") is a receiving agent that acts as a layer above some other server(s) and translates
    953962         the received requests to the underlying server's protocol. Gateways are often used for load balancing or partitioning HTTP
    954963         services across multiple machines. Unlike a proxy, a gateway receives requests as if it were the origin server for the target
     
    958967         the scope of this specification.
    959968      </p>
    960       <p id="rfc.section.2.2.p.7"><span id="rfc.iref.t.1"></span> A "tunnel" acts as a blind relay between two connections without changing the messages. Once active, a tunnel is not considered
     969      <p id="rfc.section.2.2.p.8"><span id="rfc.iref.t.2"></span> A "tunnel" acts as a blind relay between two connections without changing the messages. Once active, a tunnel is not considered
    961970         a party to the HTTP communication, though the tunnel might have been initiated by an HTTP request. A tunnel ceases to exist
    962971         when both ends of the relayed connection are closed. Tunnels are used to extend a virtual connection through an intermediary,
    963972         such as when transport-layer security is used to establish private communication through a shared firewall proxy.
     973      </p>
     974      <p id="rfc.section.2.2.p.9"><span id="rfc.iref.i.3"></span><span id="rfc.iref.t.3"></span> In addition, there may exist network intermediaries that are not considered part of the HTTP communication but nevertheless
     975         act as filters or redirecting agents (usually violating HTTP semantics, causing security problems, and otherwise making a
     976         mess of things). Such a network intermediary, referred to as an "interception proxy" <a href="#RFC3040" id="rfc.xref.RFC3040.1"><cite title="Internet Web Replication and Caching Taxonomy">[RFC3040]</cite></a> or "transparent proxy" <a href="#RFC1919" id="rfc.xref.RFC1919.1"><cite title="Classical versus Transparent IP Proxies">[RFC1919]</cite></a>, differs from an HTTP proxy because it has not been selected by the client. Instead, the network intermediary redirects outgoing
     977         TCP port 80 packets (and occasionally other common port traffic) to an internal HTTP server. Interception proxies are commonly
     978         found on public network access points as a means of enforcing account subscription prior to allowing use of non-local Internet
     979         services. They are indistinguishable from a man-in-the-middle attack.
    964980      </p>
    965981      <div id="rfc.iref.c.3"></div>
     
    11591175         might introduce security flaws due to the differing ways that such parsers interpret invalid characters.
    11601176      </p>
    1161       <p id="rfc.section.3.1.p.4">HTTP allows the set of defined header fields to be extended without changing the protocol version (see <a href="#header.field.registration" title="Header Field Registration">Section&nbsp;10.1</a>). However, such fields might not be recognized by a downstream recipient and might be stripped by non-transparent intermediaries.
    1162          Unrecognized header fields <em class="bcp14">MUST</em> be forwarded by transparent proxies and <em class="bcp14">SHOULD</em> be ignored by a recipient.
     1177      <p id="rfc.section.3.1.p.4">HTTP allows the set of defined header fields to be extended without changing the protocol version (see <a href="#header.field.registration" title="Header Field Registration">Section&nbsp;10.1</a>). Unrecognized header fields <em class="bcp14">MUST</em> be forwarded by a proxy unless the proxy is specifically configured to block or otherwise transform such fields. Unrecognized
     1178         header fields <em class="bcp14">SHOULD</em> be ignored by other recipients.
    11631179      </p>
    11641180      <h2 id="rfc.section.3.2"><a href="#rfc.section.3.2">3.2</a>&nbsp;<a id="header.fields" href="#header.fields">Header Fields</a></h2>
     
    13751391      <p id="rfc.section.4.1.2.p.16">The request-target is transmitted in the format specified in <a href="#http.uri" title="http URI scheme">Section&nbsp;2.6.1</a>. If the request-target is percent-encoded (<a href="#RFC3986" id="rfc.xref.RFC3986.18"><cite title="Uniform Resource Identifier (URI): Generic Syntax">[RFC3986]</cite></a>, <a href="http://tools.ietf.org/html/rfc3986#section-2.1">Section 2.1</a>), the origin server <em class="bcp14">MUST</em> decode the request-target in order to properly interpret the request. Servers <em class="bcp14">SHOULD</em> respond to invalid request-targets with an appropriate status code.
    13761392      </p>
    1377       <p id="rfc.section.4.1.2.p.17">A transparent proxy <em class="bcp14">MUST NOT</em> rewrite the "path-absolute" part of the received request-target when forwarding it to the next inbound server, except as noted
     1393      <p id="rfc.section.4.1.2.p.17">A non-transforming proxy <em class="bcp14">MUST NOT</em> rewrite the "path-absolute" part of the received request-target when forwarding it to the next inbound server, except as noted
    13781394         above to replace a null path-absolute with "/" or "*".
    13791395      </p>
     
    14151431      </p>
    14161432      <div id="rfc.iref.e.1"></div>
    1417       <div id="rfc.iref.t.2"></div>
     1433      <div id="rfc.iref.t.4"></div>
    14181434      <h2 id="rfc.section.4.3"><a href="#rfc.section.4.3">4.3</a>&nbsp;<a id="effective.request.uri" href="#effective.request.uri">Effective Request URI</a></h2>
    14191435      <p id="rfc.section.4.3.p.1">HTTP requests often do not carry the absolute URI (<a href="#RFC3986" id="rfc.xref.RFC3986.20"><cite title="Uniform Resource Identifier (URI): Generic Syntax">[RFC3986]</cite></a>, <a href="http://tools.ietf.org/html/rfc3986#section-4.3">Section 4.3</a>) for the target resource; instead, the URI needs to be inferred from the request-target, Host header field, and connection
     
    18261842      </p>
    18271843      <h4 id="rfc.section.7.1.3.2"><a href="#rfc.section.7.1.3.2">7.1.3.2</a>&nbsp;<a id="non-modifiable.header-fields" href="#non-modifiable.header-fields">Non-modifiable Header Fields</a></h4>
    1828       <p id="rfc.section.7.1.3.2.p.1">Some features of HTTP/1.1, such as Digest Authentication, depend on the value of certain end-to-end header fields. A transparent
     1844      <p id="rfc.section.7.1.3.2.p.1">Some features of HTTP/1.1, such as Digest Authentication, depend on the value of certain end-to-end header fields. A non-transforming
    18291845         proxy <em class="bcp14">SHOULD NOT</em> modify an end-to-end header field unless the definition of that header field requires or specifically allows that.
    18301846      </p>
    1831       <p id="rfc.section.7.1.3.2.p.2">A transparent proxy <em class="bcp14">MUST NOT</em> modify any of the following fields in a request or response, and it <em class="bcp14">MUST NOT</em> add any of these fields if not already present:
     1847      <p id="rfc.section.7.1.3.2.p.2">A non-transforming proxy <em class="bcp14">MUST NOT</em> modify any of the following fields in a request or response, and it <em class="bcp14">MUST NOT</em> add any of these fields if not already present:
    18321848      </p>
    18331849      <ul>
     
    18371853         <li>Last-Modified</li>
    18381854      </ul>
    1839       <p id="rfc.section.7.1.3.2.p.3">A transparent proxy <em class="bcp14">MUST NOT</em> modify any of the following fields in a response:
     1855      <p id="rfc.section.7.1.3.2.p.3">A non-transforming proxy <em class="bcp14">MUST NOT</em> modify any of the following fields in a response:
    18401856      </p>
    18411857      <ul>
     
    18511867         <li>Content-Type</li>
    18521868      </ul>
    1853       <p id="rfc.section.7.1.3.2.p.6">A non-transparent proxy <em class="bcp14">MAY</em> modify or add these fields to a message that does not include no-transform, but if it does so, it <em class="bcp14">MUST</em> add a Warning 214 (Transformation applied) if one does not already appear in the message (see <a href="p6-cache.html#header.warning" title="Warning">Section 3.6</a> of <a href="#Part6" id="rfc.xref.Part6.9"><cite title="HTTP/1.1, part 6: Caching">[Part6]</cite></a>).
     1869      <p id="rfc.section.7.1.3.2.p.6">A transforming proxy <em class="bcp14">MAY</em> modify or add these fields to a message that does not include no-transform, but if it does so, it <em class="bcp14">MUST</em> add a Warning 214 (Transformation applied) if one does not already appear in the message (see <a href="p6-cache.html#header.warning" title="Warning">Section 3.6</a> of <a href="#Part6" id="rfc.xref.Part6.9"><cite title="HTTP/1.1, part 6: Caching">[Part6]</cite></a>).
    18541870      </p>
    18551871      <div class="note" id="rfc.section.7.1.3.2.p.7">
     
    18581874         </p>
    18591875      </div>
    1860       <p id="rfc.section.7.1.3.2.p.8">A transparent proxy <em class="bcp14">MUST</em> preserve the message payload (<a href="#Part3" id="rfc.xref.Part3.6"><cite title="HTTP/1.1, part 3: Message Payload and Content Negotiation">[Part3]</cite></a>), though it <em class="bcp14">MAY</em> change the message-body through application or removal of a transfer-coding (<a href="#transfer.codings" title="Transfer Codings">Section&nbsp;6.2</a>).
     1876      <p id="rfc.section.7.1.3.2.p.8">A non-transforming proxy <em class="bcp14">MUST</em> preserve the message payload (<a href="#Part3" id="rfc.xref.Part3.6"><cite title="HTTP/1.1, part 3: Message Payload and Content Negotiation">[Part3]</cite></a>), though it <em class="bcp14">MAY</em> change the message-body through application or removal of a transfer-coding (<a href="#transfer.codings" title="Transfer Codings">Section&nbsp;6.2</a>).
    18611877      </p>
    18621878      <h3 id="rfc.section.7.1.4"><a href="#rfc.section.7.1.4">7.1.4</a>&nbsp;<a id="persistent.practical" href="#persistent.practical">Practical Considerations</a></h3>
     
    21102126      <p id="rfc.section.9.4.p.7">See Sections <a href="#the.resource.identified.by.a.request" title="The Resource Identified by a Request">4.2</a> and <a href="#changes.to.simplify.multi-homed.web.servers.and.conserve.ip.addresses" title="Changes to Simplify Multi-homed Web Servers and Conserve IP Addresses">B.1.1</a> for other requirements relating to Host.
    21112127      </p>
    2112       <div id="rfc.iref.t.3"></div>
     2128      <div id="rfc.iref.t.5"></div>
    21132129      <div id="rfc.iref.h.11"></div>
    21142130      <h2 id="rfc.section.9.5"><a href="#rfc.section.9.5">9.5</a>&nbsp;<a id="header.te" href="#header.te">TE</a></h2>
     
    21592175         is always acceptable.
    21602176      </p>
    2161       <div id="rfc.iref.t.4"></div>
     2177      <div id="rfc.iref.t.6"></div>
    21622178      <div id="rfc.iref.h.12"></div>
    21632179      <h2 id="rfc.section.9.6"><a href="#rfc.section.9.6">9.6</a>&nbsp;<a id="header.trailer" href="#header.trailer">Trailer</a></h2>
     
    21792195         <li>Trailer</li>
    21802196      </ul>
    2181       <div id="rfc.iref.t.5"></div>
     2197      <div id="rfc.iref.t.7"></div>
    21822198      <div id="rfc.iref.h.13"></div>
    21832199      <h2 id="rfc.section.9.7"><a href="#rfc.section.9.7">9.7</a>&nbsp;<a id="header.transfer-encoding" href="#header.transfer-encoding">Transfer-Encoding</a></h2>
     
    27232739      <h2 id="rfc.references.2"><a href="#rfc.section.13.2" id="rfc.section.13.2">13.2</a> Informative References
    27242740      </h2>
    2725       <table>                                             
     2741      <table>                                                 
    27262742         <tr>
    27272743            <td class="reference"><b id="BCP97">[BCP97]</b></td>
     
    27532769            <td class="reference"><b id="RFC1900">[RFC1900]</b></td>
    27542770            <td class="top"><a href="mailto:brian@dxcoms.cern.ch" title="CERN, Computing and Networks Division">Carpenter, B.</a> and <a href="mailto:yakov@cisco.com" title="cisco Systems">Y. Rekhter</a>, “<a href="http://tools.ietf.org/html/rfc1900">Renumbering Needs Work</a>”, RFC&nbsp;1900, February&nbsp;1996.
     2771            </td>
     2772         </tr>
     2773         <tr>
     2774            <td class="reference"><b id="RFC1919">[RFC1919]</b></td>
     2775            <td class="top"><a href="mailto:mchatel@pax.eunet.ch">Chatel, M.</a>, “<a href="http://tools.ietf.org/html/rfc1919">Classical versus Transparent IP Proxies</a>”, RFC&nbsp;1919, March&nbsp;1996.
    27552776            </td>
    27562777         </tr>
     
    28032824            <td class="reference"><b id="RFC2965">[RFC2965]</b></td>
    28042825            <td class="top"><a href="mailto:dmk@bell-labs.com" title="Bell Laboratories, Lucent Technologies">Kristol, D.</a> and <a href="mailto:lou@montulli.org" title="Epinions.com, Inc.">L. Montulli</a>, “<a href="http://tools.ietf.org/html/rfc2965">HTTP State Management Mechanism</a>”, RFC&nbsp;2965, October&nbsp;2000.
     2826            </td>
     2827         </tr>
     2828         <tr>
     2829            <td class="reference"><b id="RFC3040">[RFC3040]</b></td>
     2830            <td class="top">Cooper, I., Melve, I., and G. Tomlinson, “<a href="http://tools.ietf.org/html/rfc3040">Internet Web Replication and Caching Taxonomy</a>”, RFC&nbsp;3040, January&nbsp;2001.
    28052831            </td>
    28062832         </tr>
     
    36813707            <li><a id="rfc.index.I" href="#rfc.index.I"><b>I</b></a><ul>
    36823708                  <li>inbound&nbsp;&nbsp;<a href="#rfc.iref.i.2"><b>2.2</b></a></li>
     3709                  <li>interception proxy&nbsp;&nbsp;<a href="#rfc.iref.i.3"><b>2.2</b></a></li>
    36833710                  <li>intermediary&nbsp;&nbsp;<a href="#rfc.iref.i.1"><b>2.2</b></a></li>
    36843711                  <li><em>ISO-8859-1</em>&nbsp;&nbsp;<a href="#rfc.xref.ISO-8859-1.1">3.2</a>, <a href="#ISO-8859-1"><b>13.1</b></a></li>
     
    37023729            <li><a id="rfc.index.N" href="#rfc.index.N"><b>N</b></a><ul>
    37033730                  <li><em>Nie1997</em>&nbsp;&nbsp;<a href="#rfc.xref.Nie1997.1">7.1.1</a>, <a href="#Nie1997"><b>13.2</b></a></li>
     3731                  <li>non-transforming proxy&nbsp;&nbsp;<a href="#rfc.iref.n.1"><b>2.2</b></a></li>
    37043732               </ul>
    37053733            </li>
     
    37533781                  </li>
    37543782                  <li><em>RFC1900</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC1900.1">11.4</a>, <a href="#RFC1900"><b>13.2</b></a></li>
     3783                  <li><em>RFC1919</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC1919.1">2.2</a>, <a href="#RFC1919"><b>13.2</b></a></li>
    37553784                  <li><em>RFC1945</em>&nbsp;&nbsp;<a href="#RFC1945"><b>13.2</b></a>, <a href="#rfc.xref.RFC1945.1">B</a></li>
    37563785                  <li><em>RFC1950</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC1950.1">6.2.2.2</a>, <a href="#rfc.xref.RFC1950.2">10.4</a>, <a href="#RFC1950"><b>13.1</b></a></li>
     
    37763805                  <li><em>RFC2818</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC2818.1">2.6.2</a>, <a href="#RFC2818"><b>13.2</b></a></li>
    37773806                  <li><em>RFC2965</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC2965.1">3.2</a>, <a href="#RFC2965"><b>13.2</b></a></li>
     3807                  <li><em>RFC3040</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC3040.1">2.2</a>, <a href="#RFC3040"><b>13.2</b></a></li>
    37783808                  <li><em>RFC3864</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC3864.1">10.1</a>, <a href="#RFC3864"><b>13.2</b></a></li>
    37793809                  <li><em>RFC3986</em>&nbsp;&nbsp;<a href="#rfc.xref.RFC3986.1">1</a>, <a href="#rfc.xref.RFC3986.2">2.6</a>, <a href="#rfc.xref.RFC3986.3">2.6</a>, <a href="#rfc.xref.RFC3986.4">2.6</a>, <a href="#rfc.xref.RFC3986.5">2.6</a>, <a href="#rfc.xref.RFC3986.6">2.6</a>, <a href="#rfc.xref.RFC3986.7">2.6</a>, <a href="#rfc.xref.RFC3986.8">2.6</a>, <a href="#rfc.xref.RFC3986.9">2.6</a>, <a href="#rfc.xref.RFC3986.10">2.6</a>, <a href="#rfc.xref.RFC3986.11">2.6</a>, <a href="#rfc.xref.RFC3986.12">2.6</a>, <a href="#rfc.xref.RFC3986.13">2.6</a>, <a href="#rfc.xref.RFC3986.14">2.6.1</a>, <a href="#rfc.xref.RFC3986.15">2.6.1</a>, <a href="#rfc.xref.RFC3986.16">2.6.3</a>, <a href="#rfc.xref.RFC3986.17">2.6.3</a>, <a href="#rfc.xref.RFC3986.18">4.1.2</a>, <a href="#rfc.xref.RFC3986.19">4.1.2</a>, <a href="#rfc.xref.RFC3986.20">4.3</a>, <a href="#RFC3986"><b>13.1</b></a><ul>
     
    38173847            </li>
    38183848            <li><a id="rfc.index.T" href="#rfc.index.T"><b>T</b></a><ul>
    3819                   <li>target resource&nbsp;&nbsp;<a href="#rfc.iref.t.2"><b>4.3</b></a></li>
    3820                   <li>TE header&nbsp;&nbsp;<a href="#rfc.xref.header.te.1">6.2</a>, <a href="#rfc.xref.header.te.2">6.2.1</a>, <a href="#rfc.xref.header.te.3">6.4</a>, <a href="#rfc.iref.t.3"><b>9.5</b></a>, <a href="#rfc.xref.header.te.4">10.1</a></li>
     3849                  <li>target resource&nbsp;&nbsp;<a href="#rfc.iref.t.4"><b>4.3</b></a></li>
     3850                  <li>TE header&nbsp;&nbsp;<a href="#rfc.xref.header.te.1">6.2</a>, <a href="#rfc.xref.header.te.2">6.2.1</a>, <a href="#rfc.xref.header.te.3">6.4</a>, <a href="#rfc.iref.t.5"><b>9.5</b></a>, <a href="#rfc.xref.header.te.4">10.1</a></li>
    38213851                  <li><em>Tou1998</em>&nbsp;&nbsp;<a href="#rfc.xref.Tou1998.1">7.1.1</a>, <a href="#Tou1998"><b>13.2</b></a></li>
    3822                   <li>Trailer header&nbsp;&nbsp;<a href="#rfc.xref.header.trailer.1">3.4</a>, <a href="#rfc.xref.header.trailer.2">6.2.1</a>, <a href="#rfc.iref.t.4"><b>9.6</b></a>, <a href="#rfc.xref.header.trailer.3">10.1</a></li>
    3823                   <li>Transfer-Encoding header&nbsp;&nbsp;<a href="#rfc.xref.header.transfer-encoding.1">3.3</a>, <a href="#rfc.xref.header.transfer-encoding.2">3.3</a>, <a href="#rfc.xref.header.transfer-encoding.3">3.4</a>, <a href="#rfc.xref.header.transfer-encoding.4">6.2</a>, <a href="#rfc.iref.t.5"><b>9.7</b></a>, <a href="#rfc.xref.header.transfer-encoding.5">10.1</a></li>
    3824                   <li>tunnel&nbsp;&nbsp;<a href="#rfc.iref.t.1"><b>2.2</b></a></li>
     3852                  <li>Trailer header&nbsp;&nbsp;<a href="#rfc.xref.header.trailer.1">3.4</a>, <a href="#rfc.xref.header.trailer.2">6.2.1</a>, <a href="#rfc.iref.t.6"><b>9.6</b></a>, <a href="#rfc.xref.header.trailer.3">10.1</a></li>
     3853                  <li>Transfer-Encoding header&nbsp;&nbsp;<a href="#rfc.xref.header.transfer-encoding.1">3.3</a>, <a href="#rfc.xref.header.transfer-encoding.2">3.3</a>, <a href="#rfc.xref.header.transfer-encoding.3">3.4</a>, <a href="#rfc.xref.header.transfer-encoding.4">6.2</a>, <a href="#rfc.iref.t.7"><b>9.7</b></a>, <a href="#rfc.xref.header.transfer-encoding.5">10.1</a></li>
     3854                  <li>transforming proxy&nbsp;&nbsp;<a href="#rfc.iref.t.1"><b>2.2</b></a></li>
     3855                  <li>transparent proxy&nbsp;&nbsp;<a href="#rfc.iref.t.3"><b>2.2</b></a></li>
     3856                  <li>tunnel&nbsp;&nbsp;<a href="#rfc.iref.t.2"><b>2.2</b></a></li>
    38253857               </ul>
    38263858            </li>
Note: See TracChangeset for help on using the changeset viewer.