Changeset 1875 for draft-ietf-httpbis/latest/p1-messaging.xml
- Timestamp:
- 10/09/12 02:46:17 (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p1-messaging.xml
r1874 r1875 478 478 are minimal, such as for proxy requests for "http" URIs, whereas 479 479 other requests might require translation to and from entirely different 480 application-l ayerprotocols. Proxies are often used to group an480 application-level protocols. Proxies are often used to group an 481 481 organization's HTTP requests through a common intermediary for the 482 482 sake of security, annotation services, or shared caching. … … 533 533 both ends of the relayed connection are closed. Tunnels are used to 534 534 extend a virtual connection through an intermediary, such as when 535 transport-layer security is used to establish confidential communication536 through a shared firewall proxy.535 Transport Layer Security (TLS, <xref target="RFC5246"/>) is used to 536 establish confidential communication through a shared firewall proxy. 537 537 </t> 538 538 <t><iref primary="true" item="interception proxy"/> … … 617 617 on senders, recipients, clients, servers, user agents, intermediaries, 618 618 origin servers, proxies, gateways, or caches, depending on what behavior 619 is being constrained by the requirement. 619 is being constrained by the requirement. Additional (social) requirements 620 are placed on implementations, resource owners, and protocol element 621 registrations when they apply beyond the scope of a single communication. 620 622 </t> 621 623 <t> … … 1049 1051 </artwork></figure> 1050 1052 <t> 1051 Implementations&MUST-NOT; send whitespace between the start-line and1053 A sender &MUST-NOT; send whitespace between the start-line and 1052 1054 the first header field. The presence of such whitespace in a request 1053 1055 might be an attempt to trick a server into ignoring that field or … … 1709 1711 Since there is no way to distinguish a successfully completed, 1710 1712 close-delimited message from a partially-received message interrupted 1711 by network failure, implementations&SHOULD; use encoding or1713 by network failure, a server &SHOULD; use encoding or 1712 1714 length-delimited messages whenever possible. The close-delimiting 1713 1715 feature exists primarily for backwards compatibility with HTTP/1.0. … … 3097 3099 Upgrade cannot be used to insist on a protocol change; its acceptance and 3098 3100 use by the server is optional. The capabilities and nature of the 3099 application-l ayercommunication after the protocol change is entirely3101 application-level communication after the protocol change is entirely 3100 3102 dependent upon the new protocol chosen, although the first action 3101 3103 after changing the protocol &MUST; be a response to the initial HTTP … … 3122 3124 </t> 3123 3125 <t> 3124 The Upgrade header field only applies to switching application-l ayer3125 protocols on the existing transport-layerconnection; it cannot be used3126 The Upgrade header field only applies to switching application-level 3127 protocols on the existing connection; it cannot be used 3126 3128 to switch to a protocol on a different connection. For that purpose, it is 3127 3129 more appropriate to use a <x:ref>3xx (Redirection)</x:ref> response … … 3582 3584 <section title="Attacks Based On File and Path Names" anchor="attack.pathname"> 3583 3585 <t> 3584 Implementations of HTTP origin servers &SHOULD; be careful to restrict3586 Origin servers &SHOULD; be careful to restrict 3585 3587 the documents returned by HTTP requests to be only those that were 3586 3588 intended by the server administrators. If an HTTP server translates … … 3596 3598 files, configuration files, and script code) &MUST; be protected from 3597 3599 inappropriate retrieval, since they might contain sensitive 3598 information. Experience has shown that minor bugs in such HTTP server 3599 implementations have turned into security risks. 3600 information. 3600 3601 </t> 3601 3602 </section> … … 3661 3662 </t> 3662 3663 <t> 3663 Other fields (including but not limited to request methods, response status 3664 phrases, header field-names, and body chunks) &SHOULD; be limited by 3665 implementations carefully, so as to not impede interoperability. 3664 Recipients &SHOULD; carefully limit the extent to which they read other 3665 fields, including (but not limited to) request methods, response status 3666 phrases, header field-names, and body chunks, so as to avoid denial of 3667 service attacks without impeding interoperability. 3666 3668 </t> 3667 3669 </section> … … 4557 4559 </reference> 4558 4560 4561 <reference anchor='RFC5246'> 4562 <front> 4563 <title>The Transport Layer Security (TLS) Protocol Version 1.2</title> 4564 <author initials='T.' surname='Dierks' fullname='T. Dierks'> 4565 <organization /> 4566 </author> 4567 <author initials='E.' surname='Rescorla' fullname='E. Rescorla'> 4568 <organization>RTFM, Inc.</organization> 4569 </author> 4570 <date year='2008' month='August' /> 4571 </front> 4572 <seriesInfo name='RFC' value='5246' /> 4573 </reference> 4574 4559 4575 <reference anchor="RFC5322"> 4560 4576 <front>
Note: See TracChangeset
for help on using the changeset viewer.