Changeset 1741 for draft-ietf-httpbis/latest/p1-messaging.xml

Timestamp:

08/07/12 19:13:21 (9 years ago)

Author:

julian.reschke@…

Message:

Work-in-progress: hyperlink header field definitions (P1)

File:

• draft-ietf-httpbis/latest/p1-messaging.xml (modified) (42 diffs)

draft-ietf-httpbis/latest/p1-messaging.xml

@@ -36 +36 @@
   <!ENTITY header-pragma          "<xref target='Part6' x:rel='#header.pragma' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY header-warning         "<xref target='Part6' x:rel='#header.warning' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
+  <!ENTITY header-proxy-authenticate  "<xref target='Part7' x:rel='#header.proxy-authenticate' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
+  <!ENTITY header-proxy-authorization "<xref target='Part7' x:rel='#header.proxy-authorization' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY idempotent-methods     "<xref target='Part2' x:rel='#idempotent.methods' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
   <!ENTITY methods                "<xref target='Part2' x:rel='#methods' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">
@@ -503 +505 @@
    that wishes to interoperate with third-party HTTP servers &MUST;
    conform to HTTP user agent requirements on the gateway's inbound
-   connection and &MUST; implement the Connection
-   (<xref target="header.connection"/>) and Via (<xref target="header.via"/>)
-   header fields for both connections.
+   connection and &MUST; implement the <x:ref>Connection</x:ref>
+   (<xref target="header.connection"/>) and <x:ref>Via</x:ref>
+   (<xref target="header.via"/>) header fields for both connections.
 </t>
 <t><iref primary="true" item="tunnel"/>
@@ -662 +664 @@
    behavior of a recipient in the absence of such a field can change.
    Unless specified otherwise, header fields defined in HTTP/1.1 are
-   defined for all versions of HTTP/1.x.  In particular, the Host and
-   Connection header fields ought to be implemented by all HTTP/1.x
-   implementations whether or not they advertise conformance with HTTP/1.1.
+   defined for all versions of HTTP/1.x.  In particular, the <x:ref>Host</x:ref>
+   and <x:ref>Connection</x:ref> header fields ought to be implemented by all
+   HTTP/1.x implementations whether or not they advertise conformance with
+   HTTP/1.1.
 </t>
 <t>
@@ -674 +677 @@
    the message's HTTP version.  An unrecognized header field received
    by a proxy &MUST; be forwarded downstream unless the header field's
-   field-name is listed in the message's Connection header field
+   field-name is listed in the message's <x:ref>Connection</x:ref> header field
    (see <xref target="header.connection"/>).
    These requirements allow HTTP's functionality to be enhanced without
@@ -1162 +1165 @@
    to the procedures in &cons-new-header-fields;.
    Unrecognized header fields &MUST; be forwarded by a proxy unless the
-   field-name is listed in the Connection header field
+   field-name is listed in the <x:ref>Connection</x:ref> header field
    (<xref target="header.connection"/>) or the proxy is specifically
    configured to block or otherwise transform such fields.
@@ -1474 +1477 @@
 <t>
    The presence of a message body in a request is signaled by a
-   a Content-Length or Transfer-Encoding header field.
-   Request message framing is independent of method semantics,
+   a <x:ref>Content-Length</x:ref> or <x:ref>Transfer-Encoding</x:ref> header
+   field. Request message framing is independent of method semantics,
    even if the method does not define any use for a message body.
 </t>
@@ -1483 +1486 @@
    status code (<xref target="status-code"/>).
    Responses to the HEAD request method never include a message body
-   because the associated response header fields (e.g., Transfer-Encoding,
-   Content-Length, etc.) only indicate what their values would have been
-   if the request method had been GET.
-   <x:ref>2xx (Successful)</x:ref> responses to CONNECT switch to tunnel mode instead of
-   having a message body.
+   because the associated response header fields (e.g.,
+   <x:ref>Transfer-Encoding</x:ref>, <x:ref>Content-Length</x:ref>, etc.) only
+   indicate what their values would have been if the request method had been
+   GET. <x:ref>2xx (Successful)</x:ref> responses to CONNECT switch to tunnel
+   mode instead of having a message body.
    All <x:ref>1xx (Informational)</x:ref>, <x:ref>204 (No Content)</x:ref>, and
    <x:ref>304 (Not Modified)</x:ref> responses &MUST-NOT; include a message body.
@@ -1587 +1590 @@
   <x:anchor-alias value="Content-Length"/>
 <t>
-   When a message does not have a Transfer-Encoding header field and the
-   payload body length can be determined prior to being transferred, a
+   When a message does not have a <x:ref>Transfer-Encoding</x:ref> header field
+   and the payload body length can be determined prior to being transferred, a
    Content-Length header field &SHOULD; be sent to indicate the length of the
    payload body that is either present as the message body, for requests
@@ -1657 +1660 @@
      Any <x:ref>2xx (Successful)</x:ref> response to a CONNECT request implies that the
      connection will become a tunnel immediately after the empty line that
-     concludes the header fields.  A client &MUST; ignore any Content-Length
-     or Transfer-Encoding header fields received in such a message.
+     concludes the header fields.  A client &MUST; ignore any
+     <x:ref>Content-Length</x:ref> or <x:ref>Transfer-Encoding</x:ref> header
+     fields received in such a message.
     </t></x:lt>
     <x:lt><t>
-     If a Transfer-Encoding header field is present
+     If a <x:ref>Transfer-Encoding</x:ref> header field is present
      and the "chunked" transfer-coding (<xref target="chunked.encoding"/>)
      is the final encoding, the message body length is determined by reading
@@ -1668 +1672 @@
     </t>
     <t>
-     If a Transfer-Encoding header field is present in a response and the
-     "chunked" transfer-coding is not the final encoding, the message body
-     length is determined by reading the connection until it is closed by
-     the server.
+     If a <x:ref>Transfer-Encoding</x:ref> header field is present in a
+     response and the "chunked" transfer-coding is not the final encoding, the
+     message body length is determined by reading the connection until it is
+     closed by the server.
      If a Transfer-Encoding header field is present in a request and the
      "chunked" transfer-coding is not the final encoding, the message body
@@ -1678 +1682 @@
     </t>
     <t>
-     If a message is received with both a Transfer-Encoding header field
-     and a Content-Length header field, the Transfer-Encoding overrides
-     the Content-Length.
+     If a message is received with both a <x:ref>Transfer-Encoding</x:ref>
+     and a <x:ref>Content-Length</x:ref> header field, the
+     Transfer-Encoding overrides the Content-Length.
      Such a message might indicate an attempt to perform request or response
      smuggling (bypass of security-related checks on message routing or content)
@@ -1688 +1692 @@
     </t></x:lt>
     <x:lt><t>
-     If a message is received without Transfer-Encoding and with either
-     multiple Content-Length header fields having differing field-values or
-     a single Content-Length header field having an invalid value, then the
-     message framing is invalid and &MUST; be treated as an error to
-     prevent request or response smuggling.
+     If a message is received without <x:ref>Transfer-Encoding</x:ref> and with
+     either multiple <x:ref>Content-Length</x:ref> header fields having
+     differing field-values or a single Content-Length header field having an
+     invalid value, then the message framing is invalid and &MUST; be treated
+     as an error to prevent request or response smuggling.
      If this is a request message, the server &MUST; respond with
      a <x:ref>400 (Bad Request)</x:ref> status code and then close the connection.
@@ -1702 +1706 @@
     </t></x:lt>
     <x:lt><t>
-     If a valid Content-Length header field 
-     is present without Transfer-Encoding, its decimal value defines the
+     If a valid <x:ref>Content-Length</x:ref> header field is present without
+     <x:ref>Transfer-Encoding</x:ref>, its decimal value defines the
      message body length in octets.  If the actual number of octets sent in
      the message is less than the indicated Content-Length, the recipient
@@ -1736 +1740 @@
 <t>
    A server &MAY; reject a request that contains a message body but
-   not a Content-Length by responding with <x:ref>411 (Length Required)</x:ref>.
+   not a <x:ref>Content-Length</x:ref> by responding with
+   <x:ref>411 (Length Required)</x:ref>.
 </t>
 <t>
    Unless a transfer-coding other than "chunked" has been applied,
    a client that sends a request containing a message body &SHOULD;
-   use a valid Content-Length header field if the message body length
-   is known in advance, rather than the "chunked" encoding, since some
+   use a valid <x:ref>Content-Length</x:ref> header field if the message body
+   length is known in advance, rather than the "chunked" encoding, since some
    existing services respond to "chunked" with a <x:ref>411 (Length Required)</x:ref>
    status code even though they understand the chunked encoding.  This
@@ -1751 +1756 @@
 <t>
    A client that sends a request containing a message body &MUST; include a
-   valid Content-Length header field if it does not know the server will
-   handle HTTP/1.1 (or later) requests; such knowledge can be in the form
-   of specific user configuration or by remembering the version of a prior
-   received response.
+   valid <x:ref>Content-Length</x:ref> header field if it does not know the
+   server will handle HTTP/1.1 (or later) requests; such knowledge can be in
+   the form of specific user configuration or by remembering the version of a
+   prior received response.
 </t>
 </section>
@@ -1777 +1782 @@
    A message body that uses the chunked transfer encoding is
    incomplete if the zero-sized chunk that terminates the encoding has not
-   been received.  A message that uses a valid Content-Length is incomplete
-   if the size of the message body received (in octets) is less than the
-   value given by Content-Length.  A response that has neither chunked
+   been received.  A message that uses a valid <x:ref>Content-Length</x:ref> is
+   incomplete if the size of the message body received (in octets) is less than
+   the value given by Content-Length.  A response that has neither chunked
    transfer encoding nor Content-Length is terminated by closure of the
    connection, and thus is considered complete regardless of the number of
@@ -1866 +1871 @@
    The HTTP Transfer Coding registry is defined in
    <xref target="transfer.coding.registry"/>.
-   HTTP/1.1 uses transfer-coding values in the TE header field
-   (<xref target="header.te"/>) and in the Transfer-Encoding header field
-   (<xref target="header.transfer-encoding"/>).
+   HTTP/1.1 uses transfer-coding values in the <x:ref>TE</x:ref> header field
+   (<xref target="header.te"/>) and in the <x:ref>Transfer-Encoding</x:ref>
+   header field (<xref target="header.transfer-encoding"/>).
 </t>
 
@@ -1921 +1926 @@
 <t>
    The trailer allows the sender to include additional HTTP header
-   fields at the end of the message. The Trailer header field can be
-   used to indicate which header fields are included in a trailer (see
+   fields at the end of the message. The <x:ref>Trailer</x:ref> header field
+   can be used to indicate which header fields are included in a trailer (see
    <xref target="header.trailer"/>).
 </t>
@@ -1930 +1935 @@
    true:
   <list style="numbers">
-    <t>the request included a TE header field that indicates "trailers" is
-     acceptable in the transfer-coding of the  response, as described in
-     <xref target="header.te"/>; or,</t>
+    <t>the request included a <x:ref>TE</x:ref> header field that indicates
+    "trailers" is acceptable in the transfer-coding of the response, as
+    described in <xref target="header.te"/>; or,</t>
      
     <t>the trailer fields consist entirely of optional metadata, and the
@@ -2076 +2081 @@
 <t>
    The TE header field only applies to the immediate connection.
-   Therefore, the keyword &MUST; be supplied within a Connection header
-   field (<xref target="header.connection"/>) whenever TE is present in an HTTP/1.1 message.
+   Therefore, the keyword &MUST; be supplied within a <x:ref>Connection</x:ref>
+   header field (<xref target="header.connection"/>) whenever TE is present in
+   an HTTP/1.1 message.
 </t>
 <t>
@@ -2120 +2126 @@
   <x:anchor-alias value="qvalue"/>
 <t>
-   Both transfer codings (TE request header field, <xref target="header.te"/>)
-   and content negotiation (&content.negotiation;) use short "floating point"
-   numbers to indicate the relative importance ("weight") of various
-   negotiable parameters.  A weight is normalized to a real number in
-   the range 0 through 1, where 0 is the minimum and 1 the maximum
-   value. If a parameter has a quality value of 0, then content with
+   Both transfer codings (<x:ref>TE</x:ref> request header field,
+   <xref target="header.te"/>) and content negotiation (&content.negotiation;)
+   use short "floating point" numbers to indicate the relative importance
+   ("weight") of various negotiable parameters.  A weight is normalized to a
+   real number in the range 0 through 1, where 0 is the minimum and 1 the
+   maximum value. If a parameter has a quality value of 0, then content with
    this parameter is "not acceptable" for the client. HTTP/1.1
    applications &MUST-NOT; generate more than three digits after the
@@ -2171 +2177 @@
    include the following header fields:
   <list style="symbols">
-    <t>Transfer-Encoding</t>
-    <t>Content-Length</t>
-    <t>Trailer</t>
+    <t><x:ref>Transfer-Encoding</x:ref></t>
+    <t><x:ref>Content-Length</x:ref></t>
+    <t><x:ref>Trailer</x:ref></t>
   </list>
 </t>
@@ -2273 +2279 @@
    If the target URI's path component is empty, then the client &MUST; send
    "/" as the path within the origin-form of request-target.
-   A Host header field is also sent, as defined in
+   A <x:ref>Host</x:ref> header field is also sent, as defined in
    <xref target="header.host"/>, containing the target URI's
    authority component (excluding any userinfo).
@@ -2428 +2434 @@
    A server that receives an HTTP request message &MUST; reconstruct
    the user agent's original target URI, based on the pieces of information
-   learned from the request-target, Host, and connection context, in order
-   to identify the intended target resource and properly service the request.
-   The URI derived from this reconstruction process is referred to as the
-   "effective request URI".
+   learned from the request-target, <x:ref>Host</x:ref> header field, and
+   connection context, in order to identify the intended target resource and
+   properly service the request. The URI derived from this reconstruction
+   process is referred to as the "effective request URI".
 </t>
 <t>
@@ -2449 +2455 @@
    If the request-target is in authority-form, then the effective
    request URI's authority component is the same as the request-target.
-   Otherwise, if a Host header field is supplied with a non-empty field-value,
-   then the authority component is the same as the Host field-value.
-   Otherwise, the authority component is the concatenation of the default
-   host name configured for the server, a colon (":"), and the connection's
-   incoming TCP port number in decimal form.
+   Otherwise, if a <x:ref>Host</x:ref> header field is supplied with a
+   non-empty field-value, then the authority component is the same as the
+   Host field-value. Otherwise, the authority component is the concatenation of
+   the default host name configured for the server, a colon (":"), and the
+   connection's incoming TCP port number in decimal form.
 </t>
 <t>
@@ -2503 +2509 @@
 <t>
    An origin server that does not allow resources to differ by requested
-   host &MAY; ignore the Host field-value and instead replace it with a
-   configured server name when constructing the effective request URI.
-</t>
-<t>
-   Recipients of an HTTP/1.0 request that lacks a Host header field &MAY;
-   attempt to use heuristics (e.g., examination of the URI path for
+   host &MAY; ignore the <x:ref>Host</x:ref> field-value and instead replace it
+   with a configured server name when constructing the effective request URI.
+</t>
+<t>
+   Recipients of an HTTP/1.0 request that lacks a <x:ref>Host</x:ref> header
+   field &MAY; attempt to use heuristics (e.g., examination of the URI path for
    something unique to a particular host) in order to guess the
    effective request URI's authority component.
@@ -2542 +2548 @@
 <t>
    Intermediaries that forward a message &MUST; implement the
-   Connection header field as specified in <xref target="header.connection"/>.
+   <x:ref>Connection</x:ref> header field as specified in
+   <xref target="header.connection"/>.
 </t>
 
@@ -2569 +2576 @@
    The following HTTP/1.1 header fields are hop-by-hop header fields:
   <list style="symbols">
-      <t>Connection</t>
-      <t>Keep-Alive</t>
-      <t>Proxy-Authenticate</t>
-      <t>Proxy-Authorization</t>
-      <t>TE</t>
-      <t>Trailer</t>
-      <t>Transfer-Encoding</t>
-      <t>Upgrade</t>
+      <t><x:ref>Connection</x:ref></t>
+      <t>Keep-Alive (<xref target="RFC2068" x:fmt="of" x:sec="19.7.1.1"/>)</t>
+      <t><x:ref>Proxy-Authenticate</x:ref> (&header-proxy-authenticate;)</t>
+      <t><x:ref>Proxy-Authorization</x:ref> (&header-proxy-authorization;)</t>
+      <t><x:ref>TE</x:ref></t>
+      <t><x:ref>Trailer</x:ref></t>
+      <t><x:ref>Transfer-Encoding</x:ref></t>
+      <t><x:ref>Upgrade</x:ref></t>
   </list>
 </t>
@@ -2583 +2590 @@
 </t>
 <t>
-   Other hop-by-hop header fields &MUST; be listed in a Connection header field
-   (<xref target="header.connection"/>).
+   Other hop-by-hop header fields &MUST; be listed in a
+   <x:ref>Connection</x:ref> header field (<xref target="header.connection"/>).
 </t>
 </section>
@@ -2930 +2937 @@
    Persistent connections provide a mechanism by which a client and a
    server can signal the close of a TCP connection. This signaling takes
-   place using the Connection header field (<xref target="header.connection"/>). Once a close
-   has been signaled, the client &MUST-NOT; send any more requests on that
+   place using the <x:ref>Connection</x:ref> header field
+   (<xref target="header.connection"/>). Once a close has been signaled, the
+   client &MUST-NOT; send any more requests on that
    connection.
 </t>
@@ -2938 +2946 @@
 <t>
    An HTTP/1.1 server &MAY; assume that a HTTP/1.1 client intends to
-   maintain a persistent connection unless a Connection header field including
-   the connection option "close" was sent in the request. If the server
-   chooses to close the connection immediately after sending the
+   maintain a persistent connection unless a <x:ref>Connection</x:ref> header
+   field including the connection option "close" was sent in the request. If
+   the server chooses to close the connection immediately after sending the
    response, it &SHOULD; send a Connection header field including the
    connection option "close".
@@ -2947 +2955 @@
    An HTTP/1.1 client &MAY; expect a connection to remain open, but would
    decide to keep it open based on whether the response from a server
-   contains a Connection header field with the connection option "close". In case
-   the client does not want to maintain a connection for more than that
-   request, it &SHOULD; send a Connection header field including the
+   contains a <x:ref>Connection</x:ref> header field with the connection option
+   "close". In case the client does not want to maintain a connection for more
+   than that request, it &SHOULD; send a Connection header field including the
    connection option "close".
 </t>
 <t>
    If either the client or the server sends the "close" option in the
-   Connection header field, that request becomes the last one for the
-   connection.
+   <x:ref>Connection</x:ref> header field, that request becomes the last one
+   for the connection.
 </t>
 <t>
@@ -3273 +3281 @@
 <t>
    The Upgrade header field only applies to the immediate connection.
-   Therefore, the upgrade keyword &MUST; be supplied within a Connection
-   header field (<xref target="header.connection"/>) whenever Upgrade is present in an
-   HTTP/1.1 message.
+   Therefore, the upgrade keyword &MUST; be supplied within a
+   <x:ref>Connection</x:ref> header field (<xref target="header.connection"/>)
+   whenever Upgrade is present in an HTTP/1.1 message.
 </t>
 <t>
@@ -3376 +3384 @@
    Furthermore, the header field-name "Close" shall be registered as
    "reserved", since using that name as an HTTP header field might
-   conflict with the "close" connection option of the "Connection"
+   conflict with the "close" connection option of the "<x:ref>Connection</x:ref>"
    header field (<xref target="header.connection"/>).
 </t>
@@ -3639 +3647 @@
 <t>
    The HTTP Upgrade Token Registry defines the name space for protocol-name
-   tokens used to identify protocols in the Upgrade header field.
-   Each registered protocol-name is associated with contact information and
-   an optional set of specifications that details how the connection
+   tokens used to identify protocols in the <x:ref>Upgrade</x:ref> header
+   field. Each registered protocol name is associated with contact information
+   and an optional set of specifications that details how the connection
    will be processed after it has been upgraded.
 </t>
@@ -4222 +4230 @@
 </reference>
 
+<reference anchor="Part7">
+  <front>
+    <title>HTTP/1.1, part 7: Authentication</title>
+    <author initials="R." surname="Fielding" fullname="Roy T. Fielding" role="editor">
+      <organization abbrev="Adobe">Adobe Systems Incorporated</organization>
+      <address><email>fielding@gbiv.com</email></address>
+    </author>
+    <author initials="Y." surname="Lafon" fullname="Yves Lafon" role="editor">
+      <organization abbrev="W3C">World Wide Web Consortium</organization>
+      <address><email>ylafon@w3.org</email></address>
+    </author>
+    <author initials="J. F." surname="Reschke" fullname="Julian F. Reschke" role="editor">
+      <organization abbrev="greenbytes">greenbytes GmbH</organization>
+      <address><email>julian.reschke@greenbytes.de</email></address>
+    </author>
+    <date month="&ID-MONTH;" year="&ID-YEAR;"/>
+  </front>
+  <seriesInfo name="Internet-Draft" value="draft-ietf-httpbis-p7-auth-&ID-VERSION;"/>
+  <x:source href="p7-auth.xml" basename="p7-auth">
+    <x:defines>Proxy-Authenticate</x:defines>
+    <x:defines>Proxy-Authorization</x:defines>
+  </x:source>
+</reference>
+
 <reference anchor="RFC5234">
   <front>
@@ -4833 +4865 @@
    Since HTTP/0.9 did not support header fields in a request,
    there is no mechanism for it to support name-based virtual
-   hosts (selection of resource by inspection of the Host header
+   hosts (selection of resource by inspection of the <x:ref>Host</x:ref> header
    field).  Any server that implements name-based virtual hosts
    ought to disable support for HTTP/0.9.  Most requests that
@@ -4850 +4882 @@
 <section title="Multi-homed Web Servers" anchor="changes.to.simplify.multi-homed.web.servers.and.conserve.ip.addresses">
 <t>
-   The requirements that clients and servers support the Host header
-   field (<xref target="header.host"/>), report an error if it is
+   The requirements that clients and servers support the <x:ref>Host</x:ref>
+   header field (<xref target="header.host"/>), report an error if it is
    missing from an HTTP/1.1 request, and accept absolute URIs (<xref target="request-target"/>)
    are among the most important changes defined by HTTP/1.1.
@@ -4859 +4891 @@
    addresses and servers; there was no other established mechanism for
    distinguishing the intended server of a request than the IP address
-   to which that request was directed. The Host header field was
+   to which that request was directed. The <x:ref>Host</x:ref> header field was
    introduced during the development of HTTP/1.1 and, though it was
    quickly implemented by most HTTP/1.0 browsers, additional requirements
@@ -4881 +4913 @@
    with a "Connection: keep-alive" request header field. However, some
    experimental implementations of HTTP/1.0 persistent connections are faulty;
-   for example, if a HTTP/1.0 proxy server doesn't understand Connection, it
-   will erroneously forward that header to the next inbound server, which
-   would result in a hung connection.
+   for example, if a HTTP/1.0 proxy server doesn't understand
+   <x:ref>Connection</x:ref>, it will erroneously forward that header to the
+   next inbound server, which would result in a hung connection.
 </t>
 <t>
@@ -4942 +4974 @@
 </t>
 <t>
-  Require recipients to handle bogus Content-Length header fields as errors.
+  Require recipients to handle bogus <x:ref>Content-Length</x:ref> header
+  fields as errors.
   (<xref target="message.body"/>)
 </t>
@@ -4980 +5013 @@
 </t>
 <t>
-  Define the semantics of the "Upgrade" header field in responses other than
-  101 (this was incorporated from <xref target="RFC2817"/>).
+  Define the semantics of the <x:ref>Upgrade</x:ref> header field in responses
+  other than 101 (this was incorporated from <xref target="RFC2817"/>).
   (<xref target="header.upgrade"/>)
 </t>