Changeset 1776 for draft-ietf-httpbis/latest/p1-messaging.html
- Timestamp:
- 14/07/12 17:52:23 (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p1-messaging.html
r1773 r1776 1522 1522 </p> 1523 1523 <h2 id="rfc.section.3.4"><a href="#rfc.section.3.4">3.4</a> <a id="incomplete.messages" href="#incomplete.messages">Handling Incomplete Messages</a></h2> 1524 <p id="rfc.section.3.4.p.1">Request messages that are prematurely terminated, possibly due to a cancel led connection or a server-imposed time-out exception, <em class="bcp14">MUST</em> result in closure of the connection; sending an HTTP/1.1 error response prior to closing the connection is <em class="bcp14">OPTIONAL</em>.1524 <p id="rfc.section.3.4.p.1">Request messages that are prematurely terminated, possibly due to a canceled connection or a server-imposed time-out exception, <em class="bcp14">MUST</em> result in closure of the connection; sending an HTTP/1.1 error response prior to closing the connection is <em class="bcp14">OPTIONAL</em>. 1525 1525 </p> 1526 1526 <p id="rfc.section.3.4.p.2">Response messages that are prematurely terminated, usually by closure of the connection prior to receiving the expected number … … 2632 2632 <p id="rfc.section.8.1.p.1">HTTP clients are often privy to large amounts of personal information (e.g., the user's name, location, mail address, passwords, 2633 2633 encryption keys, etc.), and <em class="bcp14">SHOULD</em> be very careful to prevent unintentional leakage of this information. We very strongly recommend that a convenient interface 2634 be provided for the user to control dissemination of such information, and that designers and implement ors be particularly2634 be provided for the user to control dissemination of such information, and that designers and implementers be particularly 2635 2635 careful in this area. History shows that errors in this area often create serious security and/or privacy problems and generate 2636 highly adverse publicity for the implement or's company.2636 highly adverse publicity for the implementer's company. 2637 2637 </p> 2638 2638 <h2 id="rfc.section.8.2"><a href="#rfc.section.8.2">8.2</a> <a id="abuse.of.server.log.information" href="#abuse.of.server.log.information">Abuse of Server Log Information</a></h2> … … 2673 2673 </p> 2674 2674 <p id="rfc.section.8.5.p.2">Intermediaries that contain a shared cache are especially vulnerable to cache poisoning attacks.</p> 2675 <p id="rfc.section.8.5.p.3">Implement ors need to consider the privacy and security implications of their design and coding decisions, and of the configuration2675 <p id="rfc.section.8.5.p.3">Implementers need to consider the privacy and security implications of their design and coding decisions, and of the configuration 2676 2676 options they provide to operators (especially the default configuration). 2677 2677 </p> … … 2992 2992 </p> 2993 2993 <h2 id="rfc.section.A.2"><a href="#rfc.section.A.2">A.2</a> <a id="changes.from.rfc.2616" href="#changes.from.rfc.2616">Changes from RFC 2616</a></h2> 2994 <p id="rfc.section.A.2.p.1">Clarify that the string "HTTP" in the HTTP-version AB FNproduction is case sensitive. Restrict the version numbers to be single2994 <p id="rfc.section.A.2.p.1">Clarify that the string "HTTP" in the HTTP-version ABNF production is case sensitive. Restrict the version numbers to be single 2995 2995 digits due to the fact that implementations are known to handle multi-digit version numbers incorrectly. (<a href="#http.version" title="Protocol Versioning">Section 2.7</a>) 2996 2996 </p> … … 3021 3021 Remove requirements about when servers are allowed to close connections prematurely. (<a href="#persistent.practical" title="Practical Considerations">Section 6.3.3</a>) 3022 3022 </p> 3023 <p id="rfc.section.A.2.p.12">Remove requirement to retry requests under certain cir umstances when the server prematurely closes the connection. (<a href="#message.transmission.requirements" title="Message Transmission Requirements">Section 6.4</a>)3023 <p id="rfc.section.A.2.p.12">Remove requirement to retry requests under certain circumstances when the server prematurely closes the connection. (<a href="#message.transmission.requirements" title="Message Transmission Requirements">Section 6.4</a>) 3024 3024 </p> 3025 3025 <p id="rfc.section.A.2.p.13">Change ABNF productions for header fields to only define the field value.</p>
Note: See TracChangeset
for help on using the changeset viewer.