Changeset 1536 for draft-ietf-httpbis/latest/p2-semantics.xml
- Timestamp:
- 16/02/12 22:26:09 (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p2-semantics.xml
r1534 r1536 2586 2586 <x:anchor-alias value="Location"/> 2587 2587 <t> 2588 The "Location" header field is used to identify a newly created 2589 resource, or to redirect the recipient to a different location for 2590 completion of the request. 2591 </t> 2588 The "Location" header field &MAY; be sent in responses to refer to 2589 a specific resource in accordance with the semantics of the status 2590 code. 2591 </t> 2592 <figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Location"/> 2593 <x:ref>Location</x:ref> = <x:ref>URI-reference</x:ref> 2594 </artwork></figure> 2592 2595 <t> 2593 2596 For 201 (Created) responses, the Location is the URI of the new resource … … 2600 2603 of a relative reference (<xref target="RFC3986" x:fmt="," x:sec="4.2"/>), 2601 2604 the final value is computed by resolving it against the effective request 2602 URI (<xref target="RFC3986" x:fmt="," x:sec="5"/>). 2603 </t> 2604 <figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="Location"/> 2605 <x:ref>Location</x:ref> = <x:ref>URI-reference</x:ref>2606 </ artwork></figure>2605 URI (<xref target="RFC3986" x:fmt="," x:sec="5"/>). If the original URI, as 2606 navigated to by the user agent, did contain a fragment identifier, and the 2607 final value does not, then the original URI's fragment identifier is added 2608 to the final value. 2609 </t> 2607 2610 <figure> 2608 <preamble> Examples are:</preamble><!--DO NOT DARE changing the vertical spacing below, it's necessary this way for xml2rfc-->2611 <preamble>For example, the original URI "http://www.example.org/~tim", combined with a field value given as:</preamble><!--DO NOT DARE changing the vertical spacing below, it's necessary this way for xml2rfc--> 2609 2612 <artwork type="example"> 2610 Location: http://www.example.org/pub/WWW/People.html#tim 2611 </artwork></figure><figure><artwork type="example"> Location: /index.html 2612 </artwork></figure> 2613 Location: /pub/WWW/People.html#tim 2614 </artwork> 2615 <postamble>would result in a final value of "http://www.example.org/pub/WWW/People.html#tim"</postamble> 2616 </figure> 2617 <figure> 2618 <preamble>An original URI "http://www.example.org/index.html#larry", combined with a field value given as:</preamble><!--DO NOT DARE changing the vertical spacing below, it's necessary this way for xml2rfc--> 2619 <artwork type="example"> 2620 Location: http://www.example.net/index.html 2621 </artwork> 2622 <postamble>would result in a final value of "http://www.example.net/index.html#larry", preserving the original fragment identifier.</postamble> 2623 </figure> 2613 2624 <x:note> 2614 2625 <t> … … 2624 2635 created resource. 2625 2636 </t> 2626 <x:note>2627 <t>2628 <x:h>Note:</x:h> This specification does not define precedence rules2629 for the case where the original URI, as navigated to by the user2630 agent, and the Location header field value both contain fragment2631 identifiers. Thus be aware that including fragment identifiers might2632 inconvenience anyone relying on the semantics of the original URI's2633 fragment identifier.2634 </t>2635 </x:note>2636 2637 <x:note> 2637 2638 <t> … … 3284 3285 </section> 3285 3286 3286 <section title="Location Header s and Spoofing" anchor="location.spoofing">3287 <section title="Location Header Fields: Spoofing and Information Leakage" anchor="location.spoofing-leakage"> 3287 3288 <t> 3288 3289 If a single server supports multiple organizations that do not trust … … 3291 3292 said organizations to make sure that they do not attempt to 3292 3293 invalidate resources over which they have no authority. 3294 </t> 3295 <t> 3296 Furthermore, appending the fragment identifier from one URI to another 3297 one obtained from a Location header field might leak confidential 3298 information to the target server — although the fragment identifier is 3299 not transmitted in the final request, it might be visible to the user agent 3300 through other means, such as scripting. 3293 3301 </t> 3294 3302 </section> … … 4658 4666 </t> 4659 4667 <t> 4668 <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/295"/>: 4669 "Applying original fragment to 'plain' redirected URI" 4670 </t> 4671 <t> 4660 4672 <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/302"/>: 4661 4673 "Misplaced text on connection handling in p2"
Note: See TracChangeset
for help on using the changeset viewer.