Changeset 2051 for draft-ietf-httpbis/latest/p2-semantics.html
- Timestamp:
- 15/12/12 21:54:13 (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p2-semantics.html
r2050 r2051 449 449 } 450 450 @bottom-center { 451 content: "Expires June 1 6, 2013";451 content: "Expires June 18, 2013"; 452 452 } 453 453 @bottom-right { … … 474 474 <link rel="Chapter" title="2 Resources" href="#rfc.section.2"> 475 475 <link rel="Chapter" title="3 Representations" href="#rfc.section.3"> 476 <link rel="Chapter" title="4 Product Tokens" href="#rfc.section.4"> 477 <link rel="Chapter" title="5 Request Methods" href="#rfc.section.5"> 478 <link rel="Chapter" title="6 Request Header Fields" href="#rfc.section.6"> 479 <link rel="Chapter" title="7 Response Status Codes" href="#rfc.section.7"> 480 <link rel="Chapter" title="8 Response Header Fields" href="#rfc.section.8"> 481 <link rel="Chapter" title="9 IANA Considerations" href="#rfc.section.9"> 482 <link rel="Chapter" title="10 Security Considerations" href="#rfc.section.10"> 483 <link rel="Chapter" title="11 Acknowledgments" href="#rfc.section.11"> 484 <link rel="Chapter" href="#rfc.section.12" title="12 References"> 476 <link rel="Chapter" title="4 Request Methods" href="#rfc.section.4"> 477 <link rel="Chapter" title="5 Request Header Fields" href="#rfc.section.5"> 478 <link rel="Chapter" title="6 Response Status Codes" href="#rfc.section.6"> 479 <link rel="Chapter" title="7 Response Header Fields" href="#rfc.section.7"> 480 <link rel="Chapter" title="8 IANA Considerations" href="#rfc.section.8"> 481 <link rel="Chapter" title="9 Security Considerations" href="#rfc.section.9"> 482 <link rel="Chapter" title="10 Acknowledgments" href="#rfc.section.10"> 483 <link rel="Chapter" href="#rfc.section.11" title="11 References"> 485 484 <link rel="Appendix" title="A Differences between HTTP and MIME" href="#rfc.section.A"> 486 485 <link rel="Appendix" title="B Additional Features" href="#rfc.section.B"> … … 496 495 <meta name="dct.creator" content="Reschke, J. F."> 497 496 <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p2-semantics-latest"> 498 <meta name="dct.issued" scheme="ISO8601" content="2012-12-1 3">497 <meta name="dct.issued" scheme="ISO8601" content="2012-12-15"> 499 498 <meta name="dct.replaces" content="urn:ietf:rfc:2616"> 500 499 <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypertext information systems. This document defines the semantics of HTTP/1.1 messages, as expressed by request methods, request header fields, response status codes, and response header fields, along with the payload of messages (metadata and body content) and mechanisms for content negotiation."> … … 524 523 <tr> 525 524 <td class="left">Intended status: Standards Track</td> 526 <td class="right">December 1 3, 2012</td>525 <td class="right">December 15, 2012</td> 527 526 </tr> 528 527 <tr> 529 <td class="left">Expires: June 1 6, 2013</td>528 <td class="left">Expires: June 18, 2013</td> 530 529 <td class="right"></td> 531 530 </tr> … … 555 554 in progress”. 556 555 </p> 557 <p>This Internet-Draft will expire on June 1 6, 2013.</p>556 <p>This Internet-Draft will expire on June 18, 2013.</p> 558 557 <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1> 559 558 <p>Copyright © 2012 IETF Trust and the persons identified as the document authors. All rights reserved.</p> … … 615 614 </ul> 616 615 </li> 617 <li><a href="#rfc.section.4">4.</a> <a href="#product.tokens">Product Tokens</a></li> 618 <li><a href="#rfc.section.5">5.</a> <a href="#methods">Request Methods</a><ul> 619 <li><a href="#rfc.section.5.1">5.1</a> <a href="#method.overview">Overview</a></li> 620 <li><a href="#rfc.section.5.2">5.2</a> <a href="#method.properties">Common Method Properties</a><ul> 621 <li><a href="#rfc.section.5.2.1">5.2.1</a> <a href="#safe.methods">Safe Methods</a></li> 622 <li><a href="#rfc.section.5.2.2">5.2.2</a> <a href="#idempotent.methods">Idempotent Methods</a></li> 623 <li><a href="#rfc.section.5.2.3">5.2.3</a> <a href="#cacheable.methods">Cacheable Methods</a></li> 616 <li><a href="#rfc.section.4">4.</a> <a href="#methods">Request Methods</a><ul> 617 <li><a href="#rfc.section.4.1">4.1</a> <a href="#method.overview">Overview</a></li> 618 <li><a href="#rfc.section.4.2">4.2</a> <a href="#method.properties">Common Method Properties</a><ul> 619 <li><a href="#rfc.section.4.2.1">4.2.1</a> <a href="#safe.methods">Safe Methods</a></li> 620 <li><a href="#rfc.section.4.2.2">4.2.2</a> <a href="#idempotent.methods">Idempotent Methods</a></li> 621 <li><a href="#rfc.section.4.2.3">4.2.3</a> <a href="#cacheable.methods">Cacheable Methods</a></li> 624 622 </ul> 625 623 </li> 626 <li><a href="#rfc.section. 5.3">5.3</a> <a href="#method.definitions">Method Definitions</a><ul>627 <li><a href="#rfc.section. 5.3.1">5.3.1</a> <a href="#GET">GET</a></li>628 <li><a href="#rfc.section. 5.3.2">5.3.2</a> <a href="#HEAD">HEAD</a></li>629 <li><a href="#rfc.section. 5.3.3">5.3.3</a> <a href="#POST">POST</a></li>630 <li><a href="#rfc.section. 5.3.4">5.3.4</a> <a href="#PUT">PUT</a></li>631 <li><a href="#rfc.section. 5.3.5">5.3.5</a> <a href="#DELETE">DELETE</a></li>632 <li><a href="#rfc.section. 5.3.6">5.3.6</a> <a href="#CONNECT">CONNECT</a></li>633 <li><a href="#rfc.section. 5.3.7">5.3.7</a> <a href="#OPTIONS">OPTIONS</a></li>634 <li><a href="#rfc.section. 5.3.8">5.3.8</a> <a href="#TRACE">TRACE</a></li>624 <li><a href="#rfc.section.4.3">4.3</a> <a href="#method.definitions">Method Definitions</a><ul> 625 <li><a href="#rfc.section.4.3.1">4.3.1</a> <a href="#GET">GET</a></li> 626 <li><a href="#rfc.section.4.3.2">4.3.2</a> <a href="#HEAD">HEAD</a></li> 627 <li><a href="#rfc.section.4.3.3">4.3.3</a> <a href="#POST">POST</a></li> 628 <li><a href="#rfc.section.4.3.4">4.3.4</a> <a href="#PUT">PUT</a></li> 629 <li><a href="#rfc.section.4.3.5">4.3.5</a> <a href="#DELETE">DELETE</a></li> 630 <li><a href="#rfc.section.4.3.6">4.3.6</a> <a href="#CONNECT">CONNECT</a></li> 631 <li><a href="#rfc.section.4.3.7">4.3.7</a> <a href="#OPTIONS">OPTIONS</a></li> 632 <li><a href="#rfc.section.4.3.8">4.3.8</a> <a href="#TRACE">TRACE</a></li> 635 633 </ul> 636 634 </li> 637 635 </ul> 638 636 </li> 639 <li><a href="#rfc.section. 6">6.</a> <a href="#request.header.fields">Request Header Fields</a><ul>640 <li><a href="#rfc.section. 6.1">6.1</a> <a href="#request.controls">Controls</a><ul>641 <li><a href="#rfc.section. 6.1.1">6.1.1</a> <a href="#header.max-forwards">Max-Forwards</a></li>642 <li><a href="#rfc.section. 6.1.2">6.1.2</a> <a href="#header.expect">Expect</a><ul>643 <li><a href="#rfc.section. 6.1.2.1">6.1.2.1</a> <a href="#use.of.the.100.status">Use of the 100 (Continue) Status</a></li>637 <li><a href="#rfc.section.5">5.</a> <a href="#request.header.fields">Request Header Fields</a><ul> 638 <li><a href="#rfc.section.5.1">5.1</a> <a href="#request.controls">Controls</a><ul> 639 <li><a href="#rfc.section.5.1.1">5.1.1</a> <a href="#header.max-forwards">Max-Forwards</a></li> 640 <li><a href="#rfc.section.5.1.2">5.1.2</a> <a href="#header.expect">Expect</a><ul> 641 <li><a href="#rfc.section.5.1.2.1">5.1.2.1</a> <a href="#use.of.the.100.status">Use of the 100 (Continue) Status</a></li> 644 642 </ul> 645 643 </li> 646 644 </ul> 647 645 </li> 648 <li><a href="#rfc.section. 6.2">6.2</a> <a href="#request.conditionals">Conditionals</a></li>649 <li><a href="#rfc.section. 6.3">6.3</a> <a href="#request.conneg">Content Negotiation</a><ul>650 <li><a href="#rfc.section. 6.3.1">6.3.1</a> <a href="#quality.values">Quality Values</a></li>651 <li><a href="#rfc.section. 6.3.2">6.3.2</a> <a href="#header.accept">Accept</a></li>652 <li><a href="#rfc.section. 6.3.3">6.3.3</a> <a href="#header.accept-charset">Accept-Charset</a></li>653 <li><a href="#rfc.section. 6.3.4">6.3.4</a> <a href="#header.accept-encoding">Accept-Encoding</a></li>654 <li><a href="#rfc.section. 6.3.5">6.3.5</a> <a href="#header.accept-language">Accept-Language</a></li>646 <li><a href="#rfc.section.5.2">5.2</a> <a href="#request.conditionals">Conditionals</a></li> 647 <li><a href="#rfc.section.5.3">5.3</a> <a href="#request.conneg">Content Negotiation</a><ul> 648 <li><a href="#rfc.section.5.3.1">5.3.1</a> <a href="#quality.values">Quality Values</a></li> 649 <li><a href="#rfc.section.5.3.2">5.3.2</a> <a href="#header.accept">Accept</a></li> 650 <li><a href="#rfc.section.5.3.3">5.3.3</a> <a href="#header.accept-charset">Accept-Charset</a></li> 651 <li><a href="#rfc.section.5.3.4">5.3.4</a> <a href="#header.accept-encoding">Accept-Encoding</a></li> 652 <li><a href="#rfc.section.5.3.5">5.3.5</a> <a href="#header.accept-language">Accept-Language</a></li> 655 653 </ul> 656 654 </li> 657 <li><a href="#rfc.section. 6.4">6.4</a> <a href="#request.auth">Authentication Credentials</a></li>658 <li><a href="#rfc.section. 6.5">6.5</a> <a href="#request.context">Context</a><ul>659 <li><a href="#rfc.section. 6.5.1">6.5.1</a> <a href="#header.from">From</a></li>660 <li><a href="#rfc.section. 6.5.2">6.5.2</a> <a href="#header.referer">Referer</a></li>661 <li><a href="#rfc.section. 6.5.3">6.5.3</a> <a href="#header.user-agent">User-Agent</a></li>655 <li><a href="#rfc.section.5.4">5.4</a> <a href="#request.auth">Authentication Credentials</a></li> 656 <li><a href="#rfc.section.5.5">5.5</a> <a href="#request.context">Request Context</a><ul> 657 <li><a href="#rfc.section.5.5.1">5.5.1</a> <a href="#header.from">From</a></li> 658 <li><a href="#rfc.section.5.5.2">5.5.2</a> <a href="#header.referer">Referer</a></li> 659 <li><a href="#rfc.section.5.5.3">5.5.3</a> <a href="#header.user-agent">User-Agent</a></li> 662 660 </ul> 663 661 </li> 664 662 </ul> 665 663 </li> 666 <li><a href="#rfc.section. 7">7.</a> <a href="#status.codes">Response Status Codes</a><ul>667 <li><a href="#rfc.section. 7.1">7.1</a> <a href="#overview.of.status.codes">Overview of Status Codes</a></li>668 <li><a href="#rfc.section. 7.2">7.2</a> <a href="#status.1xx">Informational 1xx</a><ul>669 <li><a href="#rfc.section. 7.2.1">7.2.1</a> <a href="#status.100">100 Continue</a></li>670 <li><a href="#rfc.section. 7.2.2">7.2.2</a> <a href="#status.101">101 Switching Protocols</a></li>664 <li><a href="#rfc.section.6">6.</a> <a href="#status.codes">Response Status Codes</a><ul> 665 <li><a href="#rfc.section.6.1">6.1</a> <a href="#overview.of.status.codes">Overview of Status Codes</a></li> 666 <li><a href="#rfc.section.6.2">6.2</a> <a href="#status.1xx">Informational 1xx</a><ul> 667 <li><a href="#rfc.section.6.2.1">6.2.1</a> <a href="#status.100">100 Continue</a></li> 668 <li><a href="#rfc.section.6.2.2">6.2.2</a> <a href="#status.101">101 Switching Protocols</a></li> 671 669 </ul> 672 670 </li> 673 <li><a href="#rfc.section. 7.3">7.3</a> <a href="#status.2xx">Successful 2xx</a><ul>674 <li><a href="#rfc.section. 7.3.1">7.3.1</a> <a href="#status.200">200 OK</a></li>675 <li><a href="#rfc.section. 7.3.2">7.3.2</a> <a href="#status.201">201 Created</a></li>676 <li><a href="#rfc.section. 7.3.3">7.3.3</a> <a href="#status.202">202 Accepted</a></li>677 <li><a href="#rfc.section. 7.3.4">7.3.4</a> <a href="#status.203">203 Non-Authoritative Information</a></li>678 <li><a href="#rfc.section. 7.3.5">7.3.5</a> <a href="#status.204">204 No Content</a></li>679 <li><a href="#rfc.section. 7.3.6">7.3.6</a> <a href="#status.205">205 Reset Content</a></li>671 <li><a href="#rfc.section.6.3">6.3</a> <a href="#status.2xx">Successful 2xx</a><ul> 672 <li><a href="#rfc.section.6.3.1">6.3.1</a> <a href="#status.200">200 OK</a></li> 673 <li><a href="#rfc.section.6.3.2">6.3.2</a> <a href="#status.201">201 Created</a></li> 674 <li><a href="#rfc.section.6.3.3">6.3.3</a> <a href="#status.202">202 Accepted</a></li> 675 <li><a href="#rfc.section.6.3.4">6.3.4</a> <a href="#status.203">203 Non-Authoritative Information</a></li> 676 <li><a href="#rfc.section.6.3.5">6.3.5</a> <a href="#status.204">204 No Content</a></li> 677 <li><a href="#rfc.section.6.3.6">6.3.6</a> <a href="#status.205">205 Reset Content</a></li> 680 678 </ul> 681 679 </li> 682 <li><a href="#rfc.section. 7.4">7.4</a> <a href="#status.3xx">Redirection 3xx</a><ul>683 <li><a href="#rfc.section. 7.4.1">7.4.1</a> <a href="#status.300">300 Multiple Choices</a></li>684 <li><a href="#rfc.section. 7.4.2">7.4.2</a> <a href="#status.301">301 Moved Permanently</a></li>685 <li><a href="#rfc.section. 7.4.3">7.4.3</a> <a href="#status.302">302 Found</a></li>686 <li><a href="#rfc.section. 7.4.4">7.4.4</a> <a href="#status.303">303 See Other</a></li>687 <li><a href="#rfc.section. 7.4.5">7.4.5</a> <a href="#status.305">305 Use Proxy</a></li>688 <li><a href="#rfc.section. 7.4.6">7.4.6</a> <a href="#status.306">306 (Unused)</a></li>689 <li><a href="#rfc.section. 7.4.7">7.4.7</a> <a href="#status.307">307 Temporary Redirect</a></li>680 <li><a href="#rfc.section.6.4">6.4</a> <a href="#status.3xx">Redirection 3xx</a><ul> 681 <li><a href="#rfc.section.6.4.1">6.4.1</a> <a href="#status.300">300 Multiple Choices</a></li> 682 <li><a href="#rfc.section.6.4.2">6.4.2</a> <a href="#status.301">301 Moved Permanently</a></li> 683 <li><a href="#rfc.section.6.4.3">6.4.3</a> <a href="#status.302">302 Found</a></li> 684 <li><a href="#rfc.section.6.4.4">6.4.4</a> <a href="#status.303">303 See Other</a></li> 685 <li><a href="#rfc.section.6.4.5">6.4.5</a> <a href="#status.305">305 Use Proxy</a></li> 686 <li><a href="#rfc.section.6.4.6">6.4.6</a> <a href="#status.306">306 (Unused)</a></li> 687 <li><a href="#rfc.section.6.4.7">6.4.7</a> <a href="#status.307">307 Temporary Redirect</a></li> 690 688 </ul> 691 689 </li> 692 <li><a href="#rfc.section. 7.5">7.5</a> <a href="#status.4xx">Client Error 4xx</a><ul>693 <li><a href="#rfc.section. 7.5.1">7.5.1</a> <a href="#status.400">400 Bad Request</a></li>694 <li><a href="#rfc.section. 7.5.2">7.5.2</a> <a href="#status.402">402 Payment Required</a></li>695 <li><a href="#rfc.section. 7.5.3">7.5.3</a> <a href="#status.403">403 Forbidden</a></li>696 <li><a href="#rfc.section. 7.5.4">7.5.4</a> <a href="#status.404">404 Not Found</a></li>697 <li><a href="#rfc.section. 7.5.5">7.5.5</a> <a href="#status.405">405 Method Not Allowed</a></li>698 <li><a href="#rfc.section. 7.5.6">7.5.6</a> <a href="#status.406">406 Not Acceptable</a></li>699 <li><a href="#rfc.section. 7.5.7">7.5.7</a> <a href="#status.408">408 Request Timeout</a></li>700 <li><a href="#rfc.section. 7.5.8">7.5.8</a> <a href="#status.409">409 Conflict</a></li>701 <li><a href="#rfc.section. 7.5.9">7.5.9</a> <a href="#status.410">410 Gone</a></li>702 <li><a href="#rfc.section. 7.5.10">7.5.10</a> <a href="#status.411">411 Length Required</a></li>703 <li><a href="#rfc.section. 7.5.11">7.5.11</a> <a href="#status.413">413 Request Representation Too Large</a></li>704 <li><a href="#rfc.section. 7.5.12">7.5.12</a> <a href="#status.414">414 URI Too Long</a></li>705 <li><a href="#rfc.section. 7.5.13">7.5.13</a> <a href="#status.415">415 Unsupported Media Type</a></li>706 <li><a href="#rfc.section. 7.5.14">7.5.14</a> <a href="#status.417">417 Expectation Failed</a></li>707 <li><a href="#rfc.section. 7.5.15">7.5.15</a> <a href="#status.426">426 Upgrade Required</a></li>690 <li><a href="#rfc.section.6.5">6.5</a> <a href="#status.4xx">Client Error 4xx</a><ul> 691 <li><a href="#rfc.section.6.5.1">6.5.1</a> <a href="#status.400">400 Bad Request</a></li> 692 <li><a href="#rfc.section.6.5.2">6.5.2</a> <a href="#status.402">402 Payment Required</a></li> 693 <li><a href="#rfc.section.6.5.3">6.5.3</a> <a href="#status.403">403 Forbidden</a></li> 694 <li><a href="#rfc.section.6.5.4">6.5.4</a> <a href="#status.404">404 Not Found</a></li> 695 <li><a href="#rfc.section.6.5.5">6.5.5</a> <a href="#status.405">405 Method Not Allowed</a></li> 696 <li><a href="#rfc.section.6.5.6">6.5.6</a> <a href="#status.406">406 Not Acceptable</a></li> 697 <li><a href="#rfc.section.6.5.7">6.5.7</a> <a href="#status.408">408 Request Timeout</a></li> 698 <li><a href="#rfc.section.6.5.8">6.5.8</a> <a href="#status.409">409 Conflict</a></li> 699 <li><a href="#rfc.section.6.5.9">6.5.9</a> <a href="#status.410">410 Gone</a></li> 700 <li><a href="#rfc.section.6.5.10">6.5.10</a> <a href="#status.411">411 Length Required</a></li> 701 <li><a href="#rfc.section.6.5.11">6.5.11</a> <a href="#status.413">413 Request Representation Too Large</a></li> 702 <li><a href="#rfc.section.6.5.12">6.5.12</a> <a href="#status.414">414 URI Too Long</a></li> 703 <li><a href="#rfc.section.6.5.13">6.5.13</a> <a href="#status.415">415 Unsupported Media Type</a></li> 704 <li><a href="#rfc.section.6.5.14">6.5.14</a> <a href="#status.417">417 Expectation Failed</a></li> 705 <li><a href="#rfc.section.6.5.15">6.5.15</a> <a href="#status.426">426 Upgrade Required</a></li> 708 706 </ul> 709 707 </li> 710 <li><a href="#rfc.section. 7.6">7.6</a> <a href="#status.5xx">Server Error 5xx</a><ul>711 <li><a href="#rfc.section. 7.6.1">7.6.1</a> <a href="#status.500">500 Internal Server Error</a></li>712 <li><a href="#rfc.section. 7.6.2">7.6.2</a> <a href="#status.501">501 Not Implemented</a></li>713 <li><a href="#rfc.section. 7.6.3">7.6.3</a> <a href="#status.502">502 Bad Gateway</a></li>714 <li><a href="#rfc.section. 7.6.4">7.6.4</a> <a href="#status.503">503 Service Unavailable</a></li>715 <li><a href="#rfc.section. 7.6.5">7.6.5</a> <a href="#status.504">504 Gateway Timeout</a></li>716 <li><a href="#rfc.section. 7.6.6">7.6.6</a> <a href="#status.505">505 HTTP Version Not Supported</a></li>708 <li><a href="#rfc.section.6.6">6.6</a> <a href="#status.5xx">Server Error 5xx</a><ul> 709 <li><a href="#rfc.section.6.6.1">6.6.1</a> <a href="#status.500">500 Internal Server Error</a></li> 710 <li><a href="#rfc.section.6.6.2">6.6.2</a> <a href="#status.501">501 Not Implemented</a></li> 711 <li><a href="#rfc.section.6.6.3">6.6.3</a> <a href="#status.502">502 Bad Gateway</a></li> 712 <li><a href="#rfc.section.6.6.4">6.6.4</a> <a href="#status.503">503 Service Unavailable</a></li> 713 <li><a href="#rfc.section.6.6.5">6.6.5</a> <a href="#status.504">504 Gateway Timeout</a></li> 714 <li><a href="#rfc.section.6.6.6">6.6.6</a> <a href="#status.505">505 HTTP Version Not Supported</a></li> 717 715 </ul> 718 716 </li> 719 717 </ul> 720 718 </li> 721 <li><a href="#rfc.section. 8">8.</a> <a href="#response.header.fields">Response Header Fields</a><ul>722 <li><a href="#rfc.section. 8.1">8.1</a> <a href="#response.control.data">Control Data</a><ul>723 <li><a href="#rfc.section. 8.1.1">8.1.1</a> <a href="#origination.date">Origination Date</a><ul>724 <li><a href="#rfc.section. 8.1.1.1">8.1.1.1</a> <a href="#http.date">Date/Time Formats</a></li>725 <li><a href="#rfc.section. 8.1.1.2">8.1.1.2</a> <a href="#header.date">Date</a></li>719 <li><a href="#rfc.section.7">7.</a> <a href="#response.header.fields">Response Header Fields</a><ul> 720 <li><a href="#rfc.section.7.1">7.1</a> <a href="#response.control.data">Control Data</a><ul> 721 <li><a href="#rfc.section.7.1.1">7.1.1</a> <a href="#origination.date">Origination Date</a><ul> 722 <li><a href="#rfc.section.7.1.1.1">7.1.1.1</a> <a href="#http.date">Date/Time Formats</a></li> 723 <li><a href="#rfc.section.7.1.1.2">7.1.1.2</a> <a href="#header.date">Date</a></li> 726 724 </ul> 727 725 </li> 728 <li><a href="#rfc.section. 8.1.2">8.1.2</a> <a href="#header.location">Location</a></li>729 <li><a href="#rfc.section. 8.1.3">8.1.3</a> <a href="#header.retry-after">Retry-After</a></li>726 <li><a href="#rfc.section.7.1.2">7.1.2</a> <a href="#header.location">Location</a></li> 727 <li><a href="#rfc.section.7.1.3">7.1.3</a> <a href="#header.retry-after">Retry-After</a></li> 730 728 </ul> 731 729 </li> 732 <li><a href="#rfc.section. 8.2">8.2</a> <a href="#selected.representation">Selected Representation Header Fields</a><ul>733 <li><a href="#rfc.section. 8.2.1">8.2.1</a> <a href="#header.vary">Vary</a></li>730 <li><a href="#rfc.section.7.2">7.2</a> <a href="#selected.representation">Selected Representation Header Fields</a><ul> 731 <li><a href="#rfc.section.7.2.1">7.2.1</a> <a href="#header.vary">Vary</a></li> 734 732 </ul> 735 733 </li> 736 <li><a href="#rfc.section. 8.3">8.3</a> <a href="#response.auth">Authentication Challenges</a></li>737 <li><a href="#rfc.section. 8.4">8.4</a> <a href="#response.inform">Informative</a><ul>738 <li><a href="#rfc.section. 8.4.1">8.4.1</a> <a href="#header.allow">Allow</a></li>739 <li><a href="#rfc.section. 8.4.2">8.4.2</a> <a href="#header.server">Server</a></li>734 <li><a href="#rfc.section.7.3">7.3</a> <a href="#response.auth">Authentication Challenges</a></li> 735 <li><a href="#rfc.section.7.4">7.4</a> <a href="#response.context">Response Context</a><ul> 736 <li><a href="#rfc.section.7.4.1">7.4.1</a> <a href="#header.allow">Allow</a></li> 737 <li><a href="#rfc.section.7.4.2">7.4.2</a> <a href="#header.server">Server</a></li> 740 738 </ul> 741 739 </li> 742 740 </ul> 743 741 </li> 744 <li><a href="#rfc.section. 9">9.</a> <a href="#IANA.considerations">IANA Considerations</a><ul>745 <li><a href="#rfc.section. 9.1">9.1</a> <a href="#method.registry">Method Registry</a><ul>746 <li><a href="#rfc.section. 9.1.1">9.1.1</a> <a href="#method.procedure">Procedure</a></li>747 <li><a href="#rfc.section. 9.1.2">9.1.2</a> <a href="#considerations.for.new.methods">Considerations for New Methods</a></li>748 <li><a href="#rfc.section. 9.1.3">9.1.3</a> <a href="#method.registration">Registrations</a></li>742 <li><a href="#rfc.section.8">8.</a> <a href="#IANA.considerations">IANA Considerations</a><ul> 743 <li><a href="#rfc.section.8.1">8.1</a> <a href="#method.registry">Method Registry</a><ul> 744 <li><a href="#rfc.section.8.1.1">8.1.1</a> <a href="#method.procedure">Procedure</a></li> 745 <li><a href="#rfc.section.8.1.2">8.1.2</a> <a href="#considerations.for.new.methods">Considerations for New Methods</a></li> 746 <li><a href="#rfc.section.8.1.3">8.1.3</a> <a href="#method.registration">Registrations</a></li> 749 747 </ul> 750 748 </li> 751 <li><a href="#rfc.section. 9.2">9.2</a> <a href="#status.code.registry">Status Code Registry</a><ul>752 <li><a href="#rfc.section. 9.2.1">9.2.1</a> <a href="#status.code.procedure">Procedure</a></li>753 <li><a href="#rfc.section. 9.2.2">9.2.2</a> <a href="#considerations.for.new.status.codes">Considerations for New Status Codes</a></li>754 <li><a href="#rfc.section. 9.2.3">9.2.3</a> <a href="#status.code.registration">Registrations</a></li>749 <li><a href="#rfc.section.8.2">8.2</a> <a href="#status.code.registry">Status Code Registry</a><ul> 750 <li><a href="#rfc.section.8.2.1">8.2.1</a> <a href="#status.code.procedure">Procedure</a></li> 751 <li><a href="#rfc.section.8.2.2">8.2.2</a> <a href="#considerations.for.new.status.codes">Considerations for New Status Codes</a></li> 752 <li><a href="#rfc.section.8.2.3">8.2.3</a> <a href="#status.code.registration">Registrations</a></li> 755 753 </ul> 756 754 </li> 757 <li><a href="#rfc.section. 9.3">9.3</a> <a href="#header.field.registry">Header Field Registry</a><ul>758 <li><a href="#rfc.section. 9.3.1">9.3.1</a> <a href="#considerations.for.new.header.fields">Considerations for New Header Fields</a></li>759 <li><a href="#rfc.section. 9.3.2">9.3.2</a> <a href="#header.field.registration">Registrations</a></li>755 <li><a href="#rfc.section.8.3">8.3</a> <a href="#header.field.registry">Header Field Registry</a><ul> 756 <li><a href="#rfc.section.8.3.1">8.3.1</a> <a href="#considerations.for.new.header.fields">Considerations for New Header Fields</a></li> 757 <li><a href="#rfc.section.8.3.2">8.3.2</a> <a href="#header.field.registration">Registrations</a></li> 760 758 </ul> 761 759 </li> 762 <li><a href="#rfc.section. 9.4">9.4</a> <a href="#content.coding.registry">Content Coding Registry</a><ul>763 <li><a href="#rfc.section. 9.4.1">9.4.1</a> <a href="#content.coding.procedure">Procedure</a></li>764 <li><a href="#rfc.section. 9.4.2">9.4.2</a> <a href="#content.coding.registration">Registrations</a></li>760 <li><a href="#rfc.section.8.4">8.4</a> <a href="#content.coding.registry">Content Coding Registry</a><ul> 761 <li><a href="#rfc.section.8.4.1">8.4.1</a> <a href="#content.coding.procedure">Procedure</a></li> 762 <li><a href="#rfc.section.8.4.2">8.4.2</a> <a href="#content.coding.registration">Registrations</a></li> 765 763 </ul> 766 764 </li> 767 765 </ul> 768 766 </li> 769 <li><a href="#rfc.section. 10">10.</a> <a href="#security.considerations">Security Considerations</a><ul>770 <li><a href="#rfc.section. 10.1">10.1</a> <a href="#security.sensitive">Transfer of Sensitive Information</a></li>771 <li><a href="#rfc.section. 10.2">10.2</a> <a href="#encoding.sensitive.information.in.uris">Encoding Sensitive Information in URIs</a></li>772 <li><a href="#rfc.section. 10.3">10.3</a> <a href="#location.spoofing-leakage">Location Header Fields: Spoofing and Information Leakage</a></li>773 <li><a href="#rfc.section. 10.4">10.4</a> <a href="#rfc.section.10.4">Security Considerations for CONNECT</a></li>774 <li><a href="#rfc.section. 10.5">10.5</a> <a href="#privacy.issues.connected.to.accept.header.fields">Privacy Issues Connected to Accept Header Fields</a></li>767 <li><a href="#rfc.section.9">9.</a> <a href="#security.considerations">Security Considerations</a><ul> 768 <li><a href="#rfc.section.9.1">9.1</a> <a href="#security.sensitive">Transfer of Sensitive Information</a></li> 769 <li><a href="#rfc.section.9.2">9.2</a> <a href="#encoding.sensitive.information.in.uris">Encoding Sensitive Information in URIs</a></li> 770 <li><a href="#rfc.section.9.3">9.3</a> <a href="#location.spoofing-leakage">Location Header Fields: Spoofing and Information Leakage</a></li> 771 <li><a href="#rfc.section.9.4">9.4</a> <a href="#rfc.section.9.4">Security Considerations for CONNECT</a></li> 772 <li><a href="#rfc.section.9.5">9.5</a> <a href="#privacy.issues.connected.to.accept.header.fields">Privacy Issues Connected to Accept Header Fields</a></li> 775 773 </ul> 776 774 </li> 777 <li><a href="#rfc.section.1 1">11.</a> <a href="#acks">Acknowledgments</a></li>778 <li><a href="#rfc.section.1 2">12.</a> <a href="#rfc.references">References</a><ul>779 <li><a href="#rfc.section.1 2.1">12.1</a> <a href="#rfc.references.1">Normative References</a></li>780 <li><a href="#rfc.section.1 2.2">12.2</a> <a href="#rfc.references.2">Informative References</a></li>775 <li><a href="#rfc.section.10">10.</a> <a href="#acks">Acknowledgments</a></li> 776 <li><a href="#rfc.section.11">11.</a> <a href="#rfc.references">References</a><ul> 777 <li><a href="#rfc.section.11.1">11.1</a> <a href="#rfc.references.1">Normative References</a></li> 778 <li><a href="#rfc.section.11.2">11.2</a> <a href="#rfc.references.2">Informative References</a></li> 781 779 </ul> 782 780 </li> … … 812 810 (<a href="#representations" title="Representations">Section 3</a>). 813 811 </p> 814 <p id="rfc.section.1.p.3">HTTP semantics include the intentions defined by each request method (<a href="#methods" title="Request Methods">Section 5</a>), extensions to those semantics that might be described in request header fields (<a href="#request.header.fields" title="Request Header Fields">Section 6</a>), the meaning of status codes to indicate a machine-readable response (<a href="#status.codes" title="Response Status Codes">Section 7</a>), and the meaning of other control data and resource metadata that might be given in response header fields (<a href="#response.header.fields" title="Response Header Fields">Section 8</a>).812 <p id="rfc.section.1.p.3">HTTP semantics include the intentions defined by each request method (<a href="#methods" title="Request Methods">Section 4</a>), extensions to those semantics that might be described in request header fields (<a href="#request.header.fields" title="Request Header Fields">Section 5</a>), the meaning of status codes to indicate a machine-readable response (<a href="#status.codes" title="Response Status Codes">Section 6</a>), and the meaning of other control data and resource metadata that might be given in response header fields (<a href="#response.header.fields" title="Response Header Fields">Section 7</a>). 815 813 </p> 816 814 <p id="rfc.section.1.p.4"><span id="rfc.iref.c.1"></span> This document also defines representation metadata that describe how a payload is intended to be interpreted by a recipient, … … 838 836 </p> 839 837 <p id="rfc.section.2.p.3">One design goal of HTTP is to separate resource identification from request semantics, which is made possible by vesting the 840 request semantics in the request method (<a href="#methods" title="Request Methods">Section 5</a>) and a few request-modifying header fields (<a href="#request.header.fields" title="Request Header Fields">Section 6</a>). Resource owners <em class="bcp14">SHOULD NOT</em> include request semantics within a URI, such as by specifying an action to invoke within the path or query components of the838 request semantics in the request method (<a href="#methods" title="Request Methods">Section 4</a>) and a few request-modifying header fields (<a href="#request.header.fields" title="Request Header Fields">Section 5</a>). Resource owners <em class="bcp14">SHOULD NOT</em> include request semantics within a URI, such as by specifying an action to invoke within the path or query components of the 841 839 effective request URI, unless those semantics are disabled when they are inconsistent with the request method. 842 840 </p> … … 892 890 <h3 id="rfc.section.3.1.1"><a href="#rfc.section.3.1.1">3.1.1</a> <a id="data.type" href="#data.type">Processing the Data</a></h3> 893 891 <h4 id="rfc.section.3.1.1.1"><a href="#rfc.section.3.1.1.1">3.1.1.1</a> <a id="media.type" href="#media.type">Media Type</a></h4> 894 <p id="rfc.section.3.1.1.1.p.1">HTTP uses Internet Media Types <a href="#RFC2046" id="rfc.xref.RFC2046.1"><cite title="Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types">[RFC2046]</cite></a> in the <a href="#header.content-type" class="smpl">Content-Type</a> (<a href="#header.content-type" id="rfc.xref.header.content-type.2" title="Content-Type">Section 3.1.1.5</a>) and <a href="#header.accept" class="smpl">Accept</a> (<a href="#header.accept" id="rfc.xref.header.accept.1" title="Accept">Section 6.3.2</a>) header fields in order to provide open and extensible data typing and type negotiation. Media types define both a data format892 <p id="rfc.section.3.1.1.1.p.1">HTTP uses Internet Media Types <a href="#RFC2046" id="rfc.xref.RFC2046.1"><cite title="Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types">[RFC2046]</cite></a> in the <a href="#header.content-type" class="smpl">Content-Type</a> (<a href="#header.content-type" id="rfc.xref.header.content-type.2" title="Content-Type">Section 3.1.1.5</a>) and <a href="#header.accept" class="smpl">Accept</a> (<a href="#header.accept" id="rfc.xref.header.accept.1" title="Accept">Section 5.3.2</a>) header fields in order to provide open and extensible data typing and type negotiation. Media types define both a data format 895 893 and various processing models: how to process that data in accordance with each context in which it is received. 896 894 </p> … … 985 983 <div id="rfc.figure.u.7"></div><pre class="inline"><span id="rfc.iref.g.10"></span> <a href="#content.codings" class="smpl">content-coding</a> = <a href="#imported.abnf" class="smpl">token</a> 986 984 </pre><p id="rfc.section.3.1.2.1.p.3">All content-coding values are case-insensitive and ought to be registered within the HTTP Content Coding registry, as defined 987 in <a href="#content.coding.registry" title="Content Coding Registry">Section 9.4</a>. They are used in the <a href="#header.accept-encoding" class="smpl">Accept-Encoding</a> (<a href="#header.accept-encoding" id="rfc.xref.header.accept-encoding.1" title="Accept-Encoding">Section 6.3.4</a>) and <a href="#header.content-encoding" class="smpl">Content-Encoding</a> (<a href="#header.content-encoding" id="rfc.xref.header.content-encoding.2" title="Content-Encoding">Section 3.1.2.2</a>) header fields.985 in <a href="#content.coding.registry" title="Content Coding Registry">Section 8.4</a>. They are used in the <a href="#header.accept-encoding" class="smpl">Accept-Encoding</a> (<a href="#header.accept-encoding" id="rfc.xref.header.accept-encoding.1" title="Accept-Encoding">Section 5.3.4</a>) and <a href="#header.content-encoding" class="smpl">Content-Encoding</a> (<a href="#header.content-encoding" id="rfc.xref.header.content-encoding.2" title="Content-Encoding">Section 3.1.2.2</a>) header fields. 988 986 </p> 989 987 <p id="rfc.section.3.1.2.1.p.4">The following content-coding values are defined by this specification: </p> … … 1154 1152 by both the request method and the response status code. 1155 1153 </p> 1156 <p id="rfc.section.3.3.p.3">For example, a representation in the payload of a PUT request (<a href="#PUT" id="rfc.xref.PUT.1" title="PUT">Section 5.3.4</a>) represents the desired state of the target resource if the request is successfully applied, whereas a representation in1157 the payload of a POST request (<a href="#POST" id="rfc.xref.POST.1" title="POST">Section 5.3.3</a>) represents an anonymous resource for providing data to be processed, such as the information that a user entered within1154 <p id="rfc.section.3.3.p.3">For example, a representation in the payload of a PUT request (<a href="#PUT" id="rfc.xref.PUT.1" title="PUT">Section 4.3.4</a>) represents the desired state of the target resource if the request is successfully applied, whereas a representation in 1155 the payload of a POST request (<a href="#POST" id="rfc.xref.POST.1" title="POST">Section 4.3.3</a>) represents an anonymous resource for providing data to be processed, such as the information that a user entered within 1158 1156 an HTML form. 1159 1157 </p> 1160 <p id="rfc.section.3.3.p.4">Likewise, the payload of a <a href="#status.200" class="smpl">200 (OK)</a> response to GET (<a href="#GET" id="rfc.xref.GET.1" title="GET">Section 5.3.1</a>) contains a representation of the target resource, as observed at the time of the message origination date (<a href="#header.date" id="rfc.xref.header.date.1" title="Date">Section 8.1.1.2</a>), whereas the same status code in a response to POST might contain either a representation of the processing result or a1158 <p id="rfc.section.3.3.p.4">Likewise, the payload of a <a href="#status.200" class="smpl">200 (OK)</a> response to GET (<a href="#GET" id="rfc.xref.GET.1" title="GET">Section 4.3.1</a>) contains a representation of the target resource, as observed at the time of the message origination date (<a href="#header.date" id="rfc.xref.header.date.1" title="Date">Section 7.1.1.2</a>), whereas the same status code in a response to POST might contain either a representation of the processing result or a 1161 1159 current representation of the target resource after applying the processing. Response messages with an error status code usually 1162 1160 contain a representation that describes the error and what next steps are suggested for resolving it. … … 1210 1208 the server to select the preferred representation, it is called <dfn>proactive negotiation</dfn> (a.k.a., <dfn>server-driven negotiation</dfn>). Selection is based on the available representations for a response (the dimensions over which it might vary; e.g., language, 1211 1209 content-coding, etc.) compared to various information supplied in the request, including both the explicit negotiation fields 1212 of <a href="#request.conneg" title="Content Negotiation">Section 6.3</a> and implicit characteristics, such as the client's network address or parts of the <a href="#header.user-agent" class="smpl">User-Agent</a> field.1210 of <a href="#request.conneg" title="Content Negotiation">Section 5.3</a> and implicit characteristics, such as the client's network address or parts of the <a href="#header.user-agent" class="smpl">User-Agent</a> field. 1213 1211 </p> 1214 1212 <p id="rfc.section.3.4.1.p.2">Proactive negotiation is advantageous when the algorithm for selecting from among the available representations is difficult … … 1233 1231 the user agent's preferences is better than sending a <a href="#status.406" class="smpl">406 (Not Acceptable)</a> response. 1234 1232 </p> 1235 <p id="rfc.section.3.4.1.p.5">An origin server <em class="bcp14">MAY</em> generate a <a href="#header.vary" class="smpl">Vary</a> header field (<a href="#header.vary" id="rfc.xref.header.vary.1" title="Vary">Section 8.2.1</a>) in responses that are subject to proactive negotiation to indicate what parameters of request information might be used1233 <p id="rfc.section.3.4.1.p.5">An origin server <em class="bcp14">MAY</em> generate a <a href="#header.vary" class="smpl">Vary</a> header field (<a href="#header.vary" id="rfc.xref.header.vary.1" title="Vary">Section 7.2.1</a>) in responses that are subject to proactive negotiation to indicate what parameters of request information might be used 1236 1234 in its selection algorithm, thereby providing a means for recipients to determine the reusability of that same response for 1237 1235 user agents with differing request information. … … 1256 1254 such a mechanism from being developed as an extension. 1257 1255 </p> 1258 <h1 id="rfc.section.4"><a href="#rfc.section.4">4.</a> <a id="product.tokens" href="#product.tokens">Product Tokens</a></h1> 1259 <p id="rfc.section.4.p.1">Product tokens are used to allow communicating applications to identify themselves by software name and version. Most fields 1260 using product tokens also allow sub-products which form a significant part of the application to be listed, separated by whitespace. 1261 By convention, the products are listed in order of their significance for identifying the application. 1262 </p> 1263 <div id="rfc.figure.u.17"></div><pre class="inline"><span id="rfc.iref.g.15"></span><span id="rfc.iref.g.16"></span> <a href="#product.tokens" class="smpl">product</a> = <a href="#imported.abnf" class="smpl">token</a> ["/" <a href="#product.tokens" class="smpl">product-version</a>] 1264 <a href="#product.tokens" class="smpl">product-version</a> = <a href="#imported.abnf" class="smpl">token</a> 1265 </pre><p id="rfc.section.4.p.3">Examples:</p> 1266 <div id="rfc.figure.u.18"></div><pre class="text"> User-Agent: CERN-LineMode/2.15 libwww/2.17b3 1267 Server: Apache/0.8.4 1268 </pre><p id="rfc.section.4.p.5">Product tokens <em class="bcp14">SHOULD</em> be short and to the point. They <em class="bcp14">MUST NOT</em> be used for advertising or other non-essential information. Although any token octet <em class="bcp14">MAY</em> appear in a product-version, this token <em class="bcp14">SHOULD</em> only be used for a version identifier (i.e., successive versions of the same product <em class="bcp14">SHOULD</em> only differ in the product-version portion of the product value). 1269 </p> 1270 <h1 id="rfc.section.5"><a href="#rfc.section.5">5.</a> <a id="methods" href="#methods">Request Methods</a></h1> 1271 <h2 id="rfc.section.5.1"><a href="#rfc.section.5.1">5.1</a> <a id="method.overview" href="#method.overview">Overview</a></h2> 1272 <p id="rfc.section.5.1.p.1">The request method token is the primary source of request semantics; it indicates the purpose for which the client has made 1273 this request and what is expected by the client as a successful result. The request semantics <em class="bcp14">MAY</em> be further specialized by the semantics of some header fields when present in a request (<a href="#request.header.fields" title="Request Header Fields">Section 6</a>) if those additional semantics do not conflict with the method. 1274 </p> 1275 <div id="rfc.figure.u.19"></div><pre class="inline"><span id="rfc.iref.g.17"></span> <a href="#method.overview" class="smpl">method</a> = <a href="#imported.abnf" class="smpl">token</a> 1276 </pre><p id="rfc.section.5.1.p.3">HTTP was originally designed to be usable as an interface to distributed object systems. The request method was envisioned 1256 <h1 id="rfc.section.4"><a href="#rfc.section.4">4.</a> <a id="methods" href="#methods">Request Methods</a></h1> 1257 <h2 id="rfc.section.4.1"><a href="#rfc.section.4.1">4.1</a> <a id="method.overview" href="#method.overview">Overview</a></h2> 1258 <p id="rfc.section.4.1.p.1">The request method token is the primary source of request semantics; it indicates the purpose for which the client has made 1259 this request and what is expected by the client as a successful result. The request semantics <em class="bcp14">MAY</em> be further specialized by the semantics of some header fields when present in a request (<a href="#request.header.fields" title="Request Header Fields">Section 5</a>) if those additional semantics do not conflict with the method. 1260 </p> 1261 <div id="rfc.figure.u.17"></div><pre class="inline"><span id="rfc.iref.g.15"></span> <a href="#method.overview" class="smpl">method</a> = <a href="#imported.abnf" class="smpl">token</a> 1262 </pre><p id="rfc.section.4.1.p.3">HTTP was originally designed to be usable as an interface to distributed object systems. The request method was envisioned 1277 1263 as applying semantics to a target resource in much the same way as invoking a defined method on an identified object would 1278 1264 apply semantics. The method token is case-sensitive because it might be used as a gateway to object-based systems with case-sensitive 1279 1265 method names. 1280 1266 </p> 1281 <p id="rfc.section. 5.1.p.4">Unlike distributed objects, the standardized request methods in HTTP are not resource-specific, since uniform interfaces provide1267 <p id="rfc.section.4.1.p.4">Unlike distributed objects, the standardized request methods in HTTP are not resource-specific, since uniform interfaces provide 1282 1268 for better visibility and reuse in network-based systems <a href="#REST" id="rfc.xref.REST.2"><cite title="Architectural Styles and the Design of Network-based Software Architectures">[REST]</cite></a>. Once defined, a standardized method <em class="bcp14">MUST</em> have the same semantics when applied to any resource, though each resource determines for itself whether those semantics are 1283 1269 implemented or allowed. 1284 1270 </p> 1285 <p id="rfc.section. 5.1.p.5">This specification defines a number of standardized methods that are commonly used in HTTP, as outlined by the following table.1271 <p id="rfc.section.4.1.p.5">This specification defines a number of standardized methods that are commonly used in HTTP, as outlined by the following table. 1286 1272 By convention, standardized methods are defined in all-uppercase ASCII letters. 1287 1273 </p> … … 1300 1286 <td class="left">GET</td> 1301 1287 <td class="left">Transfer a current representation of the target resource.</td> 1302 <td class="left"><a href="#GET" id="rfc.xref.GET.2" title="GET"> 5.3.1</a></td>1288 <td class="left"><a href="#GET" id="rfc.xref.GET.2" title="GET">4.3.1</a></td> 1303 1289 </tr> 1304 1290 <tr> 1305 1291 <td class="left">HEAD</td> 1306 1292 <td class="left">Same as GET, but do not include a message body in the response.</td> 1307 <td class="left"><a href="#HEAD" id="rfc.xref.HEAD.1" title="HEAD"> 5.3.2</a></td>1293 <td class="left"><a href="#HEAD" id="rfc.xref.HEAD.1" title="HEAD">4.3.2</a></td> 1308 1294 </tr> 1309 1295 <tr> 1310 1296 <td class="left">POST</td> 1311 1297 <td class="left">Perform resource-specific processing on the request payload.</td> 1312 <td class="left"><a href="#POST" id="rfc.xref.POST.2" title="POST"> 5.3.3</a></td>1298 <td class="left"><a href="#POST" id="rfc.xref.POST.2" title="POST">4.3.3</a></td> 1313 1299 </tr> 1314 1300 <tr> 1315 1301 <td class="left">PUT</td> 1316 1302 <td class="left">Replace all current representations of the target resource with the request payload.</td> 1317 <td class="left"><a href="#PUT" id="rfc.xref.PUT.2" title="PUT"> 5.3.4</a></td>1303 <td class="left"><a href="#PUT" id="rfc.xref.PUT.2" title="PUT">4.3.4</a></td> 1318 1304 </tr> 1319 1305 <tr> 1320 1306 <td class="left">DELETE</td> 1321 1307 <td class="left">Remove all current representations of the target resource.</td> 1322 <td class="left"><a href="#DELETE" id="rfc.xref.DELETE.1" title="DELETE"> 5.3.5</a></td>1308 <td class="left"><a href="#DELETE" id="rfc.xref.DELETE.1" title="DELETE">4.3.5</a></td> 1323 1309 </tr> 1324 1310 <tr> 1325 1311 <td class="left">CONNECT</td> 1326 1312 <td class="left">Establish a tunnel to the server identified by the target resource.</td> 1327 <td class="left"><a href="#CONNECT" id="rfc.xref.CONNECT.1" title="CONNECT"> 5.3.6</a></td>1313 <td class="left"><a href="#CONNECT" id="rfc.xref.CONNECT.1" title="CONNECT">4.3.6</a></td> 1328 1314 </tr> 1329 1315 <tr> 1330 1316 <td class="left">OPTIONS</td> 1331 1317 <td class="left">Describe the communication options for the target resource.</td> 1332 <td class="left"><a href="#OPTIONS" id="rfc.xref.OPTIONS.1" title="OPTIONS"> 5.3.7</a></td>1318 <td class="left"><a href="#OPTIONS" id="rfc.xref.OPTIONS.1" title="OPTIONS">4.3.7</a></td> 1333 1319 </tr> 1334 1320 <tr> 1335 1321 <td class="left">TRACE</td> 1336 1322 <td class="left">Perform a message loop-back test along the path to the target resource.</td> 1337 <td class="left"><a href="#TRACE" id="rfc.xref.TRACE.1" title="TRACE"> 5.3.8</a></td>1323 <td class="left"><a href="#TRACE" id="rfc.xref.TRACE.1" title="TRACE">4.3.8</a></td> 1338 1324 </tr> 1339 1325 </tbody> 1340 1326 </table> 1341 1327 </div> 1342 <p id="rfc.section. 5.1.p.6">The methods GET and HEAD <em class="bcp14">MUST</em> be supported by all general-purpose servers. All other methods are <em class="bcp14">OPTIONAL</em>. When implemented, a server <em class="bcp14">MUST</em> implement the above methods according to the semantics defined for them in <a href="#method.definitions" title="Method Definitions">Section 5.3</a>.1343 </p> 1344 <p id="rfc.section. 5.1.p.7">Additional methods <em class="bcp14">MAY</em> be used in HTTP; many have already been standardized outside the scope of this specification and ought to be registered within1345 the HTTP Method Registry maintained by IANA, as defined in <a href="#method.registry" title="Method Registry">Section 9.1</a>.1346 </p> 1347 <p id="rfc.section. 5.1.p.8">The set of methods allowed by a target resource can be listed in an <a href="#header.allow" class="smpl">Allow</a> header field (<a href="#header.allow" id="rfc.xref.header.allow.1" title="Allow">Section 8.4.1</a>). However, the set of allowed methods can change dynamically. When a request message is received that is unrecognized or1328 <p id="rfc.section.4.1.p.6">The methods GET and HEAD <em class="bcp14">MUST</em> be supported by all general-purpose servers. All other methods are <em class="bcp14">OPTIONAL</em>. When implemented, a server <em class="bcp14">MUST</em> implement the above methods according to the semantics defined for them in <a href="#method.definitions" title="Method Definitions">Section 4.3</a>. 1329 </p> 1330 <p id="rfc.section.4.1.p.7">Additional methods <em class="bcp14">MAY</em> be used in HTTP; many have already been standardized outside the scope of this specification and ought to be registered within 1331 the HTTP Method Registry maintained by IANA, as defined in <a href="#method.registry" title="Method Registry">Section 8.1</a>. 1332 </p> 1333 <p id="rfc.section.4.1.p.8">The set of methods allowed by a target resource can be listed in an <a href="#header.allow" class="smpl">Allow</a> header field (<a href="#header.allow" id="rfc.xref.header.allow.1" title="Allow">Section 7.4.1</a>). However, the set of allowed methods can change dynamically. When a request message is received that is unrecognized or 1348 1334 not implemented by an origin server, the origin server <em class="bcp14">SHOULD</em> respond with the <a href="#status.501" class="smpl">501 (Not Implemented)</a> status code. When a request message is received that is known by an origin server but not allowed for the target resource, 1349 1335 the origin server <em class="bcp14">SHOULD</em> respond with the <a href="#status.405" class="smpl">405 (Method Not Allowed)</a> status code. 1350 1336 </p> 1351 <h2 id="rfc.section. 5.2"><a href="#rfc.section.5.2">5.2</a> <a id="method.properties" href="#method.properties">Common Method Properties</a></h2>1337 <h2 id="rfc.section.4.2"><a href="#rfc.section.4.2">4.2</a> <a id="method.properties" href="#method.properties">Common Method Properties</a></h2> 1352 1338 <div id="rfc.iref.s.1"></div> 1353 <h3 id="rfc.section. 5.2.1"><a href="#rfc.section.5.2.1">5.2.1</a> <a id="safe.methods" href="#safe.methods">Safe Methods</a></h3>1354 <p id="rfc.section. 5.2.1.p.1">Request methods are considered "<dfn id="safe">safe</dfn>" if their defined semantics are essentially read-only; i.e., the client does not request, and does not expect, any state1339 <h3 id="rfc.section.4.2.1"><a href="#rfc.section.4.2.1">4.2.1</a> <a id="safe.methods" href="#safe.methods">Safe Methods</a></h3> 1340 <p id="rfc.section.4.2.1.p.1">Request methods are considered "<dfn id="safe">safe</dfn>" if their defined semantics are essentially read-only; i.e., the client does not request, and does not expect, any state 1355 1341 change on the origin server as a result of applying a safe method to a target resource. Likewise, reasonable use of a safe 1356 1342 method is not expected to cause any harm, loss of property, or unusual burden on the origin server. 1357 1343 </p> 1358 <p id="rfc.section. 5.2.1.p.2">This definition of safe methods does not prevent an implementation from including behavior that is potentially harmful, not1344 <p id="rfc.section.4.2.1.p.2">This definition of safe methods does not prevent an implementation from including behavior that is potentially harmful, not 1359 1345 entirely read-only, or which causes side-effects while invoking a safe method. What is important, however, is that the client 1360 1346 did not request that additional behavior and cannot be held accountable for it. For example, most servers append request information … … 1363 1349 the Web will often have the side-effect of charging an advertising account. 1364 1350 </p> 1365 <p id="rfc.section. 5.2.1.p.3">The GET, HEAD, OPTIONS, and TRACE request methods are defined to be safe.</p>1366 <p id="rfc.section. 5.2.1.p.4">The purpose of distinguishing between safe and unsafe methods is to allow automated retrieval processes (spiders) and cache1351 <p id="rfc.section.4.2.1.p.3">The GET, HEAD, OPTIONS, and TRACE request methods are defined to be safe.</p> 1352 <p id="rfc.section.4.2.1.p.4">The purpose of distinguishing between safe and unsafe methods is to allow automated retrieval processes (spiders) and cache 1367 1353 performance optimization (pre-fetching) to work without fear of causing harm. In addition, it allows a user agent to apply 1368 1354 appropriate constraints on the automated use of unsafe methods when processing potentially untrusted content. 1369 1355 </p> 1370 <p id="rfc.section. 5.2.1.p.5">A user agent <em class="bcp14">SHOULD</em> distinguish between safe and unsafe methods when presenting potential actions to a user, such that the user can be made aware1356 <p id="rfc.section.4.2.1.p.5">A user agent <em class="bcp14">SHOULD</em> distinguish between safe and unsafe methods when presenting potential actions to a user, such that the user can be made aware 1371 1357 of an unsafe action before it is requested. 1372 1358 </p> 1373 <p id="rfc.section. 5.2.1.p.6">When a resource is constructed such that parameters within the effective request URI have the effect of selecting an action,1359 <p id="rfc.section.4.2.1.p.6">When a resource is constructed such that parameters within the effective request URI have the effect of selecting an action, 1374 1360 it is the resource owner's responsibility to ensure that the action is consistent with the request method semantics. For example, 1375 1361 it is common for Web-based content editing software to use actions within query parameters, such as "page?do=delete". If the … … 1379 1365 </p> 1380 1366 <div id="rfc.iref.i.1"></div> 1381 <h3 id="rfc.section. 5.2.2"><a href="#rfc.section.5.2.2">5.2.2</a> <a id="idempotent.methods" href="#idempotent.methods">Idempotent Methods</a></h3>1382 <p id="rfc.section. 5.2.2.p.1">Request methods are considered "<dfn id="idempotent">idempotent</dfn>" if the intended effect of multiple identical requests is the same as for a single request. PUT, DELETE, and all safe request1367 <h3 id="rfc.section.4.2.2"><a href="#rfc.section.4.2.2">4.2.2</a> <a id="idempotent.methods" href="#idempotent.methods">Idempotent Methods</a></h3> 1368 <p id="rfc.section.4.2.2.p.1">Request methods are considered "<dfn id="idempotent">idempotent</dfn>" if the intended effect of multiple identical requests is the same as for a single request. PUT, DELETE, and all safe request 1383 1369 methods are idempotent. 1384 1370 </p> 1385 <p id="rfc.section. 5.2.2.p.2">Like the definition of safe, the idempotent property only applies to what has been requested by the user; a server is free1371 <p id="rfc.section.4.2.2.p.2">Like the definition of safe, the idempotent property only applies to what has been requested by the user; a server is free 1386 1372 to log each request separately, retain a revision control history, or implement other non-idempotent side-effects for each 1387 1373 idempotent request. 1388 1374 </p> 1389 <p id="rfc.section. 5.2.2.p.3">Idempotent methods are distinguished because the request can be repeated automatically if a communication failure occurs before1375 <p id="rfc.section.4.2.2.p.3">Idempotent methods are distinguished because the request can be repeated automatically if a communication failure occurs before 1390 1376 the client is able to read the server's response. For example, if a client sends a PUT request and the underlying connection 1391 1377 is closed before any response is received, then it can establish a new connection and retry the idempotent request because … … 1394 1380 </p> 1395 1381 <div id="rfc.iref.c.8"></div> 1396 <h3 id="rfc.section. 5.2.3"><a href="#rfc.section.5.2.3">5.2.3</a> <a id="cacheable.methods" href="#cacheable.methods">Cacheable Methods</a></h3>1397 <p id="rfc.section. 5.2.3.p.1">Request methods are considered "<dfn id="cacheable">cacheable</dfn>" if it is possible and useful to answer a current client request with a stored response from a prior request. GET and HEAD1382 <h3 id="rfc.section.4.2.3"><a href="#rfc.section.4.2.3">4.2.3</a> <a id="cacheable.methods" href="#cacheable.methods">Cacheable Methods</a></h3> 1383 <p id="rfc.section.4.2.3.p.1">Request methods are considered "<dfn id="cacheable">cacheable</dfn>" if it is possible and useful to answer a current client request with a stored response from a prior request. GET and HEAD 1398 1384 are defined to be cacheable. In general, safe methods that do not depend on a current or authoritative response are cacheable, 1399 1385 though the overwhelming majority of caches only support GET and HEAD. HTTP requirements for cache behavior and cacheable responses 1400 1386 are defined in <a href="#Part6" id="rfc.xref.Part6.2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>. 1401 1387 </p> 1402 <h2 id="rfc.section. 5.3"><a href="#rfc.section.5.3">5.3</a> <a id="method.definitions" href="#method.definitions">Method Definitions</a></h2>1403 <h3 id="rfc.section. 5.3.1"><a href="#rfc.section.5.3.1">5.3.1</a> <a id="GET" href="#GET">GET</a></h3>1404 <div id="rfc.iref.g.1 8"></div>1405 <p id="rfc.section. 5.3.1.p.1">The GET method requests transfer of a current representation of the target resource.</p>1406 <p id="rfc.section. 5.3.1.p.2">If the target resource is a data-producing process, it is the produced data which shall be returned as the representation1388 <h2 id="rfc.section.4.3"><a href="#rfc.section.4.3">4.3</a> <a id="method.definitions" href="#method.definitions">Method Definitions</a></h2> 1389 <h3 id="rfc.section.4.3.1"><a href="#rfc.section.4.3.1">4.3.1</a> <a id="GET" href="#GET">GET</a></h3> 1390 <div id="rfc.iref.g.16"></div> 1391 <p id="rfc.section.4.3.1.p.1">The GET method requests transfer of a current representation of the target resource.</p> 1392 <p id="rfc.section.4.3.1.p.2">If the target resource is a data-producing process, it is the produced data which shall be returned as the representation 1407 1393 in the response and not the source text of the process, unless that text happens to be the output of the process. 1408 1394 </p> 1409 <p id="rfc.section. 5.3.1.p.3">The semantics of the GET method change to a "conditional GET" if the request message includes an <a href="p4-conditional.html#header.if-modified-since" class="smpl">If-Modified-Since</a>, <a href="p4-conditional.html#header.if-unmodified-since" class="smpl">If-Unmodified-Since</a>, <a href="p4-conditional.html#header.if-match" class="smpl">If-Match</a>, <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a>, or <a href="p5-range.html#header.if-range" class="smpl">If-Range</a> header field (<a href="#Part4" id="rfc.xref.Part4.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>). A conditional GET requests that the representation be transferred only under the circumstances described by the conditional1395 <p id="rfc.section.4.3.1.p.3">The semantics of the GET method change to a "conditional GET" if the request message includes an <a href="p4-conditional.html#header.if-modified-since" class="smpl">If-Modified-Since</a>, <a href="p4-conditional.html#header.if-unmodified-since" class="smpl">If-Unmodified-Since</a>, <a href="p4-conditional.html#header.if-match" class="smpl">If-Match</a>, <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a>, or <a href="p5-range.html#header.if-range" class="smpl">If-Range</a> header field (<a href="#Part4" id="rfc.xref.Part4.1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>). A conditional GET requests that the representation be transferred only under the circumstances described by the conditional 1410 1396 header field(s). The conditional GET request is intended to reduce unnecessary network usage by allowing cached representations 1411 1397 to be refreshed without requiring multiple requests or transferring data already held by the client. 1412 1398 </p> 1413 <p id="rfc.section. 5.3.1.p.4">The semantics of the GET method change to a "partial GET" if the request message includes a <a href="p5-range.html#range.retrieval.requests" class="smpl">Range</a> header field (<a href="#Part5" id="rfc.xref.Part5.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>). A partial GET requests that only part of the representation be transferred, as described in <a href="p5-range.html#header.range" title="Range">Section 5.4</a> of <a href="#Part5" id="rfc.xref.Part5.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>. The partial GET request is intended to reduce unnecessary network usage by allowing partially-retrieved representations1399 <p id="rfc.section.4.3.1.p.4">The semantics of the GET method change to a "partial GET" if the request message includes a <a href="p5-range.html#range.retrieval.requests" class="smpl">Range</a> header field (<a href="#Part5" id="rfc.xref.Part5.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>). A partial GET requests that only part of the representation be transferred, as described in <a href="p5-range.html#header.range" title="Range">Section 5.4</a> of <a href="#Part5" id="rfc.xref.Part5.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>. The partial GET request is intended to reduce unnecessary network usage by allowing partially-retrieved representations 1414 1400 to be completed without transferring data already held by the client. 1415 1401 </p> 1416 <p id="rfc.section. 5.3.1.p.5">A payload within a GET request message has no defined semantics; sending a payload body on a GET request might cause some1402 <p id="rfc.section.4.3.1.p.5">A payload within a GET request message has no defined semantics; sending a payload body on a GET request might cause some 1417 1403 existing implementations to reject the request. 1418 1404 </p> 1419 <p id="rfc.section. 5.3.1.p.6">The response to a GET request is cacheable and <em class="bcp14">MAY</em> be used to satisfy subsequent GET and HEAD requests (see <a href="#Part6" id="rfc.xref.Part6.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>).1420 </p> 1421 <p id="rfc.section. 5.3.1.p.7">See <a href="#encoding.sensitive.information.in.uris" title="Encoding Sensitive Information in URIs">Section 10.2</a> for security considerations when used for forms.1422 </p> 1423 <h3 id="rfc.section. 5.3.2"><a href="#rfc.section.5.3.2">5.3.2</a> <a id="HEAD" href="#HEAD">HEAD</a></h3>1405 <p id="rfc.section.4.3.1.p.6">The response to a GET request is cacheable and <em class="bcp14">MAY</em> be used to satisfy subsequent GET and HEAD requests (see <a href="#Part6" id="rfc.xref.Part6.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>). 1406 </p> 1407 <p id="rfc.section.4.3.1.p.7">See <a href="#encoding.sensitive.information.in.uris" title="Encoding Sensitive Information in URIs">Section 9.2</a> for security considerations when used for forms. 1408 </p> 1409 <h3 id="rfc.section.4.3.2"><a href="#rfc.section.4.3.2">4.3.2</a> <a id="HEAD" href="#HEAD">HEAD</a></h3> 1424 1410 <div id="rfc.iref.h.1"></div> 1425 <p id="rfc.section. 5.3.2.p.1">The HEAD method is identical to GET except that the server <em class="bcp14">MUST NOT</em> return a message body in the response. The metadata contained in the HTTP header fields in response to a HEAD request <em class="bcp14">SHOULD</em> be identical to the information sent in response to a GET request. This method can be used for obtaining metadata about the1411 <p id="rfc.section.4.3.2.p.1">The HEAD method is identical to GET except that the server <em class="bcp14">MUST NOT</em> return a message body in the response. The metadata contained in the HTTP header fields in response to a HEAD request <em class="bcp14">SHOULD</em> be identical to the information sent in response to a GET request. This method can be used for obtaining metadata about the 1426 1412 representation implied by the request without transferring the representation data. This method is often used for testing 1427 1413 hypertext links for validity, accessibility, and recent modification. 1428 1414 </p> 1429 <p id="rfc.section. 5.3.2.p.2">The response to a HEAD request is cacheable and <em class="bcp14">MAY</em> be used to satisfy a subsequent HEAD request. It also has potential side effects on previously stored responses to GET; see <a href="p6-cache.html#head.effects" title="Updating Caches with HEAD Responses">Section 5</a> of <a href="#Part6" id="rfc.xref.Part6.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>.1430 </p> 1431 <p id="rfc.section. 5.3.2.p.3">A payload within a HEAD request message has no defined semantics; sending a payload body on a HEAD request might cause some1415 <p id="rfc.section.4.3.2.p.2">The response to a HEAD request is cacheable and <em class="bcp14">MAY</em> be used to satisfy a subsequent HEAD request. It also has potential side effects on previously stored responses to GET; see <a href="p6-cache.html#head.effects" title="Updating Caches with HEAD Responses">Section 5</a> of <a href="#Part6" id="rfc.xref.Part6.4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>. 1416 </p> 1417 <p id="rfc.section.4.3.2.p.3">A payload within a HEAD request message has no defined semantics; sending a payload body on a HEAD request might cause some 1432 1418 existing implementations to reject the request. 1433 1419 </p> 1434 1420 <div id="rfc.iref.p.2"></div> 1435 <h3 id="rfc.section. 5.3.3"><a href="#rfc.section.5.3.3">5.3.3</a> <a id="POST" href="#POST">POST</a></h3>1436 <p id="rfc.section. 5.3.3.p.1">The POST method requests that the origin server accept the representation enclosed in the request as data to be processed1421 <h3 id="rfc.section.4.3.3"><a href="#rfc.section.4.3.3">4.3.3</a> <a id="POST" href="#POST">POST</a></h3> 1422 <p id="rfc.section.4.3.3.p.1">The POST method requests that the origin server accept the representation enclosed in the request as data to be processed 1437 1423 by the target resource. POST is designed to allow a uniform method to cover the following functions: 1438 1424 </p> … … 1443 1429 <li>Extending a database through an append operation.</li> 1444 1430 </ul> 1445 <p id="rfc.section. 5.3.3.p.2">The actual function performed by the POST method is determined by the server and is usually dependent on the effective request1431 <p id="rfc.section.4.3.3.p.2">The actual function performed by the POST method is determined by the server and is usually dependent on the effective request 1446 1432 URI. 1447 1433 </p> 1448 <p id="rfc.section. 5.3.3.p.3">The action performed by the POST method might not result in a resource that can be identified by a URI. In this case, either <a href="#status.200" class="smpl">200 (OK)</a> or <a href="#status.204" class="smpl">204 (No Content)</a> is the appropriate response status code, depending on whether or not the response includes a representation that describes1434 <p id="rfc.section.4.3.3.p.3">The action performed by the POST method might not result in a resource that can be identified by a URI. In this case, either <a href="#status.200" class="smpl">200 (OK)</a> or <a href="#status.204" class="smpl">204 (No Content)</a> is the appropriate response status code, depending on whether or not the response includes a representation that describes 1449 1435 the result. 1450 1436 </p> 1451 <p id="rfc.section. 5.3.3.p.4">If a resource has been created on the origin server, the response <em class="bcp14">SHOULD</em> be <a href="#status.201" class="smpl">201 (Created)</a> and contain a representation which describes the status of the request and refers to the new resource, and a <a href="#header.location" class="smpl">Location</a> header field (see <a href="#header.location" id="rfc.xref.header.location.1" title="Location">Section 8.1.2</a>).1452 </p> 1453 <p id="rfc.section. 5.3.3.p.5">Responses to POST requests are only cacheable when they include explicit freshness information (see <a href="p6-cache.html#calculating.freshness.lifetime" title="Calculating Freshness Lifetime">Section 4.1.1</a> of <a href="#Part6" id="rfc.xref.Part6.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>). A cached POST response with a <a href="#header.content-location" class="smpl">Content-Location</a> header field (see <a href="#header.content-location" id="rfc.xref.header.content-location.2" title="Content-Location">Section 3.1.4.2</a>) whose value is the effective Request URI <em class="bcp14">MAY</em> be used to satisfy subsequent GET and HEAD (not POST) requests.1454 </p> 1455 <p id="rfc.section. 5.3.3.p.6">Note that POST caching is not widely implemented. However, the <a href="#status.303" class="smpl">303 (See Other)</a> response can be used to direct the user agent to retrieve a cacheable representation of the resource.1456 </p> 1457 <h3 id="rfc.section. 5.3.4"><a href="#rfc.section.5.3.4">5.3.4</a> <a id="PUT" href="#PUT">PUT</a></h3>1437 <p id="rfc.section.4.3.3.p.4">If a resource has been created on the origin server, the response <em class="bcp14">SHOULD</em> be <a href="#status.201" class="smpl">201 (Created)</a> and contain a representation which describes the status of the request and refers to the new resource, and a <a href="#header.location" class="smpl">Location</a> header field (see <a href="#header.location" id="rfc.xref.header.location.1" title="Location">Section 7.1.2</a>). 1438 </p> 1439 <p id="rfc.section.4.3.3.p.5">Responses to POST requests are only cacheable when they include explicit freshness information (see <a href="p6-cache.html#calculating.freshness.lifetime" title="Calculating Freshness Lifetime">Section 4.1.1</a> of <a href="#Part6" id="rfc.xref.Part6.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>). A cached POST response with a <a href="#header.content-location" class="smpl">Content-Location</a> header field (see <a href="#header.content-location" id="rfc.xref.header.content-location.2" title="Content-Location">Section 3.1.4.2</a>) whose value is the effective Request URI <em class="bcp14">MAY</em> be used to satisfy subsequent GET and HEAD (not POST) requests. 1440 </p> 1441 <p id="rfc.section.4.3.3.p.6">Note that POST caching is not widely implemented. However, the <a href="#status.303" class="smpl">303 (See Other)</a> response can be used to direct the user agent to retrieve a cacheable representation of the resource. 1442 </p> 1443 <h3 id="rfc.section.4.3.4"><a href="#rfc.section.4.3.4">4.3.4</a> <a id="PUT" href="#PUT">PUT</a></h3> 1458 1444 <div id="rfc.iref.p.3"></div> 1459 <p id="rfc.section. 5.3.4.p.1">The PUT method requests that the state of the target resource be created or replaced with the state defined by the representation1445 <p id="rfc.section.4.3.4.p.1">The PUT method requests that the state of the target resource be created or replaced with the state defined by the representation 1460 1446 enclosed in the request message payload. A successful PUT of a given representation would suggest that a subsequent GET on 1461 1447 that same target resource will result in an equivalent representation being returned in a <a href="#status.200" class="smpl">200 (OK)</a> response. However, there is no guarantee that such a state change will be observable, since the target resource might be acted … … 1464 1450 by the origin server. 1465 1451 </p> 1466 <p id="rfc.section. 5.3.4.p.2">If the target resource does not have a current representation and the PUT successfully creates one, then the origin server <em class="bcp14">MUST</em> inform the user agent by sending a <a href="#status.201" class="smpl">201 (Created)</a> response. If the target resource does have a current representation and that representation is successfully modified in accordance1452 <p id="rfc.section.4.3.4.p.2">If the target resource does not have a current representation and the PUT successfully creates one, then the origin server <em class="bcp14">MUST</em> inform the user agent by sending a <a href="#status.201" class="smpl">201 (Created)</a> response. If the target resource does have a current representation and that representation is successfully modified in accordance 1467 1453 with the state of the enclosed representation, then either a <a href="#status.200" class="smpl">200 (OK)</a> or <a href="#status.204" class="smpl">204 (No Content)</a> response <em class="bcp14">SHOULD</em> be sent to indicate successful completion of the request. 1468 1454 </p> 1469 <p id="rfc.section. 5.3.4.p.3">Unrecognized header fields <em class="bcp14">SHOULD</em> be ignored (i.e., not saved as part of the resource state).1470 </p> 1471 <p id="rfc.section. 5.3.4.p.4">An origin server <em class="bcp14">SHOULD</em> verify that the PUT representation is consistent with any constraints which the server has for the target resource that cannot1455 <p id="rfc.section.4.3.4.p.3">Unrecognized header fields <em class="bcp14">SHOULD</em> be ignored (i.e., not saved as part of the resource state). 1456 </p> 1457 <p id="rfc.section.4.3.4.p.4">An origin server <em class="bcp14">SHOULD</em> verify that the PUT representation is consistent with any constraints which the server has for the target resource that cannot 1472 1458 or will not be changed by the PUT. This is particularly important when the origin server uses internal configuration information 1473 1459 related to the URI in order to set the values for representation metadata on GET responses. When a PUT representation is inconsistent … … 1475 1461 appropriate error message containing sufficient information to explain why the representation is unsuitable. The <a href="#status.409" class="smpl">409 (Conflict)</a> or <a href="#status.415" class="smpl">415 (Unsupported Media Type)</a> status codes are suggested, with the latter being specific to constraints on <a href="#header.content-type" class="smpl">Content-Type</a> values. 1476 1462 </p> 1477 <p id="rfc.section. 5.3.4.p.5">For example, if the target resource is configured to always have a <a href="#header.content-type" class="smpl">Content-Type</a> of "text/html" and the representation being PUT has a Content-Type of "image/jpeg", then the origin server <em class="bcp14">SHOULD</em> do one of:1463 <p id="rfc.section.4.3.4.p.5">For example, if the target resource is configured to always have a <a href="#header.content-type" class="smpl">Content-Type</a> of "text/html" and the representation being PUT has a Content-Type of "image/jpeg", then the origin server <em class="bcp14">SHOULD</em> do one of: 1478 1464 </p> 1479 1465 <ol class="la"> … … 1486 1472 </li> 1487 1473 </ol> 1488 <p id="rfc.section. 5.3.4.p.6">HTTP does not define exactly how a PUT method affects the state of an origin server beyond what can be expressed by the intent1474 <p id="rfc.section.4.3.4.p.6">HTTP does not define exactly how a PUT method affects the state of an origin server beyond what can be expressed by the intent 1489 1475 of the user agent request and the semantics of the origin server response. It does not define what a resource might be, in 1490 1476 any sense of that word, beyond the interface provided via HTTP. It does not define how resource state is "stored", nor how … … 1493 1479 the server. 1494 1480 </p> 1495 <p id="rfc.section. 5.3.4.p.7">The fundamental difference between the POST and PUT methods is highlighted by the different intent for the target resource.1481 <p id="rfc.section.4.3.4.p.7">The fundamental difference between the POST and PUT methods is highlighted by the different intent for the target resource. 1496 1482 The target resource in a POST request is intended to handle the enclosed representation as a data-accepting process, such 1497 1483 as for a gateway to some other protocol or a document that accepts annotations. In contrast, the target resource in a PUT … … 1499 1485 and visible to intermediaries, even though the exact effect is only known by the origin server. 1500 1486 </p> 1501 <p id="rfc.section. 5.3.4.p.8">Proper interpretation of a PUT request presumes that the user agent knows what target resource is desired. A service that1487 <p id="rfc.section.4.3.4.p.8">Proper interpretation of a PUT request presumes that the user agent knows what target resource is desired. A service that 1502 1488 is intended to select a proper URI on behalf of the client, after receiving a state-changing request, <em class="bcp14">SHOULD</em> be implemented using the POST method rather than PUT. If the origin server will not make the requested PUT state change to 1503 1489 the target resource and instead wishes to have it applied to a different resource, such as when the resource has been moved 1504 1490 to a different URI, then the origin server <em class="bcp14">MUST</em> send a <a href="#status.301" class="smpl">301 (Moved Permanently)</a> response; the user agent <em class="bcp14">MAY</em> then make its own decision regarding whether or not to redirect the request. 1505 1491 </p> 1506 <p id="rfc.section. 5.3.4.p.9">A PUT request applied to the target resource <em class="bcp14">MAY</em> have side-effects on other resources. For example, an article might have a URI for identifying "the current version" (a resource)1492 <p id="rfc.section.4.3.4.p.9">A PUT request applied to the target resource <em class="bcp14">MAY</em> have side-effects on other resources. For example, an article might have a URI for identifying "the current version" (a resource) 1507 1493 which is separate from the URIs identifying each particular version (different resources that at one point shared the same 1508 1494 state as the current version resource). A successful PUT request on "the current version" URI might therefore create a new … … 1510 1496 the related resources. 1511 1497 </p> 1512 <p id="rfc.section. 5.3.4.p.10">An origin server <em class="bcp14">SHOULD</em> reject any PUT request that contains a <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a> header field (<a href="p5-range.html#header.content-range" title="Content-Range">Section 5.2</a> of <a href="#Part5" id="rfc.xref.Part5.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>), since it might be misinterpreted as partial content (or might be partial content that is being mistakenly PUT as a full1498 <p id="rfc.section.4.3.4.p.10">An origin server <em class="bcp14">SHOULD</em> reject any PUT request that contains a <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a> header field (<a href="p5-range.html#header.content-range" title="Content-Range">Section 5.2</a> of <a href="#Part5" id="rfc.xref.Part5.5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>), since it might be misinterpreted as partial content (or might be partial content that is being mistakenly PUT as a full 1513 1499 representation). Partial content updates are possible by targeting a separately identified resource with state that overlaps 1514 1500 a portion of the larger resource, or by using a different method that has been specifically defined for partial updates (for 1515 1501 example, the PATCH method defined in <a href="#RFC5789" id="rfc.xref.RFC5789.1"><cite title="PATCH Method for HTTP">[RFC5789]</cite></a>). 1516 1502 </p> 1517 <p id="rfc.section. 5.3.4.p.11">Responses to the PUT method are not cacheable. If a PUT request passes through a cache that has one or more stored responses1503 <p id="rfc.section.4.3.4.p.11">Responses to the PUT method are not cacheable. If a PUT request passes through a cache that has one or more stored responses 1518 1504 for the effective request URI, those stored responses will be invalidated (see <a href="p6-cache.html#invalidation.after.updates.or.deletions" title="Request Methods that Invalidate">Section 6</a> of <a href="#Part6" id="rfc.xref.Part6.6"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>). 1519 1505 </p> 1520 <h3 id="rfc.section. 5.3.5"><a href="#rfc.section.5.3.5">5.3.5</a> <a id="DELETE" href="#DELETE">DELETE</a></h3>1506 <h3 id="rfc.section.4.3.5"><a href="#rfc.section.4.3.5">4.3.5</a> <a id="DELETE" href="#DELETE">DELETE</a></h3> 1521 1507 <div id="rfc.iref.d.2"></div> 1522 <p id="rfc.section. 5.3.5.p.1">The DELETE method requests that the origin server delete the target resource. This method <em class="bcp14">MAY</em> be overridden by human intervention (or other means) on the origin server. The client cannot be guaranteed that the operation1508 <p id="rfc.section.4.3.5.p.1">The DELETE method requests that the origin server delete the target resource. This method <em class="bcp14">MAY</em> be overridden by human intervention (or other means) on the origin server. The client cannot be guaranteed that the operation 1523 1509 has been carried out, even if the status code returned from the origin server indicates that the action has been completed 1524 1510 successfully. However, the server <em class="bcp14">SHOULD NOT</em> indicate success unless, at the time the response is given, it intends to delete the resource or move it to an inaccessible 1525 1511 location. 1526 1512 </p> 1527 <p id="rfc.section. 5.3.5.p.2">A successful response <em class="bcp14">SHOULD</em> be <a href="#status.200" class="smpl">200 (OK)</a> if the response includes a representation describing the status, <a href="#status.202" class="smpl">202 (Accepted)</a> if the action has not yet been enacted, or <a href="#status.204" class="smpl">204 (No Content)</a> if the action has been enacted but the response does not include a representation.1528 </p> 1529 <p id="rfc.section. 5.3.5.p.3">A payload within a DELETE request message has no defined semantics; sending a payload body on a DELETE request might cause1513 <p id="rfc.section.4.3.5.p.2">A successful response <em class="bcp14">SHOULD</em> be <a href="#status.200" class="smpl">200 (OK)</a> if the response includes a representation describing the status, <a href="#status.202" class="smpl">202 (Accepted)</a> if the action has not yet been enacted, or <a href="#status.204" class="smpl">204 (No Content)</a> if the action has been enacted but the response does not include a representation. 1514 </p> 1515 <p id="rfc.section.4.3.5.p.3">A payload within a DELETE request message has no defined semantics; sending a payload body on a DELETE request might cause 1530 1516 some existing implementations to reject the request. 1531 1517 </p> 1532 <p id="rfc.section. 5.3.5.p.4">Responses to the DELETE method are not cacheable. If a DELETE request passes through a cache that has one or more stored responses1518 <p id="rfc.section.4.3.5.p.4">Responses to the DELETE method are not cacheable. If a DELETE request passes through a cache that has one or more stored responses 1533 1519 for the effective request URI, those stored responses will be invalidated (see <a href="p6-cache.html#invalidation.after.updates.or.deletions" title="Request Methods that Invalidate">Section 6</a> of <a href="#Part6" id="rfc.xref.Part6.7"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>). 1534 1520 </p> 1535 1521 <div id="rfc.iref.c.9"></div> 1536 <h3 id="rfc.section. 5.3.6"><a href="#rfc.section.5.3.6">5.3.6</a> <a id="CONNECT" href="#CONNECT">CONNECT</a></h3>1537 <p id="rfc.section. 5.3.6.p.1">The CONNECT method requests that the proxy establish a tunnel to the request-target and, if successful, thereafter restrict1522 <h3 id="rfc.section.4.3.6"><a href="#rfc.section.4.3.6">4.3.6</a> <a id="CONNECT" href="#CONNECT">CONNECT</a></h3> 1523 <p id="rfc.section.4.3.6.p.1">The CONNECT method requests that the proxy establish a tunnel to the request-target and, if successful, thereafter restrict 1538 1524 its behavior to blind forwarding of packets until the connection is closed. 1539 1525 </p> 1540 <p id="rfc.section. 5.3.6.p.2">When using CONNECT, the request-target <em class="bcp14">MUST</em> use the authority form (<a href="p1-messaging.html#request-target" title="Request Target">Section 5.3</a> of <a href="#Part1" id="rfc.xref.Part1.15"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>); i.e., the request-target consists of only the host name and port number of the tunnel destination, separated by a colon.1526 <p id="rfc.section.4.3.6.p.2">When using CONNECT, the request-target <em class="bcp14">MUST</em> use the authority form (<a href="p1-messaging.html#request-target" title="Request Target">Section 5.3</a> of <a href="#Part1" id="rfc.xref.Part1.15"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>); i.e., the request-target consists of only the host name and port number of the tunnel destination, separated by a colon. 1541 1527 For example, 1542 1528 </p> 1543 <div id="rfc.figure.u. 20"></div><pre class="text2">CONNECT server.example.com:80 HTTP/1.11529 <div id="rfc.figure.u.18"></div><pre class="text2">CONNECT server.example.com:80 HTTP/1.1 1544 1530 Host: server.example.com:80 1545 1531 1546 </pre><p id="rfc.section. 5.3.6.p.4">Any <a href="#status.2xx" class="smpl">2xx (Successful)</a> response to a CONNECT request indicates that the proxy has established a connection to the requested host and port, and has1532 </pre><p id="rfc.section.4.3.6.p.4">Any <a href="#status.2xx" class="smpl">2xx (Successful)</a> response to a CONNECT request indicates that the proxy has established a connection to the requested host and port, and has 1547 1533 switched to tunneling the current connection to that server connection. The tunneled data from the server begins immediately 1548 1534 after the blank line that concludes the successful response's header block. 1549 1535 </p> 1550 <p id="rfc.section. 5.3.6.p.5">A server <em class="bcp14">SHOULD NOT</em> send any <a href="p1-messaging.html#header.transfer-encoding" class="smpl">Transfer-Encoding</a> or <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a> header fields in a successful response. A client <em class="bcp14">MUST</em> ignore any Content-Length or Transfer-Encoding header fields received in a successful response.1551 </p> 1552 <p id="rfc.section. 5.3.6.p.6">Any response other than a successful response indicates that the tunnel has not yet been formed and that the connection remains1536 <p id="rfc.section.4.3.6.p.5">A server <em class="bcp14">SHOULD NOT</em> send any <a href="p1-messaging.html#header.transfer-encoding" class="smpl">Transfer-Encoding</a> or <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a> header fields in a successful response. A client <em class="bcp14">MUST</em> ignore any Content-Length or Transfer-Encoding header fields received in a successful response. 1537 </p> 1538 <p id="rfc.section.4.3.6.p.6">Any response other than a successful response indicates that the tunnel has not yet been formed and that the connection remains 1553 1539 governed by HTTP. 1554 1540 </p> 1555 <p id="rfc.section. 5.3.6.p.7">Proxy authentication might be used to establish the authority to create a tunnel:</p>1556 <div id="rfc.figure.u. 21"></div><pre class="text2">CONNECT server.example.com:80 HTTP/1.11541 <p id="rfc.section.4.3.6.p.7">Proxy authentication might be used to establish the authority to create a tunnel:</p> 1542 <div id="rfc.figure.u.19"></div><pre class="text2">CONNECT server.example.com:80 HTTP/1.1 1557 1543 Host: server.example.com:80 1558 1544 Proxy-Authorization: basic aGVsbG86d29ybGQ= 1559 1545 1560 </pre><p id="rfc.section. 5.3.6.p.9">A payload within a CONNECT request message has no defined semantics; sending a payload body on a CONNECT request might cause1546 </pre><p id="rfc.section.4.3.6.p.9">A payload within a CONNECT request message has no defined semantics; sending a payload body on a CONNECT request might cause 1561 1547 some existing implementations to reject the request. 1562 1548 </p> 1563 <p id="rfc.section. 5.3.6.p.10">Similar to a pipelined HTTP/1.1 request, data to be tunneled from client to server <em class="bcp14">MAY</em> be sent immediately after the request (before a response is received). The usual caveats also apply: data can be discarded1549 <p id="rfc.section.4.3.6.p.10">Similar to a pipelined HTTP/1.1 request, data to be tunneled from client to server <em class="bcp14">MAY</em> be sent immediately after the request (before a response is received). The usual caveats also apply: data can be discarded 1564 1550 if the eventual response is negative, and the connection can be reset with no response if more than one TCP segment is outstanding. 1565 1551 </p> 1566 <p id="rfc.section. 5.3.6.p.11">It might be the case that the proxy itself can only reach the requested origin server through another proxy. In this case,1552 <p id="rfc.section.4.3.6.p.11">It might be the case that the proxy itself can only reach the requested origin server through another proxy. In this case, 1567 1553 the first proxy <em class="bcp14">SHOULD</em> make a CONNECT request of that next proxy, requesting a tunnel to the authority. A proxy <em class="bcp14">MUST NOT</em> respond with any <a href="#status.2xx" class="smpl">2xx</a> status code unless it has either a direct or tunnel connection established to the authority. 1568 1554 </p> 1569 <p id="rfc.section. 5.3.6.p.12">If at any point either one of the peers gets disconnected, any outstanding data that came from that peer will be passed to1555 <p id="rfc.section.4.3.6.p.12">If at any point either one of the peers gets disconnected, any outstanding data that came from that peer will be passed to 1570 1556 the other one, and after that also the other connection will be terminated by the proxy. If there is outstanding data to that 1571 1557 peer undelivered, that data will be discarded. 1572 1558 </p> 1573 <p id="rfc.section. 5.3.6.p.13">An origin server which receives a CONNECT request for itself <em class="bcp14">MAY</em> respond with a <a href="#status.2xx" class="smpl">2xx</a> status code to indicate that a connection is established. However, most origin servers do not implement CONNECT.1574 </p> 1575 <h3 id="rfc.section. 5.3.7"><a href="#rfc.section.5.3.7">5.3.7</a> <a id="OPTIONS" href="#OPTIONS">OPTIONS</a></h3>1559 <p id="rfc.section.4.3.6.p.13">An origin server which receives a CONNECT request for itself <em class="bcp14">MAY</em> respond with a <a href="#status.2xx" class="smpl">2xx</a> status code to indicate that a connection is established. However, most origin servers do not implement CONNECT. 1560 </p> 1561 <h3 id="rfc.section.4.3.7"><a href="#rfc.section.4.3.7">4.3.7</a> <a id="OPTIONS" href="#OPTIONS">OPTIONS</a></h3> 1576 1562 <div id="rfc.iref.o.1"></div> 1577 <p id="rfc.section. 5.3.7.p.1">The OPTIONS method requests information about the communication options available on the request/response chain identified1563 <p id="rfc.section.4.3.7.p.1">The OPTIONS method requests information about the communication options available on the request/response chain identified 1578 1564 by the effective request URI. This method allows a client to determine the options and/or requirements associated with a resource, 1579 1565 or the capabilities of a server, without implying a resource action or initiating a resource retrieval. 1580 1566 </p> 1581 <p id="rfc.section. 5.3.7.p.2">Responses to the OPTIONS method are not cacheable.</p>1582 <p id="rfc.section. 5.3.7.p.3">If the OPTIONS request includes a payload, then the media type <em class="bcp14">MUST</em> be indicated by a <a href="#header.content-type" class="smpl">Content-Type</a> field. Although this specification does not define any use for such a body, future extensions to HTTP might use the OPTIONS1567 <p id="rfc.section.4.3.7.p.2">Responses to the OPTIONS method are not cacheable.</p> 1568 <p id="rfc.section.4.3.7.p.3">If the OPTIONS request includes a payload, then the media type <em class="bcp14">MUST</em> be indicated by a <a href="#header.content-type" class="smpl">Content-Type</a> field. Although this specification does not define any use for such a body, future extensions to HTTP might use the OPTIONS 1583 1569 body to make more detailed queries on the server. 1584 1570 </p> 1585 <p id="rfc.section. 5.3.7.p.4">If the request-target (<a href="p1-messaging.html#request-target" title="Request Target">Section 5.3</a> of <a href="#Part1" id="rfc.xref.Part1.16"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) is an asterisk ("*"), the OPTIONS request is intended to apply to the server in general rather than to a specific resource.1571 <p id="rfc.section.4.3.7.p.4">If the request-target (<a href="p1-messaging.html#request-target" title="Request Target">Section 5.3</a> of <a href="#Part1" id="rfc.xref.Part1.16"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) is an asterisk ("*"), the OPTIONS request is intended to apply to the server in general rather than to a specific resource. 1586 1572 Since a server's communication options typically depend on the resource, the "*" request is only useful as a "ping" or "no-op" 1587 1573 type of method; it does nothing beyond allowing the client to test the capabilities of the server. For example, this can be 1588 1574 used to test a proxy for HTTP/1.1 conformance (or lack thereof). 1589 1575 </p> 1590 <p id="rfc.section. 5.3.7.p.5">If the request-target is not an asterisk, the OPTIONS request applies only to the options that are available when communicating1576 <p id="rfc.section.4.3.7.p.5">If the request-target is not an asterisk, the OPTIONS request applies only to the options that are available when communicating 1591 1577 with that resource. 1592 1578 </p> 1593 <p id="rfc.section. 5.3.7.p.6">A <a href="#status.200" class="smpl">200 (OK)</a> response <em class="bcp14">SHOULD</em> include any header fields that indicate optional features implemented by the server and applicable to that resource (e.g., <a href="#header.allow" class="smpl">Allow</a>), possibly including extensions not defined by this specification. The response payload, if any, <em class="bcp14">SHOULD</em> also include information about the communication options. The format for such a payload is not defined by this specification,1579 <p id="rfc.section.4.3.7.p.6">A <a href="#status.200" class="smpl">200 (OK)</a> response <em class="bcp14">SHOULD</em> include any header fields that indicate optional features implemented by the server and applicable to that resource (e.g., <a href="#header.allow" class="smpl">Allow</a>), possibly including extensions not defined by this specification. The response payload, if any, <em class="bcp14">SHOULD</em> also include information about the communication options. The format for such a payload is not defined by this specification, 1594 1580 but might be defined by future extensions to HTTP. Content negotiation <em class="bcp14">MAY</em> be used to select the appropriate representation. If no payload body is included, the response <em class="bcp14">MUST</em> include a <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a> field with a field-value of "0". 1595 1581 </p> 1596 <p id="rfc.section. 5.3.7.p.7">The <a href="#header.max-forwards" class="smpl">Max-Forwards</a> header field <em class="bcp14">MAY</em> be used to target a specific proxy in the request chain (see <a href="#header.max-forwards" id="rfc.xref.header.max-forwards.1" title="Max-Forwards">Section 6.1.1</a>). If no Max-Forwards field is present in the request, then the forwarded request <em class="bcp14">MUST NOT</em> include a Max-Forwards field.1597 </p> 1598 <h3 id="rfc.section. 5.3.8"><a href="#rfc.section.5.3.8">5.3.8</a> <a id="TRACE" href="#TRACE">TRACE</a></h3>1582 <p id="rfc.section.4.3.7.p.7">The <a href="#header.max-forwards" class="smpl">Max-Forwards</a> header field <em class="bcp14">MAY</em> be used to target a specific proxy in the request chain (see <a href="#header.max-forwards" id="rfc.xref.header.max-forwards.1" title="Max-Forwards">Section 5.1.1</a>). If no Max-Forwards field is present in the request, then the forwarded request <em class="bcp14">MUST NOT</em> include a Max-Forwards field. 1583 </p> 1584 <h3 id="rfc.section.4.3.8"><a href="#rfc.section.4.3.8">4.3.8</a> <a id="TRACE" href="#TRACE">TRACE</a></h3> 1599 1585 <div id="rfc.iref.t.1"></div> 1600 <p id="rfc.section. 5.3.8.p.1">The TRACE method requests a remote, application-level loop-back of the request message. The final recipient of the request <em class="bcp14">SHOULD</em> reflect the message received back to the client as the message body of a <a href="#status.200" class="smpl">200 (OK)</a> response. The final recipient is either the origin server or the first proxy to receive a <a href="#header.max-forwards" class="smpl">Max-Forwards</a> value of zero (0) in the request (see <a href="#header.max-forwards" id="rfc.xref.header.max-forwards.2" title="Max-Forwards">Section 6.1.1</a>). A TRACE request <em class="bcp14">MUST NOT</em> include a message body.1601 </p> 1602 <p id="rfc.section. 5.3.8.p.2">TRACE allows the client to see what is being received at the other end of the request chain and use that data for testing1586 <p id="rfc.section.4.3.8.p.1">The TRACE method requests a remote, application-level loop-back of the request message. The final recipient of the request <em class="bcp14">SHOULD</em> reflect the message received back to the client as the message body of a <a href="#status.200" class="smpl">200 (OK)</a> response. The final recipient is either the origin server or the first proxy to receive a <a href="#header.max-forwards" class="smpl">Max-Forwards</a> value of zero (0) in the request (see <a href="#header.max-forwards" id="rfc.xref.header.max-forwards.2" title="Max-Forwards">Section 5.1.1</a>). A TRACE request <em class="bcp14">MUST NOT</em> include a message body. 1587 </p> 1588 <p id="rfc.section.4.3.8.p.2">TRACE allows the client to see what is being received at the other end of the request chain and use that data for testing 1603 1589 or diagnostic information. The value of the <a href="p1-messaging.html#header.via" class="smpl">Via</a> header field (<a href="p1-messaging.html#header.via" title="Via">Section 5.7.1</a> of <a href="#Part1" id="rfc.xref.Part1.17"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) is of particular interest, since it acts as a trace of the request chain. Use of the <a href="#header.max-forwards" class="smpl">Max-Forwards</a> header field allows the client to limit the length of the request chain, which is useful for testing a chain of proxies forwarding 1604 1590 messages in an infinite loop. 1605 1591 </p> 1606 <p id="rfc.section. 5.3.8.p.3">If the request is valid, the response <em class="bcp14">SHOULD</em> have a <a href="#header.content-type" class="smpl">Content-Type</a> of "message/http" (see <a href="p1-messaging.html#internet.media.type.message.http" title="Internet Media Type message/http">Section 7.3.1</a> of <a href="#Part1" id="rfc.xref.Part1.18"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) and contain a message body that encloses a copy of the entire request message. Responses to the TRACE method are not cacheable.1607 </p> 1608 <h1 id="rfc.section. 6"><a href="#rfc.section.6">6.</a> <a id="request.header.fields" href="#request.header.fields">Request Header Fields</a></h1>1609 <p id="rfc.section. 6.p.1">A client sends request header fields to provide more information about the request context, make the request conditional based1592 <p id="rfc.section.4.3.8.p.3">If the request is valid, the response <em class="bcp14">SHOULD</em> have a <a href="#header.content-type" class="smpl">Content-Type</a> of "message/http" (see <a href="p1-messaging.html#internet.media.type.message.http" title="Internet Media Type message/http">Section 7.3.1</a> of <a href="#Part1" id="rfc.xref.Part1.18"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) and contain a message body that encloses a copy of the entire request message. Responses to the TRACE method are not cacheable. 1593 </p> 1594 <h1 id="rfc.section.5"><a href="#rfc.section.5">5.</a> <a id="request.header.fields" href="#request.header.fields">Request Header Fields</a></h1> 1595 <p id="rfc.section.5.p.1">A client sends request header fields to provide more information about the request context, make the request conditional based 1610 1596 on the target resource state, suggest preferred formats for the response, supply authentication credentials, or modify the 1611 1597 expected request processing. These fields act as request modifiers, similar to the parameters on a programming language method 1612 1598 invocation. 1613 1599 </p> 1614 <h2 id="rfc.section. 6.1"><a href="#rfc.section.6.1">6.1</a> <a id="request.controls" href="#request.controls">Controls</a></h2>1615 <p id="rfc.section. 6.1.p.1">Controls are request header fields that direct specific handling of the request.</p>1600 <h2 id="rfc.section.5.1"><a href="#rfc.section.5.1">5.1</a> <a id="request.controls" href="#request.controls">Controls</a></h2> 1601 <p id="rfc.section.5.1.p.1">Controls are request header fields that direct specific handling of the request.</p> 1616 1602 <div id="rfc.table.u.3"> 1617 1603 <table class="tt full left" cellpadding="3" cellspacing="0"> … … 1629 1615 <tr> 1630 1616 <td class="left">Max-Forwards</td> 1631 <td class="left"><a href="#header.max-forwards" id="rfc.xref.header.max-forwards.3" title="Max-Forwards">Section 6.1.1</a></td>1617 <td class="left"><a href="#header.max-forwards" id="rfc.xref.header.max-forwards.3" title="Max-Forwards">Section 5.1.1</a></td> 1632 1618 </tr> 1633 1619 <tr> 1634 1620 <td class="left">Expect</td> 1635 <td class="left"><a href="#header.expect" id="rfc.xref.header.expect.1" title="Expect">Section 6.1.2</a></td>1621 <td class="left"><a href="#header.expect" id="rfc.xref.header.expect.1" title="Expect">Section 5.1.2</a></td> 1636 1622 </tr> 1637 1623 <tr> … … 1643 1629 </div> 1644 1630 <div id="rfc.iref.m.1"></div> 1645 <h3 id="rfc.section. 6.1.1"><a href="#rfc.section.6.1.1">6.1.1</a> <a id="header.max-forwards" href="#header.max-forwards">Max-Forwards</a></h3>1646 <p id="rfc.section. 6.1.1.p.1">The "Max-Forwards" header field provides a mechanism with the TRACE (<a href="#TRACE" id="rfc.xref.TRACE.2" title="TRACE">Section 5.3.8</a>) and OPTIONS (<a href="#OPTIONS" id="rfc.xref.OPTIONS.2" title="OPTIONS">Section 5.3.7</a>) methods to limit the number of times that the request is forwarded by proxies. This can be useful when the client is attempting1631 <h3 id="rfc.section.5.1.1"><a href="#rfc.section.5.1.1">5.1.1</a> <a id="header.max-forwards" href="#header.max-forwards">Max-Forwards</a></h3> 1632 <p id="rfc.section.5.1.1.p.1">The "Max-Forwards" header field provides a mechanism with the TRACE (<a href="#TRACE" id="rfc.xref.TRACE.2" title="TRACE">Section 4.3.8</a>) and OPTIONS (<a href="#OPTIONS" id="rfc.xref.OPTIONS.2" title="OPTIONS">Section 4.3.7</a>) methods to limit the number of times that the request is forwarded by proxies. This can be useful when the client is attempting 1647 1633 to trace a request which appears to be failing or looping mid-chain. 1648 1634 </p> 1649 <div id="rfc.figure.u.2 2"></div><pre class="inline"><span id="rfc.iref.g.19"></span> <a href="#header.max-forwards" class="smpl">Max-Forwards</a> = 1*<a href="#imported.abnf" class="smpl">DIGIT</a>1650 </pre><p id="rfc.section. 6.1.1.p.3">The Max-Forwards value is a decimal integer indicating the remaining number of times this request message can be forwarded.</p>1651 <p id="rfc.section. 6.1.1.p.4">Each recipient of a TRACE or OPTIONS request containing a Max-Forwards header field <em class="bcp14">MUST</em> check and update its value prior to forwarding the request. If the received value is zero (0), the recipient <em class="bcp14">MUST NOT</em> forward the request; instead, it <em class="bcp14">MUST</em> respond as the final recipient. If the received Max-Forwards value is greater than zero, then the forwarded message <em class="bcp14">MUST</em> contain an updated Max-Forwards field with a value decremented by one (1).1652 </p> 1653 <p id="rfc.section. 6.1.1.p.5">The Max-Forwards header field <em class="bcp14">MAY</em> be ignored for all other request methods.1635 <div id="rfc.figure.u.20"></div><pre class="inline"><span id="rfc.iref.g.17"></span> <a href="#header.max-forwards" class="smpl">Max-Forwards</a> = 1*<a href="#imported.abnf" class="smpl">DIGIT</a> 1636 </pre><p id="rfc.section.5.1.1.p.3">The Max-Forwards value is a decimal integer indicating the remaining number of times this request message can be forwarded.</p> 1637 <p id="rfc.section.5.1.1.p.4">Each recipient of a TRACE or OPTIONS request containing a Max-Forwards header field <em class="bcp14">MUST</em> check and update its value prior to forwarding the request. If the received value is zero (0), the recipient <em class="bcp14">MUST NOT</em> forward the request; instead, it <em class="bcp14">MUST</em> respond as the final recipient. If the received Max-Forwards value is greater than zero, then the forwarded message <em class="bcp14">MUST</em> contain an updated Max-Forwards field with a value decremented by one (1). 1638 </p> 1639 <p id="rfc.section.5.1.1.p.5">The Max-Forwards header field <em class="bcp14">MAY</em> be ignored for all other request methods. 1654 1640 </p> 1655 1641 <div id="rfc.iref.e.1"></div> 1656 <h3 id="rfc.section. 6.1.2"><a href="#rfc.section.6.1.2">6.1.2</a> <a id="header.expect" href="#header.expect">Expect</a></h3>1657 <p id="rfc.section. 6.1.2.p.1">The "Expect" header field is used to indicate that particular server behaviors are required by the client.</p>1658 <div id="rfc.figure.u.2 3"></div><pre class="inline"><span id="rfc.iref.g.20"></span><span id="rfc.iref.g.21"></span><span id="rfc.iref.g.22"></span><span id="rfc.iref.g.23"></span><span id="rfc.iref.g.24"></span> <a href="#header.expect" class="smpl">Expect</a> = 1#<a href="#header.expect" class="smpl">expectation</a>1642 <h3 id="rfc.section.5.1.2"><a href="#rfc.section.5.1.2">5.1.2</a> <a id="header.expect" href="#header.expect">Expect</a></h3> 1643 <p id="rfc.section.5.1.2.p.1">The "Expect" header field is used to indicate that particular server behaviors are required by the client.</p> 1644 <div id="rfc.figure.u.21"></div><pre class="inline"><span id="rfc.iref.g.18"></span><span id="rfc.iref.g.19"></span><span id="rfc.iref.g.20"></span><span id="rfc.iref.g.21"></span><span id="rfc.iref.g.22"></span> <a href="#header.expect" class="smpl">Expect</a> = 1#<a href="#header.expect" class="smpl">expectation</a> 1659 1645 1660 1646 <a href="#header.expect" class="smpl">expectation</a> = <a href="#header.expect" class="smpl">expect-name</a> [ <a href="#imported.abnf" class="smpl">BWS</a> "=" <a href="#imported.abnf" class="smpl">BWS</a> <a href="#header.expect" class="smpl">expect-value</a> ] … … 1664 1650 <a href="#header.expect" class="smpl">expect-name</a> = <a href="#imported.abnf" class="smpl">token</a> 1665 1651 <a href="#header.expect" class="smpl">expect-value</a> = <a href="#imported.abnf" class="smpl">token</a> / <a href="#imported.abnf" class="smpl">quoted-string</a> 1666 </pre><p id="rfc.section. 6.1.2.p.3">If all received Expect header field(s) are syntactically valid but contain an expectation that the recipient does not understand1652 </pre><p id="rfc.section.5.1.2.p.3">If all received Expect header field(s) are syntactically valid but contain an expectation that the recipient does not understand 1667 1653 or cannot comply with, the recipient <em class="bcp14">MUST</em> respond with a <a href="#status.417" class="smpl">417 (Expectation Failed)</a> status code. A recipient of a syntactically invalid Expectation header field <em class="bcp14">MUST</em> respond with a <a href="#status.4xx" class="smpl">4xx</a> status code other than 417. 1668 1654 </p> 1669 <p id="rfc.section. 6.1.2.p.4">The only expectation defined by this specification is:</p>1670 <p id="rfc.section. 6.1.2.p.5"><span id="rfc.iref.48"></span><span id="rfc.iref.e.2"></span> 100-continue1655 <p id="rfc.section.5.1.2.p.4">The only expectation defined by this specification is:</p> 1656 <p id="rfc.section.5.1.2.p.5"><span id="rfc.iref.46"></span><span id="rfc.iref.e.2"></span> 100-continue 1671 1657 </p> 1672 1658 <ul class="empty"> 1673 1659 <li>The "100-continue" expectation is defined below. It does not support any expect-params.</li> 1674 1660 </ul> 1675 <p id="rfc.section. 6.1.2.p.6">Comparison is case-insensitive for names (expect-name), and case-sensitive for values (expect-value).</p>1676 <p id="rfc.section. 6.1.2.p.7">The Expect mechanism is hop-by-hop: the above requirements apply to any server, including proxies. However, the Expect header1661 <p id="rfc.section.5.1.2.p.6">Comparison is case-insensitive for names (expect-name), and case-sensitive for values (expect-value).</p> 1662 <p id="rfc.section.5.1.2.p.7">The Expect mechanism is hop-by-hop: the above requirements apply to any server, including proxies. However, the Expect header 1677 1663 field itself is end-to-end; it <em class="bcp14">MUST</em> be forwarded if the request is forwarded. 1678 1664 </p> 1679 <p id="rfc.section. 6.1.2.p.8">Many older HTTP/1.0 and HTTP/1.1 applications do not understand the Expect header field.</p>1680 <h4 id="rfc.section. 6.1.2.1"><a href="#rfc.section.6.1.2.1">6.1.2.1</a> <a id="use.of.the.100.status" href="#use.of.the.100.status">Use of the 100 (Continue) Status</a></h4>1681 <p id="rfc.section. 6.1.2.1.p.1">The purpose of the <a href="#status.100" class="smpl">100 (Continue)</a> status code (<a href="#status.100" id="rfc.xref.status.100.1" title="100 Continue">Section 7.2.1</a>) is to allow a client that is sending a request message with a payload to determine if the origin server is willing to accept1665 <p id="rfc.section.5.1.2.p.8">Many older HTTP/1.0 and HTTP/1.1 applications do not understand the Expect header field.</p> 1666 <h4 id="rfc.section.5.1.2.1"><a href="#rfc.section.5.1.2.1">5.1.2.1</a> <a id="use.of.the.100.status" href="#use.of.the.100.status">Use of the 100 (Continue) Status</a></h4> 1667 <p id="rfc.section.5.1.2.1.p.1">The purpose of the <a href="#status.100" class="smpl">100 (Continue)</a> status code (<a href="#status.100" id="rfc.xref.status.100.1" title="100 Continue">Section 6.2.1</a>) is to allow a client that is sending a request message with a payload to determine if the origin server is willing to accept 1682 1668 the request (based on the request header fields) before the client sends the payload body. In some cases, it might either 1683 1669 be inappropriate or highly inefficient for the client to send the payload body if the server will reject the message without 1684 1670 looking at the body. 1685 1671 </p> 1686 <p id="rfc.section. 6.1.2.1.p.2">Requirements for HTTP/1.1 clients: </p>1672 <p id="rfc.section.5.1.2.1.p.2">Requirements for HTTP/1.1 clients: </p> 1687 1673 <ul> 1688 1674 <li>If a client will wait for a <a href="#status.100" class="smpl">100 (Continue)</a> response before sending the payload body, it <em class="bcp14">MUST</em> send an <a href="#header.expect" class="smpl">Expect</a> header field with the "100-continue" expectation. … … 1691 1677 </li> 1692 1678 </ul> 1693 <p id="rfc.section. 6.1.2.1.p.3">Because of the presence of older implementations, the protocol allows ambiguous situations in which a client might send "Expect:1679 <p id="rfc.section.5.1.2.1.p.3">Because of the presence of older implementations, the protocol allows ambiguous situations in which a client might send "Expect: 1694 1680 100-continue" without receiving either a <a href="#status.417" class="smpl">417 (Expectation Failed)</a> or a <a href="#status.100" class="smpl">100 (Continue)</a> status code. Therefore, when a client sends this header field to an origin server (possibly via a proxy) from which it has 1695 1681 never seen a <a href="#status.100" class="smpl">100 (Continue)</a> status code, the client <em class="bcp14">SHOULD NOT</em> wait for an indefinite period before sending the payload body. 1696 1682 </p> 1697 <p id="rfc.section. 6.1.2.1.p.4">Requirements for HTTP/1.1 origin servers: </p>1683 <p id="rfc.section.5.1.2.1.p.4">Requirements for HTTP/1.1 origin servers: </p> 1698 1684 <ul> 1699 1685 <li>Upon receiving a request which includes an <a href="#header.expect" class="smpl">Expect</a> header field with the "100-continue" expectation, an origin server <em class="bcp14">MUST</em> either respond with <a href="#status.100" class="smpl">100 (Continue)</a> status code and continue to read from the input stream, or respond with a final status code. The origin server <em class="bcp14">MUST NOT</em> wait for the payload body before sending the <a href="#status.100" class="smpl">100 (Continue)</a> response. If it responds with a final status code, it <em class="bcp14">MAY</em> close the transport connection or it <em class="bcp14">MAY</em> continue to read and discard the rest of the request. It <em class="bcp14">MUST NOT</em> perform the request method if it returns a final status code. … … 1715 1701 </li> 1716 1702 </ul> 1717 <p id="rfc.section. 6.1.2.1.p.5">Requirements for HTTP/1.1 proxies: </p>1703 <p id="rfc.section.5.1.2.1.p.5">Requirements for HTTP/1.1 proxies: </p> 1718 1704 <ul> 1719 1705 <li>If a proxy receives a request that includes an <a href="#header.expect" class="smpl">Expect</a> header field with the "100-continue" expectation, and the proxy either knows that the next-hop server complies with HTTP/1.1 … … 1724 1710 <li>Proxies <em class="bcp14">SHOULD</em> maintain a record of the HTTP version numbers received from recently-referenced next-hop servers. 1725 1711 </li> 1726 <li>A proxy <em class="bcp14">MUST NOT</em> forward a <a href="#status.100" class="smpl">100 (Continue)</a> response if the request message was received from an HTTP/1.0 (or earlier) client and did not include an <a href="#header.expect" class="smpl">Expect</a> header field with the "100-continue" expectation. This requirement overrides the general rule for forwarding of <a href="#status.1xx" class="smpl">1xx</a> responses (see <a href="#status.100" id="rfc.xref.status.100.2" title="100 Continue">Section 7.2.1</a>).1712 <li>A proxy <em class="bcp14">MUST NOT</em> forward a <a href="#status.100" class="smpl">100 (Continue)</a> response if the request message was received from an HTTP/1.0 (or earlier) client and did not include an <a href="#header.expect" class="smpl">Expect</a> header field with the "100-continue" expectation. This requirement overrides the general rule for forwarding of <a href="#status.1xx" class="smpl">1xx</a> responses (see <a href="#status.100" id="rfc.xref.status.100.2" title="100 Continue">Section 6.2.1</a>). 1727 1713 </li> 1728 1714 </ul> 1729 <h2 id="rfc.section. 6.2"><a href="#rfc.section.6.2">6.2</a> <a id="request.conditionals" href="#request.conditionals">Conditionals</a></h2>1730 <p id="rfc.section. 6.2.p.1">Conditionals are request header fields that indicate a precondition to be tested before applying the method semantics to the1715 <h2 id="rfc.section.5.2"><a href="#rfc.section.5.2">5.2</a> <a id="request.conditionals" href="#request.conditionals">Conditionals</a></h2> 1716 <p id="rfc.section.5.2.p.1">Conditionals are request header fields that indicate a precondition to be tested before applying the method semantics to the 1731 1717 target resource. Each precondition is based on metadata that is expected to change if the selected representation of the target 1732 1718 resource is changed. The HTTP/1.1 conditional request mechanisms are defined in <a href="#Part4" id="rfc.xref.Part4.2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>. … … 1764 1750 </table> 1765 1751 </div> 1766 <h2 id="rfc.section. 6.3"><a href="#rfc.section.6.3">6.3</a> <a id="request.conneg" href="#request.conneg">Content Negotiation</a></h2>1752 <h2 id="rfc.section.5.3"><a href="#rfc.section.5.3">5.3</a> <a id="request.conneg" href="#request.conneg">Content Negotiation</a></h2> 1767 1753 <div id="rfc.table.u.5"> 1768 1754 <table class="tt full left" cellpadding="3" cellspacing="0"> … … 1776 1762 <tr> 1777 1763 <td class="left">Accept</td> 1778 <td class="left"><a href="#header.accept" id="rfc.xref.header.accept.2" title="Accept">Section 6.3.2</a></td>1764 <td class="left"><a href="#header.accept" id="rfc.xref.header.accept.2" title="Accept">Section 5.3.2</a></td> 1779 1765 </tr> 1780 1766 <tr> 1781 1767 <td class="left">Accept-Charset</td> 1782 <td class="left"><a href="#header.accept-charset" id="rfc.xref.header.accept-charset.1" title="Accept-Charset">Section 6.3.3</a></td>1768 <td class="left"><a href="#header.accept-charset" id="rfc.xref.header.accept-charset.1" title="Accept-Charset">Section 5.3.3</a></td> 1783 1769 </tr> 1784 1770 <tr> 1785 1771 <td class="left">Accept-Encoding</td> 1786 <td class="left"><a href="#header.accept-encoding" id="rfc.xref.header.accept-encoding.2" title="Accept-Encoding">Section 6.3.4</a></td>1772 <td class="left"><a href="#header.accept-encoding" id="rfc.xref.header.accept-encoding.2" title="Accept-Encoding">Section 5.3.4</a></td> 1787 1773 </tr> 1788 1774 <tr> 1789 1775 <td class="left">Accept-Language</td> 1790 <td class="left"><a href="#header.accept-language" id="rfc.xref.header.accept-language.1" title="Accept-Language">Section 6.3.5</a></td>1776 <td class="left"><a href="#header.accept-language" id="rfc.xref.header.accept-language.1" title="Accept-Language">Section 5.3.5</a></td> 1791 1777 </tr> 1792 1778 </tbody> 1793 1779 </table> 1794 1780 </div> 1795 <h3 id="rfc.section. 6.3.1"><a href="#rfc.section.6.3.1">6.3.1</a> <a id="quality.values" href="#quality.values">Quality Values</a></h3>1796 <p id="rfc.section. 6.3.1.p.1">Many of the request header fields for proactive content negotiation use a common parameter, named "q" (case-insensitive),1781 <h3 id="rfc.section.5.3.1"><a href="#rfc.section.5.3.1">5.3.1</a> <a id="quality.values" href="#quality.values">Quality Values</a></h3> 1782 <p id="rfc.section.5.3.1.p.1">Many of the request header fields for proactive content negotiation use a common parameter, named "q" (case-insensitive), 1797 1783 to assign a relative "weight" to the preference for that associated kind of content. This weight is referred to as a "quality 1798 1784 value" (or "qvalue") because the same parameter name is often used within server configurations to assign a weight to the 1799 1785 relative quality of the various representations that can be selected for a resource. 1800 1786 </p> 1801 <p id="rfc.section. 6.3.1.p.2">The weight is normalized to a real number in the range 0 through 1, where 0.001 is the least preferred and 1 is the most preferred;1787 <p id="rfc.section.5.3.1.p.2">The weight is normalized to a real number in the range 0 through 1, where 0.001 is the least preferred and 1 is the most preferred; 1802 1788 a value of 0 means "not acceptable". If no "q" parameter is present, the default weight is 1. 1803 1789 </p> 1804 <div id="rfc.figure.u.2 4"></div><pre class="inline"><span id="rfc.iref.g.25"></span><span id="rfc.iref.g.26"></span> <a href="#quality.values" class="smpl">weight</a> = <a href="#imported.abnf" class="smpl">OWS</a> ";" <a href="#imported.abnf" class="smpl">OWS</a> "q=" <a href="#quality.values" class="smpl">qvalue</a>1790 <div id="rfc.figure.u.22"></div><pre class="inline"><span id="rfc.iref.g.23"></span><span id="rfc.iref.g.24"></span> <a href="#quality.values" class="smpl">weight</a> = <a href="#imported.abnf" class="smpl">OWS</a> ";" <a href="#imported.abnf" class="smpl">OWS</a> "q=" <a href="#quality.values" class="smpl">qvalue</a> 1805 1791 <a href="#quality.values" class="smpl">qvalue</a> = ( "0" [ "." 0*3<a href="#imported.abnf" class="smpl">DIGIT</a> ] ) 1806 1792 / ( "1" [ "." 0*3("0") ] ) 1807 </pre><p id="rfc.section. 6.3.1.p.4">A sender of qvalue <em class="bcp14">MUST NOT</em> generate more than three digits after the decimal point. User configuration of these values ought to be limited in the same1793 </pre><p id="rfc.section.5.3.1.p.4">A sender of qvalue <em class="bcp14">MUST NOT</em> generate more than three digits after the decimal point. User configuration of these values ought to be limited in the same 1808 1794 fashion. 1809 1795 </p> 1810 1796 <div id="rfc.iref.a.1"></div> 1811 <h3 id="rfc.section. 6.3.2"><a href="#rfc.section.6.3.2">6.3.2</a> <a id="header.accept" href="#header.accept">Accept</a></h3>1812 <p id="rfc.section. 6.3.2.p.1">The "Accept" header field can be used by user agents to specify response media types that are acceptable. Accept header fields1797 <h3 id="rfc.section.5.3.2"><a href="#rfc.section.5.3.2">5.3.2</a> <a id="header.accept" href="#header.accept">Accept</a></h3> 1798 <p id="rfc.section.5.3.2.p.1">The "Accept" header field can be used by user agents to specify response media types that are acceptable. Accept header fields 1813 1799 can be used to indicate that the request is specifically limited to a small set of desired types, as in the case of a request 1814 1800 for an in-line image. 1815 1801 </p> 1816 <div id="rfc.figure.u.2 5"></div><pre class="inline"><span id="rfc.iref.g.27"></span><span id="rfc.iref.g.28"></span><span id="rfc.iref.g.29"></span><span id="rfc.iref.g.30"></span> <a href="#header.accept" class="smpl">Accept</a> = #( <a href="#header.accept" class="smpl">media-range</a> [ <a href="#header.accept" class="smpl">accept-params</a> ] )1802 <div id="rfc.figure.u.23"></div><pre class="inline"><span id="rfc.iref.g.25"></span><span id="rfc.iref.g.26"></span><span id="rfc.iref.g.27"></span><span id="rfc.iref.g.28"></span> <a href="#header.accept" class="smpl">Accept</a> = #( <a href="#header.accept" class="smpl">media-range</a> [ <a href="#header.accept" class="smpl">accept-params</a> ] ) 1817 1803 1818 1804 <a href="#header.accept" class="smpl">media-range</a> = ( "*/*" … … 1822 1808 <a href="#header.accept" class="smpl">accept-params</a> = <a href="#quality.values" class="smpl">weight</a> *( <a href="#header.accept" class="smpl">accept-ext</a> ) 1823 1809 <a href="#header.accept" class="smpl">accept-ext</a> = <a href="#imported.abnf" class="smpl">OWS</a> ";" <a href="#imported.abnf" class="smpl">OWS</a> <a href="#imported.abnf" class="smpl">token</a> [ "=" <a href="#imported.abnf" class="smpl">word</a> ] 1824 </pre><p id="rfc.section. 6.3.2.p.3">The asterisk "*" character is used to group media types into ranges, with "*/*" indicating all media types and "type/*" indicating1810 </pre><p id="rfc.section.5.3.2.p.3">The asterisk "*" character is used to group media types into ranges, with "*/*" indicating all media types and "type/*" indicating 1825 1811 all subtypes of that type. The media-range <em class="bcp14">MAY</em> include media type parameters that are applicable to that range. 1826 1812 </p> 1827 <p id="rfc.section. 6.3.2.p.4">Each media-range <em class="bcp14">MAY</em> be followed by one or more accept-params, beginning with the "q" parameter for indicating a relative weight, as defined in <a href="#quality.values" title="Quality Values">Section 6.3.1</a>. The first "q" parameter (if any) separates the media-range parameter(s) from the accept-params.1828 </p> 1829 <div class="note" id="rfc.section. 6.3.2.p.5">1813 <p id="rfc.section.5.3.2.p.4">Each media-range <em class="bcp14">MAY</em> be followed by one or more accept-params, beginning with the "q" parameter for indicating a relative weight, as defined in <a href="#quality.values" title="Quality Values">Section 5.3.1</a>. The first "q" parameter (if any) separates the media-range parameter(s) from the accept-params. 1814 </p> 1815 <div class="note" id="rfc.section.5.3.2.p.5"> 1830 1816 <p> <b>Note:</b> Use of the "q" parameter name to separate media type parameters from Accept extension parameters is due to historical practice. 1831 1817 Although this prevents any media type parameter named "q" from being used with a media range, such an event is believed to … … 1834 1820 </p> 1835 1821 </div> 1836 <p id="rfc.section. 6.3.2.p.6">The example</p>1837 <div id="rfc.figure.u.2 6"></div><pre class="text"> Accept: audio/*; q=0.2, audio/basic1838 </pre><p id="rfc.section. 6.3.2.p.8"> <em class="bcp14">SHOULD</em> be interpreted as "I prefer audio/basic, but send me any audio type if it is the best available after an 80% mark-down in1822 <p id="rfc.section.5.3.2.p.6">The example</p> 1823 <div id="rfc.figure.u.24"></div><pre class="text"> Accept: audio/*; q=0.2, audio/basic 1824 </pre><p id="rfc.section.5.3.2.p.8"> <em class="bcp14">SHOULD</em> be interpreted as "I prefer audio/basic, but send me any audio type if it is the best available after an 80% mark-down in 1839 1825 quality". 1840 1826 </p> 1841 <p id="rfc.section. 6.3.2.p.9">A request without any Accept header field implies that the user agent will accept any media type in response. If an Accept1827 <p id="rfc.section.5.3.2.p.9">A request without any Accept header field implies that the user agent will accept any media type in response. If an Accept 1842 1828 header field is present in a request and none of the available representations for the response have a media type that is 1843 1829 listed as acceptable, the origin server <em class="bcp14">MAY</em> either honor the Accept header field by sending a <a href="#status.406" class="smpl">406 (Not Acceptable)</a> response or disregard the Accept header field by treating the response as if it is not subject to content negotiation. 1844 1830 </p> 1845 <p id="rfc.section. 6.3.2.p.10">A more elaborate example is</p>1846 <div id="rfc.figure.u.2 7"></div><pre class="text"> Accept: text/plain; q=0.5, text/html,1831 <p id="rfc.section.5.3.2.p.10">A more elaborate example is</p> 1832 <div id="rfc.figure.u.25"></div><pre class="text"> Accept: text/plain; q=0.5, text/html, 1847 1833 text/x-dvi; q=0.8, text/x-c 1848 </pre><p id="rfc.section. 6.3.2.p.12">Verbally, this would be interpreted as "text/html and text/x-c are the equally preferred media types, but if they do not exist,1834 </pre><p id="rfc.section.5.3.2.p.12">Verbally, this would be interpreted as "text/html and text/x-c are the equally preferred media types, but if they do not exist, 1849 1835 then send the text/x-dvi representation, and if that does not exist, send the text/plain representation". 1850 1836 </p> 1851 <p id="rfc.section. 6.3.2.p.13">Media ranges can be overridden by more specific media ranges or specific media types. If more than one media range applies1837 <p id="rfc.section.5.3.2.p.13">Media ranges can be overridden by more specific media ranges or specific media types. If more than one media range applies 1852 1838 to a given type, the most specific reference has precedence. For example, 1853 1839 </p> 1854 <div id="rfc.figure.u.2 8"></div><pre class="text"> Accept: text/*, text/plain, text/plain;format=flowed, */*1855 </pre><p id="rfc.section. 6.3.2.p.15">have the following precedence: </p>1840 <div id="rfc.figure.u.26"></div><pre class="text"> Accept: text/*, text/plain, text/plain;format=flowed, */* 1841 </pre><p id="rfc.section.5.3.2.p.15">have the following precedence: </p> 1856 1842 <ol> 1857 1843 <li>text/plain;format=flowed</li> … … 1860 1846 <li>*/*</li> 1861 1847 </ol> 1862 <p id="rfc.section. 6.3.2.p.16">The media type quality factor associated with a given type is determined by finding the media range with the highest precedence1848 <p id="rfc.section.5.3.2.p.16">The media type quality factor associated with a given type is determined by finding the media range with the highest precedence 1863 1849 which matches that type. For example, 1864 1850 </p> 1865 <div id="rfc.figure.u.2 9"></div><pre class="text"> Accept: text/*;q=0.3, text/html;q=0.7, text/html;level=1,1851 <div id="rfc.figure.u.27"></div><pre class="text"> Accept: text/*;q=0.3, text/html;q=0.7, text/html;level=1, 1866 1852 text/html;level=2;q=0.4, */*;q=0.5 1867 </pre><p id="rfc.section. 6.3.2.p.18">would cause the following values to be associated:</p>1853 </pre><p id="rfc.section.5.3.2.p.18">would cause the following values to be associated:</p> 1868 1854 <div id="rfc.table.u.6"> 1869 1855 <table class="tt full left" cellpadding="3" cellspacing="0"> … … 1902 1888 </table> 1903 1889 </div> 1904 <p id="rfc.section. 6.3.2.p.19"> <b>Note:</b> A user agent might be provided with a default set of quality values for certain media ranges. However, unless the user agent1890 <p id="rfc.section.5.3.2.p.19"> <b>Note:</b> A user agent might be provided with a default set of quality values for certain media ranges. However, unless the user agent 1905 1891 is a closed system which cannot interact with other rendering agents, this default set ought to be configurable by the user. 1906 1892 </p> 1907 1893 <div id="rfc.iref.a.2"></div> 1908 <h3 id="rfc.section. 6.3.3"><a href="#rfc.section.6.3.3">6.3.3</a> <a id="header.accept-charset" href="#header.accept-charset">Accept-Charset</a></h3>1909 <p id="rfc.section. 6.3.3.p.1">The "Accept-Charset" header field can be sent by a user agent to indicate what charsets are acceptable in a selected representation.1894 <h3 id="rfc.section.5.3.3"><a href="#rfc.section.5.3.3">5.3.3</a> <a id="header.accept-charset" href="#header.accept-charset">Accept-Charset</a></h3> 1895 <p id="rfc.section.5.3.3.p.1">The "Accept-Charset" header field can be sent by a user agent to indicate what charsets are acceptable in a selected representation. 1910 1896 This field allows user agents capable of understanding more comprehensive or special-purpose charsets to signal that capability 1911 1897 to an origin server which is capable of representing documents in those charsets. 1912 1898 </p> 1913 <div id="rfc.figure.u. 30"></div><pre class="inline"><span id="rfc.iref.g.31"></span> <a href="#header.accept-charset" class="smpl">Accept-Charset</a> = 1#( ( <a href="#charset" class="smpl">charset</a> / "*" ) [ <a href="#quality.values" class="smpl">weight</a> ] )1914 </pre><p id="rfc.section. 6.3.3.p.3">Charset names are defined in <a href="#charset" title="Charset">Section 3.1.1.2</a>. A user agent <em class="bcp14">MAY</em> associate a quality value with each charset to indicate the user's relative preference for that charset, as defined in <a href="#quality.values" title="Quality Values">Section 6.3.1</a>. An example is1915 </p> 1916 <div id="rfc.figure.u. 31"></div><pre class="text"> Accept-Charset: iso-8859-5, unicode-1-1;q=0.81917 </pre><p id="rfc.section. 6.3.3.p.5">The special value "*", if present in the Accept-Charset field, matches every charset which is not mentioned elsewhere in the1899 <div id="rfc.figure.u.28"></div><pre class="inline"><span id="rfc.iref.g.29"></span> <a href="#header.accept-charset" class="smpl">Accept-Charset</a> = 1#( ( <a href="#charset" class="smpl">charset</a> / "*" ) [ <a href="#quality.values" class="smpl">weight</a> ] ) 1900 </pre><p id="rfc.section.5.3.3.p.3">Charset names are defined in <a href="#charset" title="Charset">Section 3.1.1.2</a>. A user agent <em class="bcp14">MAY</em> associate a quality value with each charset to indicate the user's relative preference for that charset, as defined in <a href="#quality.values" title="Quality Values">Section 5.3.1</a>. An example is 1901 </p> 1902 <div id="rfc.figure.u.29"></div><pre class="text"> Accept-Charset: iso-8859-5, unicode-1-1;q=0.8 1903 </pre><p id="rfc.section.5.3.3.p.5">The special value "*", if present in the Accept-Charset field, matches every charset which is not mentioned elsewhere in the 1918 1904 Accept-Charset field. If no "*" is present in an Accept-Charset field, then any charsets not explicitly mentioned in the field 1919 1905 are considered "not acceptable" to the client. 1920 1906 </p> 1921 <p id="rfc.section. 6.3.3.p.6">A request without any Accept-Charset header field implies that the user agent will accept any charset in response. Most general-purpose1907 <p id="rfc.section.5.3.3.p.6">A request without any Accept-Charset header field implies that the user agent will accept any charset in response. Most general-purpose 1922 1908 user agents do not send Accept-Charset, unless specifically configured to do so, because a detailed list of supported charsets 1923 1909 makes it easier for a server to identify an individual by virtue of the user agent's request characteristics (a.k.a., fingerprinting). 1924 1910 </p> 1925 <p id="rfc.section. 6.3.3.p.7">If an Accept-Charset header field is present in a request and none of the available representations for the response has a1911 <p id="rfc.section.5.3.3.p.7">If an Accept-Charset header field is present in a request and none of the available representations for the response has a 1926 1912 charset that is listed as acceptable, the origin server <em class="bcp14">MAY</em> either honor the Accept-Charset header field, by sending a <a href="#status.406" class="smpl">406 (Not Acceptable)</a> response, or disregard the Accept-Charset header field by treating the resource as if it is not subject to content negotiation. 1927 1913 </p> 1928 1914 <div id="rfc.iref.a.3"></div> 1929 <h3 id="rfc.section. 6.3.4"><a href="#rfc.section.6.3.4">6.3.4</a> <a id="header.accept-encoding" href="#header.accept-encoding">Accept-Encoding</a></h3>1930 <p id="rfc.section. 6.3.4.p.1">The "Accept-Encoding" header field can be used by user agents to indicate what response content-codings (<a href="#content.codings" title="Content Codings">Section 3.1.2.1</a>) are acceptable in the response. An "identity" token is used as a synonym for "no encoding" in order to communicate when1915 <h3 id="rfc.section.5.3.4"><a href="#rfc.section.5.3.4">5.3.4</a> <a id="header.accept-encoding" href="#header.accept-encoding">Accept-Encoding</a></h3> 1916 <p id="rfc.section.5.3.4.p.1">The "Accept-Encoding" header field can be used by user agents to indicate what response content-codings (<a href="#content.codings" title="Content Codings">Section 3.1.2.1</a>) are acceptable in the response. An "identity" token is used as a synonym for "no encoding" in order to communicate when 1931 1917 no encoding is preferred. 1932 1918 </p> 1933 <div id="rfc.figure.u.3 2"></div><pre class="inline"><span id="rfc.iref.g.32"></span><span id="rfc.iref.g.33"></span> <a href="#header.accept-encoding" class="smpl">Accept-Encoding</a> = #( <a href="#header.accept-encoding" class="smpl">codings</a> [ <a href="#quality.values" class="smpl">weight</a> ] )1919 <div id="rfc.figure.u.30"></div><pre class="inline"><span id="rfc.iref.g.30"></span><span id="rfc.iref.g.31"></span> <a href="#header.accept-encoding" class="smpl">Accept-Encoding</a> = #( <a href="#header.accept-encoding" class="smpl">codings</a> [ <a href="#quality.values" class="smpl">weight</a> ] ) 1934 1920 <a href="#header.accept-encoding" class="smpl">codings</a> = <a href="#content.codings" class="smpl">content-coding</a> / "identity" / "*" 1935 </pre><p id="rfc.section. 6.3.4.p.3">Each codings value <em class="bcp14">MAY</em> be given an associated quality value which represents the preference for that encoding, as defined in <a href="#quality.values" title="Quality Values">Section 6.3.1</a>.1936 </p> 1937 <p id="rfc.section. 6.3.4.p.4">For example,</p>1938 <div id="rfc.figure.u.3 3"></div><pre class="text"> Accept-Encoding: compress, gzip1921 </pre><p id="rfc.section.5.3.4.p.3">Each codings value <em class="bcp14">MAY</em> be given an associated quality value which represents the preference for that encoding, as defined in <a href="#quality.values" title="Quality Values">Section 5.3.1</a>. 1922 </p> 1923 <p id="rfc.section.5.3.4.p.4">For example,</p> 1924 <div id="rfc.figure.u.31"></div><pre class="text"> Accept-Encoding: compress, gzip 1939 1925 Accept-Encoding: 1940 1926 Accept-Encoding: * 1941 1927 Accept-Encoding: compress;q=0.5, gzip;q=1.0 1942 1928 Accept-Encoding: gzip;q=1.0, identity; q=0.5, *;q=0 1943 </pre><p id="rfc.section. 6.3.4.p.6">A server tests whether a content-coding for a given representation is acceptable, according to an Accept-Encoding field, using1929 </pre><p id="rfc.section.5.3.4.p.6">A server tests whether a content-coding for a given representation is acceptable, according to an Accept-Encoding field, using 1944 1930 these rules: 1945 1931 </p> … … 1952 1938 </li> 1953 1939 <li>If the representation's content-coding is one of the content-codings listed in the Accept-Encoding field, then it is acceptable 1954 unless it is accompanied by a qvalue of 0. (As defined in <a href="#quality.values" title="Quality Values">Section 6.3.1</a>, a qvalue of 0 means "not acceptable".)1940 unless it is accompanied by a qvalue of 0. (As defined in <a href="#quality.values" title="Quality Values">Section 5.3.1</a>, a qvalue of 0 means "not acceptable".) 1955 1941 </li> 1956 1942 <li>If multiple content-codings are acceptable, then the acceptable content-coding with the highest non-zero qvalue is preferred.</li> 1957 1943 </ol> 1958 <p id="rfc.section. 6.3.4.p.7">An Accept-Encoding header field with a combined field-value that is empty implies that the user agent does not want any content-coding1944 <p id="rfc.section.5.3.4.p.7">An Accept-Encoding header field with a combined field-value that is empty implies that the user agent does not want any content-coding 1959 1945 in response. If an Accept-Encoding header field is present in a request and none of the available representations for the 1960 1946 response have a content-coding that is listed as acceptable, the origin server <em class="bcp14">SHOULD</em> send a response without any content-coding. 1961 1947 </p> 1962 <p id="rfc.section. 6.3.4.p.8">A request without an Accept-Encoding header field implies that the user agent will accept any content-coding in response.</p>1963 <div class="note" id="rfc.section. 6.3.4.p.9">1948 <p id="rfc.section.5.3.4.p.8">A request without an Accept-Encoding header field implies that the user agent will accept any content-coding in response.</p> 1949 <div class="note" id="rfc.section.5.3.4.p.9"> 1964 1950 <p> <b>Note:</b> Most HTTP/1.0 applications do not recognize or obey qvalues associated with content-codings. This means that qvalues will 1965 1951 not work and are not permitted with x-gzip or x-compress. … … 1967 1953 </div> 1968 1954 <div id="rfc.iref.a.4"></div> 1969 <h3 id="rfc.section. 6.3.5"><a href="#rfc.section.6.3.5">6.3.5</a> <a id="header.accept-language" href="#header.accept-language">Accept-Language</a></h3>1970 <p id="rfc.section. 6.3.5.p.1">The "Accept-Language" header field can be used by user agents to indicate the set of natural languages that are preferred1955 <h3 id="rfc.section.5.3.5"><a href="#rfc.section.5.3.5">5.3.5</a> <a id="header.accept-language" href="#header.accept-language">Accept-Language</a></h3> 1956 <p id="rfc.section.5.3.5.p.1">The "Accept-Language" header field can be used by user agents to indicate the set of natural languages that are preferred 1971 1957 in the response. Language tags are defined in <a href="#language.tags" title="Language Tags">Section 3.1.3.1</a>. 1972 1958 </p> 1973 <div id="rfc.figure.u.3 4"></div><pre class="inline"><span id="rfc.iref.g.34"></span><span id="rfc.iref.g.35"></span> <a href="#header.accept-language" class="smpl">Accept-Language</a> = 1#( <a href="#header.accept-language" class="smpl">language-range</a> [ <a href="#quality.values" class="smpl">weight</a> ] )1959 <div id="rfc.figure.u.32"></div><pre class="inline"><span id="rfc.iref.g.32"></span><span id="rfc.iref.g.33"></span> <a href="#header.accept-language" class="smpl">Accept-Language</a> = 1#( <a href="#header.accept-language" class="smpl">language-range</a> [ <a href="#quality.values" class="smpl">weight</a> ] ) 1974 1960 <a href="#header.accept-language" class="smpl">language-range</a> = 1975 1961 <language-range, defined in <a href="#RFC4647" id="rfc.xref.RFC4647.1"><cite title="Matching of Language Tags">[RFC4647]</cite></a>, <a href="http://tools.ietf.org/html/rfc4647#section-2.1">Section 2.1</a>> 1976 </pre><p id="rfc.section. 6.3.5.p.3">Each language-range can be given an associated quality value which represents an estimate of the user's preference for the1977 languages specified by that range, as defined in <a href="#quality.values" title="Quality Values">Section 6.3.1</a>. For example,1978 </p> 1979 <div id="rfc.figure.u.3 5"></div><pre class="text"> Accept-Language: da, en-gb;q=0.8, en;q=0.71980 </pre><p id="rfc.section. 6.3.5.p.5">would mean: "I prefer Danish, but will accept British English and other types of English". (See also <a href="http://tools.ietf.org/html/rfc4647#section-2.3">Section 2.3</a> of <a href="#RFC4647" id="rfc.xref.RFC4647.2"><cite title="Matching of Language Tags">[RFC4647]</cite></a>)1981 </p> 1982 <p id="rfc.section. 6.3.5.p.6">For matching, <a href="http://tools.ietf.org/html/rfc4647#section-3">Section 3</a> of <a href="#RFC4647" id="rfc.xref.RFC4647.3"><cite title="Matching of Language Tags">[RFC4647]</cite></a> defines several matching schemes. Implementations can offer the most appropriate matching scheme for their requirements.1983 </p> 1984 <div class="note" id="rfc.section. 6.3.5.p.7">1962 </pre><p id="rfc.section.5.3.5.p.3">Each language-range can be given an associated quality value which represents an estimate of the user's preference for the 1963 languages specified by that range, as defined in <a href="#quality.values" title="Quality Values">Section 5.3.1</a>. For example, 1964 </p> 1965 <div id="rfc.figure.u.33"></div><pre class="text"> Accept-Language: da, en-gb;q=0.8, en;q=0.7 1966 </pre><p id="rfc.section.5.3.5.p.5">would mean: "I prefer Danish, but will accept British English and other types of English". (See also <a href="http://tools.ietf.org/html/rfc4647#section-2.3">Section 2.3</a> of <a href="#RFC4647" id="rfc.xref.RFC4647.2"><cite title="Matching of Language Tags">[RFC4647]</cite></a>) 1967 </p> 1968 <p id="rfc.section.5.3.5.p.6">For matching, <a href="http://tools.ietf.org/html/rfc4647#section-3">Section 3</a> of <a href="#RFC4647" id="rfc.xref.RFC4647.3"><cite title="Matching of Language Tags">[RFC4647]</cite></a> defines several matching schemes. Implementations can offer the most appropriate matching scheme for their requirements. 1969 </p> 1970 <div class="note" id="rfc.section.5.3.5.p.7"> 1985 1971 <p> <b>Note:</b> The "Basic Filtering" scheme (<a href="#RFC4647" id="rfc.xref.RFC4647.4"><cite title="Matching of Language Tags">[RFC4647]</cite></a>, <a href="http://tools.ietf.org/html/rfc4647#section-3.3.1">Section 3.3.1</a>) is identical to the matching scheme that was previously defined in <a href="http://tools.ietf.org/html/rfc2616#section-14.4">Section 14.4</a> of <a href="#RFC2616" id="rfc.xref.RFC2616.1"><cite title="Hypertext Transfer Protocol -- HTTP/1.1">[RFC2616]</cite></a>. 1986 1972 </p> 1987 1973 </div> 1988 <p id="rfc.section. 6.3.5.p.8">It might be contrary to the privacy expectations of the user to send an Accept-Language header field with the complete linguistic1989 preferences of the user in every request. For a discussion of this issue, see <a href="#privacy.issues.connected.to.accept.header.fields" title="Privacy Issues Connected to Accept Header Fields">Section 10.5</a>.1990 </p> 1991 <p id="rfc.section. 6.3.5.p.9">As intelligibility is highly dependent on the individual user, it is recommended that client applications make the choice1974 <p id="rfc.section.5.3.5.p.8">It might be contrary to the privacy expectations of the user to send an Accept-Language header field with the complete linguistic 1975 preferences of the user in every request. For a discussion of this issue, see <a href="#privacy.issues.connected.to.accept.header.fields" title="Privacy Issues Connected to Accept Header Fields">Section 9.5</a>. 1976 </p> 1977 <p id="rfc.section.5.3.5.p.9">As intelligibility is highly dependent on the individual user, it is recommended that client applications make the choice 1992 1978 of linguistic preference available to the user. If the choice is not made available, then the Accept-Language header field <em class="bcp14">MUST NOT</em> be given in the request. 1993 1979 </p> 1994 <div class="note" id="rfc.section. 6.3.5.p.10">1980 <div class="note" id="rfc.section.5.3.5.p.10"> 1995 1981 <p> <b>Note:</b> When making the choice of linguistic preference available to the user, we remind implementers of the fact that users are not 1996 1982 familiar with the details of language matching as described above, and ought to be provided appropriate guidance. As an example, … … 1999 1985 </p> 2000 1986 </div> 2001 <h2 id="rfc.section. 6.4"><a href="#rfc.section.6.4">6.4</a> <a id="request.auth" href="#request.auth">Authentication Credentials</a></h2>1987 <h2 id="rfc.section.5.4"><a href="#rfc.section.5.4">5.4</a> <a id="request.auth" href="#request.auth">Authentication Credentials</a></h2> 2002 1988 <div id="rfc.table.u.7"> 2003 1989 <table class="tt full left" cellpadding="3" cellspacing="0"> … … 2020 2006 </table> 2021 2007 </div> 2022 <h2 id="rfc.section. 6.5"><a href="#rfc.section.6.5">6.5</a> <a id="request.context" href="#request.context">Context</a></h2>2008 <h2 id="rfc.section.5.5"><a href="#rfc.section.5.5">5.5</a> <a id="request.context" href="#request.context">Request Context</a></h2> 2023 2009 <div id="rfc.table.u.8"> 2024 2010 <table class="tt full left" cellpadding="3" cellspacing="0"> … … 2032 2018 <tr> 2033 2019 <td class="left">From</td> 2034 <td class="left"><a href="#header.from" id="rfc.xref.header.from.1" title="From">Section 6.5.1</a></td>2020 <td class="left"><a href="#header.from" id="rfc.xref.header.from.1" title="From">Section 5.5.1</a></td> 2035 2021 </tr> 2036 2022 <tr> 2037 2023 <td class="left">Referer</td> 2038 <td class="left"><a href="#header.referer" id="rfc.xref.header.referer.1" title="Referer">Section 6.5.2</a></td>2024 <td class="left"><a href="#header.referer" id="rfc.xref.header.referer.1" title="Referer">Section 5.5.2</a></td> 2039 2025 </tr> 2040 2026 <tr> … … 2044 2030 <tr> 2045 2031 <td class="left">User-Agent</td> 2046 <td class="left"><a href="#header.user-agent" id="rfc.xref.header.user-agent.1" title="User-Agent">Section 6.5.3</a></td>2032 <td class="left"><a href="#header.user-agent" id="rfc.xref.header.user-agent.1" title="User-Agent">Section 5.5.3</a></td> 2047 2033 </tr> 2048 2034 </tbody> … … 2050 2036 </div> 2051 2037 <div id="rfc.iref.f.1"></div> 2052 <h3 id="rfc.section. 6.5.1"><a href="#rfc.section.6.5.1">6.5.1</a> <a id="header.from" href="#header.from">From</a></h3>2053 <p id="rfc.section. 6.5.1.p.1">The "From" header field, if given, <em class="bcp14">SHOULD</em> contain an Internet e-mail address for the human user who controls the requesting user agent. The address <em class="bcp14">SHOULD</em> be machine-usable, as defined by "mailbox" in <a href="http://tools.ietf.org/html/rfc5322#section-3.4">Section 3.4</a> of <a href="#RFC5322" id="rfc.xref.RFC5322.1"><cite title="Internet Message Format">[RFC5322]</cite></a>:2054 </p> 2055 <div id="rfc.figure.u.3 6"></div><pre class="inline"><span id="rfc.iref.g.36"></span> <a href="#header.from" class="smpl">From</a> = <a href="#header.from" class="smpl">mailbox</a>2038 <h3 id="rfc.section.5.5.1"><a href="#rfc.section.5.5.1">5.5.1</a> <a id="header.from" href="#header.from">From</a></h3> 2039 <p id="rfc.section.5.5.1.p.1">The "From" header field, if given, <em class="bcp14">SHOULD</em> contain an Internet e-mail address for the human user who controls the requesting user agent. The address <em class="bcp14">SHOULD</em> be machine-usable, as defined by "mailbox" in <a href="http://tools.ietf.org/html/rfc5322#section-3.4">Section 3.4</a> of <a href="#RFC5322" id="rfc.xref.RFC5322.1"><cite title="Internet Message Format">[RFC5322]</cite></a>: 2040 </p> 2041 <div id="rfc.figure.u.34"></div><pre class="inline"><span id="rfc.iref.g.34"></span> <a href="#header.from" class="smpl">From</a> = <a href="#header.from" class="smpl">mailbox</a> 2056 2042 2057 2043 <a href="#header.from" class="smpl">mailbox</a> = <mailbox, defined in <a href="#RFC5322" id="rfc.xref.RFC5322.2"><cite title="Internet Message Format">[RFC5322]</cite></a>, <a href="http://tools.ietf.org/html/rfc5322#section-3.4">Section 3.4</a>> 2058 </pre><p id="rfc.section. 6.5.1.p.3">An example is:</p>2059 <div id="rfc.figure.u.3 7"></div><pre class="text"> From: webmaster@example.org2060 </pre><p id="rfc.section. 6.5.1.p.5">This header field <em class="bcp14">MAY</em> be used for logging purposes and as a means for identifying the source of invalid or unwanted requests. It <em class="bcp14">SHOULD NOT</em> be used as an insecure form of access protection. The interpretation of this field is that the request is being performed2044 </pre><p id="rfc.section.5.5.1.p.3">An example is:</p> 2045 <div id="rfc.figure.u.35"></div><pre class="text"> From: webmaster@example.org 2046 </pre><p id="rfc.section.5.5.1.p.5">This header field <em class="bcp14">MAY</em> be used for logging purposes and as a means for identifying the source of invalid or unwanted requests. It <em class="bcp14">SHOULD NOT</em> be used as an insecure form of access protection. The interpretation of this field is that the request is being performed 2061 2047 on behalf of the person given, who accepts responsibility for the method performed. In particular, robot agents <em class="bcp14">SHOULD</em> include this header field so that the person responsible for running the robot can be contacted if problems occur on the receiving 2062 2048 end. 2063 2049 </p> 2064 <p id="rfc.section. 6.5.1.p.6">The Internet e-mail address in this field <em class="bcp14">MAY</em> be separate from the Internet host which issued the request. For example, when a request is passed through a proxy the original2050 <p id="rfc.section.5.5.1.p.6">The Internet e-mail address in this field <em class="bcp14">MAY</em> be separate from the Internet host which issued the request. For example, when a request is passed through a proxy the original 2065 2051 issuer's address <em class="bcp14">SHOULD</em> be used. 2066 2052 </p> 2067 <p id="rfc.section. 6.5.1.p.7">The client <em class="bcp14">SHOULD NOT</em> send the From header field without the user's approval, as it might conflict with the user's privacy interests or their site's2053 <p id="rfc.section.5.5.1.p.7">The client <em class="bcp14">SHOULD NOT</em> send the From header field without the user's approval, as it might conflict with the user's privacy interests or their site's 2068 2054 security policy. It is strongly recommended that the user be able to disable, enable, and modify the value of this field at 2069 2055 any time prior to a request. 2070 2056 </p> 2071 2057 <div id="rfc.iref.r.2"></div> 2072 <h3 id="rfc.section. 6.5.2"><a href="#rfc.section.6.5.2">6.5.2</a> <a id="header.referer" href="#header.referer">Referer</a></h3>2073 <p id="rfc.section. 6.5.2.p.1">The "Referer" [sic] header field allows the client to specify the URI of the resource from which the target URI was obtained2058 <h3 id="rfc.section.5.5.2"><a href="#rfc.section.5.5.2">5.5.2</a> <a id="header.referer" href="#header.referer">Referer</a></h3> 2059 <p id="rfc.section.5.5.2.p.1">The "Referer" [sic] header field allows the client to specify the URI of the resource from which the target URI was obtained 2074 2060 (the "referrer", although the header field is misspelled.). 2075 2061 </p> 2076 <p id="rfc.section. 6.5.2.p.2">The Referer header field allows servers to generate lists of back-links to resources for interest, logging, optimized caching,2062 <p id="rfc.section.5.5.2.p.2">The Referer header field allows servers to generate lists of back-links to resources for interest, logging, optimized caching, 2077 2063 etc. It also allows obsolete or mistyped links to be traced for maintenance. Some servers use Referer as a means of controlling 2078 2064 where they allow links from (so-called "deep linking"), but legitimate requests do not always contain a Referer header field. 2079 2065 </p> 2080 <p id="rfc.section. 6.5.2.p.3">If the target URI was obtained from a source that does not have its own URI (e.g., input from the user keyboard), the Referer2066 <p id="rfc.section.5.5.2.p.3">If the target URI was obtained from a source that does not have its own URI (e.g., input from the user keyboard), the Referer 2081 2067 field <em class="bcp14">MUST</em> either be sent with the value "about:blank", or not be sent at all. Note that this requirement does not apply to sources with 2082 2068 non-HTTP URIs (e.g., FTP). 2083 2069 </p> 2084 <div id="rfc.figure.u.3 8"></div><pre class="inline"><span id="rfc.iref.g.37"></span> <a href="#header.referer" class="smpl">Referer</a> = <a href="#imported.abnf" class="smpl">absolute-URI</a> / <a href="#imported.abnf" class="smpl">partial-URI</a>2085 </pre><p id="rfc.section. 6.5.2.p.5">Example:</p>2086 <div id="rfc.figure.u.3 9"></div><pre class="text"> Referer: http://www.example.org/hypertext/Overview.html2087 </pre><p id="rfc.section. 6.5.2.p.7">If the field value is a relative URI, it <em class="bcp14">SHOULD</em> be interpreted relative to the effective request URI. The URI <em class="bcp14">MUST NOT</em> include a fragment. See <a href="#encoding.sensitive.information.in.uris" title="Encoding Sensitive Information in URIs">Section 10.2</a> for security considerations.2070 <div id="rfc.figure.u.36"></div><pre class="inline"><span id="rfc.iref.g.35"></span> <a href="#header.referer" class="smpl">Referer</a> = <a href="#imported.abnf" class="smpl">absolute-URI</a> / <a href="#imported.abnf" class="smpl">partial-URI</a> 2071 </pre><p id="rfc.section.5.5.2.p.5">Example:</p> 2072 <div id="rfc.figure.u.37"></div><pre class="text"> Referer: http://www.example.org/hypertext/Overview.html 2073 </pre><p id="rfc.section.5.5.2.p.7">If the field value is a relative URI, it <em class="bcp14">SHOULD</em> be interpreted relative to the effective request URI. The URI <em class="bcp14">MUST NOT</em> include a fragment. See <a href="#encoding.sensitive.information.in.uris" title="Encoding Sensitive Information in URIs">Section 9.2</a> for security considerations. 2088 2074 </p> 2089 2075 <div id="rfc.iref.u.1"></div> 2090 <h3 id="rfc.section.6.5.3"><a href="#rfc.section.6.5.3">6.5.3</a> <a id="header.user-agent" href="#header.user-agent">User-Agent</a></h3> 2091 <p id="rfc.section.6.5.3.p.1">The "User-Agent" header field contains information about the user agent originating the request. User agents <em class="bcp14">SHOULD</em> include this field with requests. 2092 </p> 2093 <p id="rfc.section.6.5.3.p.2">Typically, it is used for statistical purposes, the tracing of protocol violations, and tailoring responses to avoid particular 2094 user agent limitations. 2095 </p> 2096 <p id="rfc.section.6.5.3.p.3">The field can contain multiple product tokens (<a href="#product.tokens" title="Product Tokens">Section 4</a>) and comments (<a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a> of <a href="#Part1" id="rfc.xref.Part1.21"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) identifying the agent and its significant subproducts. By convention, the product tokens are listed in order of their significance 2097 for identifying the application. 2098 </p> 2099 <p id="rfc.section.6.5.3.p.4">Because this field is usually sent on every request a user agent makes, implementations are encouraged not to include needlessly 2100 fine-grained detail, and to limit (or even prohibit) the addition of subproducts by third parties. Overly long and detailed 2101 User-Agent field values make requests larger and can also be used to identify ("fingerprint") the user against their wishes. 2102 </p> 2103 <p id="rfc.section.6.5.3.p.5">Likewise, implementations are encouraged not to use the product tokens of other implementations in order to declare compatibility 2104 with them, as this circumvents the purpose of the field. Finally, they are encouraged not to use comments to identify products; 2105 doing so makes the field value more difficult to parse. 2106 </p> 2107 <div id="rfc.figure.u.40"></div><pre class="inline"><span id="rfc.iref.g.38"></span> <a href="#header.user-agent" class="smpl">User-Agent</a> = <a href="#product.tokens" class="smpl">product</a> *( <a href="#imported.abnf" class="smpl">RWS</a> ( <a href="#product.tokens" class="smpl">product</a> / <a href="#imported.abnf" class="smpl">comment</a> ) ) 2108 </pre><p id="rfc.section.6.5.3.p.7">Example:</p> 2109 <div id="rfc.figure.u.41"></div><pre class="text"> User-Agent: CERN-LineMode/2.15 libwww/2.17b3 2110 </pre><h1 id="rfc.section.7"><a href="#rfc.section.7">7.</a> <a id="status.codes" href="#status.codes">Response Status Codes</a></h1> 2111 <p id="rfc.section.7.p.1">The status-code element is a 3-digit integer code giving the result of the attempt to understand and satisfy the request.</p> 2112 <p id="rfc.section.7.p.2">HTTP status codes are extensible. HTTP applications are not required to understand the meaning of all registered status codes, 2076 <h3 id="rfc.section.5.5.3"><a href="#rfc.section.5.5.3">5.5.3</a> <a id="header.user-agent" href="#header.user-agent">User-Agent</a></h3> 2077 <p id="rfc.section.5.5.3.p.1">The "User-Agent" header field contains information about the user agent originating the request, which is often used by servers 2078 to help identify the scope of reported interoperability problems, to work around or tailor responses to avoid particular user 2079 agent limitations, and for analytics regarding browser or operating system use. A user agent <em class="bcp14">SHOULD</em> include a User-Agent field in each request unless specifically configured not to do so. 2080 </p> 2081 <div id="rfc.figure.u.38"></div><pre class="inline"><span id="rfc.iref.g.36"></span> <a href="#header.user-agent" class="smpl">User-Agent</a> = <a href="#header.user-agent" class="smpl">product</a> *( <a href="#imported.abnf" class="smpl">RWS</a> ( <a href="#header.user-agent" class="smpl">product</a> / <a href="#imported.abnf" class="smpl">comment</a> ) ) 2082 </pre><p id="rfc.section.5.5.3.p.3">The User-Agent field-value consists of one or more product identifiers, each followed by zero or more comments (<a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a> of <a href="#Part1" id="rfc.xref.Part1.21"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>), which together identify the user agent software and its significant subproducts. By convention, the product identifiers 2083 are listed in order of their significance for identifying the user agent software. Each product identifier consists of a name 2084 and optional version. 2085 </p> 2086 <div id="rfc.figure.u.39"></div><pre class="inline"><span id="rfc.iref.g.37"></span><span id="rfc.iref.g.38"></span> <a href="#header.user-agent" class="smpl">product</a> = <a href="#imported.abnf" class="smpl">token</a> ["/" <a href="#header.user-agent" class="smpl">product-version</a>] 2087 <a href="#header.user-agent" class="smpl">product-version</a> = <a href="#imported.abnf" class="smpl">token</a> 2088 </pre><p id="rfc.section.5.5.3.p.5">Senders <em class="bcp14">SHOULD</em> limit generated product identifiers to what is necessary to identify the product; senders <em class="bcp14">MUST NOT</em> generate advertising or other non-essential information within the product identifier. Senders <em class="bcp14">SHOULD NOT</em> generate information in <a href="#header.user-agent" class="smpl">product-version</a> that is not a version identifier (i.e., successive versions of the same product name ought to only differ in the product-version 2089 portion of the product identifier). 2090 </p> 2091 <p id="rfc.section.5.5.3.p.6">Example:</p> 2092 <div id="rfc.figure.u.40"></div><pre class="text"> User-Agent: CERN-LineMode/2.15 libwww/2.17b3 2093 </pre><p id="rfc.section.5.5.3.p.8">A user agent <em class="bcp14">SHOULD NOT</em> generate a User-Agent field containing needlessly fine-grained detail and <em class="bcp14">SHOULD</em> limit the addition of subproducts by third parties. Overly long and detailed User-Agent field values increase request latency 2094 and the risk of a user being identified against their wishes ("fingerprinting"). 2095 </p> 2096 <p id="rfc.section.5.5.3.p.9">Likewise, implementations are encouraged not to use the product tokens of other implementations in order to declare compatibility 2097 with them, as this circumvents the purpose of the field. If a user agent masquerades as a different user agent, recipients 2098 can assume that the user intentionally desires to see responses tailored for that identified user agent, even if they might 2099 not work as well for the actual user agent being used. 2100 </p> 2101 <h1 id="rfc.section.6"><a href="#rfc.section.6">6.</a> <a id="status.codes" href="#status.codes">Response Status Codes</a></h1> 2102 <p id="rfc.section.6.p.1">The status-code element is a 3-digit integer code giving the result of the attempt to understand and satisfy the request.</p> 2103 <p id="rfc.section.6.p.2">HTTP status codes are extensible. HTTP applications are not required to understand the meaning of all registered status codes, 2113 2104 though such understanding is obviously desirable. However, applications <em class="bcp14">MUST</em> understand the class of any status code, as indicated by the first digit, and treat any unrecognized response as being equivalent 2114 2105 to the x00 status code of that class, with the exception that an unrecognized response <em class="bcp14">MUST NOT</em> be cached. For example, if an unrecognized status code of 431 is received by the client, it can safely assume that there was … … 2116 2107 information which will explain the unusual status. 2117 2108 </p> 2118 <p id="rfc.section. 7.p.3">The first digit of the status-code defines the class of response. The last two digits do not have any categorization role.2109 <p id="rfc.section.6.p.3">The first digit of the status-code defines the class of response. The last two digits do not have any categorization role. 2119 2110 There are 5 values for the first digit: 2120 2111 </p> … … 2131 2122 </li> 2132 2123 </ul> 2133 <p id="rfc.section. 7.p.4">For most status codes the response can carry a payload, in which case a <a href="#header.content-type" class="smpl">Content-Type</a> header field indicates the payload's media type (<a href="#header.content-type" id="rfc.xref.header.content-type.3" title="Content-Type">Section 3.1.1.5</a>).2134 </p> 2135 <h2 id="rfc.section. 7.1"><a href="#rfc.section.7.1">7.1</a> <a id="overview.of.status.codes" href="#overview.of.status.codes">Overview of Status Codes</a></h2>2136 <p id="rfc.section. 7.1.p.1">The status codes listed below are defined in this specification, <a href="p4-conditional.html#status.code.definitions" title="Status Code Definitions">Section 4</a> of <a href="#Part4" id="rfc.xref.Part4.7"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>, <a href="p5-range.html#status.code.definitions" title="Status Code Definitions">Section 3</a> of <a href="#Part5" id="rfc.xref.Part5.8"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>, and <a href="p7-auth.html#status.code.definitions" title="Status Code Definitions">Section 3</a> of <a href="#Part7" id="rfc.xref.Part7.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Authentication">[Part7]</cite></a>. The reason phrases listed here are only recommendations — they can be replaced by local equivalents without affecting the2124 <p id="rfc.section.6.p.4">For most status codes the response can carry a payload, in which case a <a href="#header.content-type" class="smpl">Content-Type</a> header field indicates the payload's media type (<a href="#header.content-type" id="rfc.xref.header.content-type.3" title="Content-Type">Section 3.1.1.5</a>). 2125 </p> 2126 <h2 id="rfc.section.6.1"><a href="#rfc.section.6.1">6.1</a> <a id="overview.of.status.codes" href="#overview.of.status.codes">Overview of Status Codes</a></h2> 2127 <p id="rfc.section.6.1.p.1">The status codes listed below are defined in this specification, <a href="p4-conditional.html#status.code.definitions" title="Status Code Definitions">Section 4</a> of <a href="#Part4" id="rfc.xref.Part4.7"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>, <a href="p5-range.html#status.code.definitions" title="Status Code Definitions">Section 3</a> of <a href="#Part5" id="rfc.xref.Part5.8"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Range Requests">[Part5]</cite></a>, and <a href="p7-auth.html#status.code.definitions" title="Status Code Definitions">Section 3</a> of <a href="#Part7" id="rfc.xref.Part7.3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Authentication">[Part7]</cite></a>. The reason phrases listed here are only recommendations — they can be replaced by local equivalents without affecting the 2137 2128 protocol. 2138 2129 </p> … … 2150 2141 <td class="left">100</td> 2151 2142 <td class="left">Continue</td> 2152 <td class="left"><a href="#status.100" id="rfc.xref.status.100.3" title="100 Continue">Section 7.2.1</a></td>2143 <td class="left"><a href="#status.100" id="rfc.xref.status.100.3" title="100 Continue">Section 6.2.1</a></td> 2153 2144 </tr> 2154 2145 <tr> 2155 2146 <td class="left">101</td> 2156 2147 <td class="left">Switching Protocols</td> 2157 <td class="left"><a href="#status.101" id="rfc.xref.status.101.1" title="101 Switching Protocols">Section 7.2.2</a></td>2148 <td class="left"><a href="#status.101" id="rfc.xref.status.101.1" title="101 Switching Protocols">Section 6.2.2</a></td> 2158 2149 </tr> 2159 2150 <tr> 2160 2151 <td class="left">200</td> 2161 2152 <td class="left">OK</td> 2162 <td class="left"><a href="#status.200" id="rfc.xref.status.200.1" title="200 OK">Section 7.3.1</a></td>2153 <td class="left"><a href="#status.200" id="rfc.xref.status.200.1" title="200 OK">Section 6.3.1</a></td> 2163 2154 </tr> 2164 2155 <tr> 2165 2156 <td class="left">201</td> 2166 2157 <td class="left">Created</td> 2167 <td class="left"><a href="#status.201" id="rfc.xref.status.201.1" title="201 Created">Section 7.3.2</a></td>2158 <td class="left"><a href="#status.201" id="rfc.xref.status.201.1" title="201 Created">Section 6.3.2</a></td> 2168 2159 </tr> 2169 2160 <tr> 2170 2161 <td class="left">202</td> 2171 2162 <td class="left">Accepted</td> 2172 <td class="left"><a href="#status.202" id="rfc.xref.status.202.1" title="202 Accepted">Section 7.3.3</a></td>2163 <td class="left"><a href="#status.202" id="rfc.xref.status.202.1" title="202 Accepted">Section 6.3.3</a></td> 2173 2164 </tr> 2174 2165 <tr> 2175 2166 <td class="left">203</td> 2176 2167 <td class="left">Non-Authoritative Information</td> 2177 <td class="left"><a href="#status.203" id="rfc.xref.status.203.1" title="203 Non-Authoritative Information">Section 7.3.4</a></td>2168 <td class="left"><a href="#status.203" id="rfc.xref.status.203.1" title="203 Non-Authoritative Information">Section 6.3.4</a></td> 2178 2169 </tr> 2179 2170 <tr> 2180 2171 <td class="left">204</td> 2181 2172 <td class="left">No Content</td> 2182 <td class="left"><a href="#status.204" id="rfc.xref.status.204.1" title="204 No Content">Section 7.3.5</a></td>2173 <td class="left"><a href="#status.204" id="rfc.xref.status.204.1" title="204 No Content">Section 6.3.5</a></td> 2183 2174 </tr> 2184 2175 <tr> 2185 2176 <td class="left">205</td> 2186 2177 <td class="left">Reset Content</td> 2187 <td class="left"><a href="#status.205" id="rfc.xref.status.205.1" title="205 Reset Content">Section 7.3.6</a></td>2178 <td class="left"><a href="#status.205" id="rfc.xref.status.205.1" title="205 Reset Content">Section 6.3.6</a></td> 2188 2179 </tr> 2189 2180 <tr> … … 2195 2186 <td class="left">300</td> 2196 2187 <td class="left">Multiple Choices</td> 2197 <td class="left"><a href="#status.300" id="rfc.xref.status.300.1" title="300 Multiple Choices">Section 7.4.1</a></td>2188 <td class="left"><a href="#status.300" id="rfc.xref.status.300.1" title="300 Multiple Choices">Section 6.4.1</a></td> 2198 2189 </tr> 2199 2190 <tr> 2200 2191 <td class="left">301</td> 2201 2192 <td class="left">Moved Permanently</td> 2202 <td class="left"><a href="#status.301" id="rfc.xref.status.301.1" title="301 Moved Permanently">Section 7.4.2</a></td>2193 <td class="left"><a href="#status.301" id="rfc.xref.status.301.1" title="301 Moved Permanently">Section 6.4.2</a></td> 2203 2194 </tr> 2204 2195 <tr> 2205 2196 <td class="left">302</td> 2206 2197 <td class="left">Found</td> 2207 <td class="left"><a href="#status.302" id="rfc.xref.status.302.1" title="302 Found">Section 7.4.3</a></td>2198 <td class="left"><a href="#status.302" id="rfc.xref.status.302.1" title="302 Found">Section 6.4.3</a></td> 2208 2199 </tr> 2209 2200 <tr> 2210 2201 <td class="left">303</td> 2211 2202 <td class="left">See Other</td> 2212 <td class="left"><a href="#status.303" id="rfc.xref.status.303.1" title="303 See Other">Section 7.4.4</a></td>2203 <td class="left"><a href="#status.303" id="rfc.xref.status.303.1" title="303 See Other">Section 6.4.4</a></td> 2213 2204 </tr> 2214 2205 <tr> … … 2220 2211 <td class="left">305</td> 2221 2212 <td class="left">Use Proxy</td> 2222 <td class="left"><a href="#status.305" id="rfc.xref.status.305.1" title="305 Use Proxy">Section 7.4.5</a></td>2213 <td class="left"><a href="#status.305" id="rfc.xref.status.305.1" title="305 Use Proxy">Section 6.4.5</a></td> 2223 2214 </tr> 2224 2215 <tr> 2225 2216 <td class="left">307</td> 2226 2217 <td class="left">Temporary Redirect</td> 2227 <td class="left"><a href="#status.307" id="rfc.xref.status.307.1" title="307 Temporary Redirect">Section 7.4.7</a></td>2218 <td class="left"><a href="#status.307" id="rfc.xref.status.307.1" title="307 Temporary Redirect">Section 6.4.7</a></td> 2228 2219 </tr> 2229 2220 <tr> 2230 2221 <td class="left">400</td> 2231 2222 <td class="left">Bad Request</td> 2232 <td class="left"><a href="#status.400" id="rfc.xref.status.400.1" title="400 Bad Request">Section 7.5.1</a></td>2223 <td class="left"><a href="#status.400" id="rfc.xref.status.400.1" title="400 Bad Request">Section 6.5.1</a></td> 2233 2224 </tr> 2234 2225 <tr> … … 2240 2231 <td class="left">402</td> 2241 2232 <td class="left">Payment Required</td> 2242 <td class="left"><a href="#status.402" id="rfc.xref.status.402.1" title="402 Payment Required">Section 7.5.2</a></td>2233 <td class="left"><a href="#status.402" id="rfc.xref.status.402.1" title="402 Payment Required">Section 6.5.2</a></td> 2243 2234 </tr> 2244 2235 <tr> 2245 2236 <td class="left">403</td> 2246 2237 <td class="left">Forbidden</td> 2247 <td class="left"><a href="#status.403" id="rfc.xref.status.403.1" title="403 Forbidden">Section 7.5.3</a></td>2238 <td class="left"><a href="#status.403" id="rfc.xref.status.403.1" title="403 Forbidden">Section 6.5.3</a></td> 2248 2239 </tr> 2249 2240 <tr> 2250 2241 <td class="left">404</td> 2251 2242 <td class="left">Not Found</td> 2252 <td class="left"><a href="#status.404" id="rfc.xref.status.404.1" title="404 Not Found">Section 7.5.4</a></td>2243 <td class="left"><a href="#status.404" id="rfc.xref.status.404.1" title="404 Not Found">Section 6.5.4</a></td> 2253 2244 </tr> 2254 2245 <tr> 2255 2246 <td class="left">405</td> 2256 2247 <td class="left">Method Not Allowed</td> 2257 <td class="left"><a href="#status.405" id="rfc.xref.status.405.1" title="405 Method Not Allowed">Section 7.5.5</a></td>2248 <td class="left"><a href="#status.405" id="rfc.xref.status.405.1" title="405 Method Not Allowed">Section 6.5.5</a></td> 2258 2249 </tr> 2259 2250 <tr> 2260 2251 <td class="left">406</td> 2261 2252 <td class="left">Not Acceptable</td> 2262 <td class="left"><a href="#status.406" id="rfc.xref.status.406.1" title="406 Not Acceptable">Section 7.5.6</a></td>2253 <td class="left"><a href="#status.406" id="rfc.xref.status.406.1" title="406 Not Acceptable">Section 6.5.6</a></td> 2263 2254 </tr> 2264 2255 <tr> … … 2270 2261 <td class="left">408</td> 2271 2262 <td class="left">Request Time-out</td> 2272 <td class="left"><a href="#status.408" id="rfc.xref.status.408.1" title="408 Request Timeout">Section 7.5.7</a></td>2263 <td class="left"><a href="#status.408" id="rfc.xref.status.408.1" title="408 Request Timeout">Section 6.5.7</a></td> 2273 2264 </tr> 2274 2265 <tr> 2275 2266 <td class="left">409</td> 2276 2267 <td class="left">Conflict</td> 2277 <td class="left"><a href="#status.409" id="rfc.xref.status.409.1" title="409 Conflict">Section 7.5.8</a></td>2268 <td class="left"><a href="#status.409" id="rfc.xref.status.409.1" title="409 Conflict">Section 6.5.8</a></td> 2278 2269 </tr> 2279 2270 <tr> 2280 2271 <td class="left">410</td> 2281 2272 <td class="left">Gone</td> 2282 <td class="left"><a href="#status.410" id="rfc.xref.status.410.1" title="410 Gone">Section 7.5.9</a></td>2273 <td class="left"><a href="#status.410" id="rfc.xref.status.410.1" title="410 Gone">Section 6.5.9</a></td> 2283 2274 </tr> 2284 2275 <tr> 2285 2276 <td class="left">411</td> 2286 2277 <td class="left">Length Required</td> 2287 <td class="left"><a href="#status.411" id="rfc.xref.status.411.1" title="411 Length Required">Section 7.5.10</a></td>2278 <td class="left"><a href="#status.411" id="rfc.xref.status.411.1" title="411 Length Required">Section 6.5.10</a></td> 2288 2279 </tr> 2289 2280 <tr> … … 2295 2286 <td class="left">413</td> 2296 2287 <td class="left">Request Representation Too Large</td> 2297 <td class="left"><a href="#status.413" id="rfc.xref.status.413.1" title="413 Request Representation Too Large">Section 7.5.11</a></td>2288 <td class="left"><a href="#status.413" id="rfc.xref.status.413.1" title="413 Request Representation Too Large">Section 6.5.11</a></td> 2298 2289 </tr> 2299 2290 <tr> 2300 2291 <td class="left">414</td> 2301 2292 <td class="left">URI Too Long</td> 2302 <td class="left"><a href="#status.414" id="rfc.xref.status.414.1" title="414 URI Too Long">Section 7.5.12</a></td>2293 <td class="left"><a href="#status.414" id="rfc.xref.status.414.1" title="414 URI Too Long">Section 6.5.12</a></td> 2303 2294 </tr> 2304 2295 <tr> 2305 2296 <td class="left">415</td> 2306 2297 <td class="left">Unsupported Media Type</td> 2307 <td class="left"><a href="#status.415" id="rfc.xref.status.415.1" title="415 Unsupported Media Type">Section 7.5.13</a></td>2298 <td class="left"><a href="#status.415" id="rfc.xref.status.415.1" title="415 Unsupported Media Type">Section 6.5.13</a></td> 2308 2299 </tr> 2309 2300 <tr> … … 2315 2306 <td class="left">417</td> 2316 2307 <td class="left">Expectation Failed</td> 2317 <td class="left"><a href="#status.417" id="rfc.xref.status.417.1" title="417 Expectation Failed">Section 7.5.14</a></td>2308 <td class="left"><a href="#status.417" id="rfc.xref.status.417.1" title="417 Expectation Failed">Section 6.5.14</a></td> 2318 2309 </tr> 2319 2310 <tr> 2320 2311 <td class="left">426</td> 2321 2312 <td class="left">Upgrade Required</td> 2322 <td class="left"><a href="#status.426" id="rfc.xref.status.426.1" title="426 Upgrade Required">Section 7.5.15</a></td>2313 <td class="left"><a href="#status.426" id="rfc.xref.status.426.1" title="426 Upgrade Required">Section 6.5.15</a></td> 2323 2314 </tr> 2324 2315 <tr> 2325 2316 <td class="left">500</td> 2326 2317 <td class="left">Internal Server Error</td> 2327 <td class="left"><a href="#status.500" id="rfc.xref.status.500.1" title="500 Internal Server Error">Section 7.6.1</a></td>2318 <td class="left"><a href="#status.500" id="rfc.xref.status.500.1" title="500 Internal Server Error">Section 6.6.1</a></td> 2328 2319 </tr> 2329 2320 <tr> 2330 2321 <td class="left">501</td> 2331 2322 <td class="left">Not Implemented</td> 2332 <td class="left"><a href="#status.501" id="rfc.xref.status.501.1" title="501 Not Implemented">Section 7.6.2</a></td>2323 <td class="left"><a href="#status.501" id="rfc.xref.status.501.1" title="501 Not Implemented">Section 6.6.2</a></td> 2333 2324 </tr> 2334 2325 <tr> 2335 2326 <td class="left">502</td> 2336 2327 <td class="left">Bad Gateway</td> 2337 <td class="left"><a href="#status.502" id="rfc.xref.status.502.1" title="502 Bad Gateway">Section 7.6.3</a></td>2328 <td class="left"><a href="#status.502" id="rfc.xref.status.502.1" title="502 Bad Gateway">Section 6.6.3</a></td> 2338 2329 </tr> 2339 2330 <tr> 2340 2331 <td class="left">503</td> 2341 2332 <td class="left">Service Unavailable</td> 2342 <td class="left"><a href="#status.503" id="rfc.xref.status.503.1" title="503 Service Unavailable">Section 7.6.4</a></td>2333 <td class="left"><a href="#status.503" id="rfc.xref.status.503.1" title="503 Service Unavailable">Section 6.6.4</a></td> 2343 2334 </tr> 2344 2335 <tr> 2345 2336 <td class="left">504</td> 2346 2337 <td class="left">Gateway Time-out</td> 2347 <td class="left"><a href="#status.504" id="rfc.xref.status.504.1" title="504 Gateway Timeout">Section 7.6.5</a></td>2338 <td class="left"><a href="#status.504" id="rfc.xref.status.504.1" title="504 Gateway Timeout">Section 6.6.5</a></td> 2348 2339 </tr> 2349 2340 <tr> 2350 2341 <td class="left">505</td> 2351 2342 <td class="left">HTTP Version not supported</td> 2352 <td class="left"><a href="#status.505" id="rfc.xref.status.505.1" title="505 HTTP Version Not Supported">Section 7.6.6</a></td>2343 <td class="left"><a href="#status.505" id="rfc.xref.status.505.1" title="505 HTTP Version Not Supported">Section 6.6.6</a></td> 2353 2344 </tr> 2354 2345 </tbody> 2355 2346 </table> 2356 2347 </div> 2357 <p id="rfc.section. 7.1.p.2">Note that this list is not exhaustive — it does not include extension status codes defined in other specifications.</p>2358 <h2 id="rfc.section. 7.2"><a href="#rfc.section.7.2">7.2</a> <a id="status.1xx" href="#status.1xx">Informational 1xx</a></h2>2348 <p id="rfc.section.6.1.p.2">Note that this list is not exhaustive — it does not include extension status codes defined in other specifications.</p> 2349 <h2 id="rfc.section.6.2"><a href="#rfc.section.6.2">6.2</a> <a id="status.1xx" href="#status.1xx">Informational 1xx</a></h2> 2359 2350 <div id="rfc.iref.70"></div> 2360 2351 <div id="rfc.iref.s.2"></div> 2361 <p id="rfc.section. 7.2.p.1">This class of status code indicates a provisional response, consisting only of the status-line and optional header fields,2352 <p id="rfc.section.6.2.p.1">This class of status code indicates a provisional response, consisting only of the status-line and optional header fields, 2362 2353 and is terminated by an empty line. There are no required header fields for this class of status code. Since HTTP/1.0 did 2363 2354 not define any 1xx status codes, servers <em class="bcp14">MUST NOT</em> send a 1xx response to an HTTP/1.0 client except under experimental conditions. 2364 2355 </p> 2365 <p id="rfc.section. 7.2.p.2">A client <em class="bcp14">MUST</em> be prepared to accept one or more 1xx status responses prior to a regular response, even if the client does not expect a <a href="#status.100" class="smpl">1002356 <p id="rfc.section.6.2.p.2">A client <em class="bcp14">MUST</em> be prepared to accept one or more 1xx status responses prior to a regular response, even if the client does not expect a <a href="#status.100" class="smpl">100 2366 2357 (Continue)</a> status message. Unexpected 1xx status responses <em class="bcp14">MAY</em> be ignored by a user agent. 2367 2358 </p> 2368 <p id="rfc.section. 7.2.p.3">Proxies <em class="bcp14">MUST</em> forward 1xx responses, unless the connection between the proxy and its client has been closed, or unless the proxy itself2359 <p id="rfc.section.6.2.p.3">Proxies <em class="bcp14">MUST</em> forward 1xx responses, unless the connection between the proxy and its client has been closed, or unless the proxy itself 2369 2360 requested the generation of the 1xx response. (For example, if a proxy adds an "Expect: 100-continue" field when it forwards 2370 2361 a request, then it need not forward the corresponding <a href="#status.100" class="smpl">100 (Continue)</a> response(s).) 2371 2362 </p> 2372 2363 <div id="rfc.iref.71"></div> 2373 <h3 id="rfc.section. 7.2.1"><a href="#rfc.section.7.2.1">7.2.1</a> <a id="status.100" href="#status.100">100 Continue</a></h3>2374 <p id="rfc.section. 7.2.1.p.1">The client <em class="bcp14">SHOULD</em> continue with its request. This interim response is used to inform the client that the initial part of the request has been2364 <h3 id="rfc.section.6.2.1"><a href="#rfc.section.6.2.1">6.2.1</a> <a id="status.100" href="#status.100">100 Continue</a></h3> 2365 <p id="rfc.section.6.2.1.p.1">The client <em class="bcp14">SHOULD</em> continue with its request. This interim response is used to inform the client that the initial part of the request has been 2375 2366 received and has not yet been rejected by the server. The client <em class="bcp14">SHOULD</em> continue by sending the remainder of the request or, if the request has already been completed, ignore this response. The 2376 server <em class="bcp14">MUST</em> send a final response after the request has been completed. See <a href="#use.of.the.100.status" title="Use of the 100 (Continue) Status">Section 6.1.2.1</a> for detailed discussion of the use and handling of this status code.2367 server <em class="bcp14">MUST</em> send a final response after the request has been completed. See <a href="#use.of.the.100.status" title="Use of the 100 (Continue) Status">Section 5.1.2.1</a> for detailed discussion of the use and handling of this status code. 2377 2368 </p> 2378 2369 <div id="rfc.iref.71"></div> 2379 <h3 id="rfc.section. 7.2.2"><a href="#rfc.section.7.2.2">7.2.2</a> <a id="status.101" href="#status.101">101 Switching Protocols</a></h3>2380 <p id="rfc.section. 7.2.2.p.1">The server understands and is willing to comply with the client's request, via the <a href="p1-messaging.html#header.upgrade" class="smpl">Upgrade</a> message header field (<a href="p1-messaging.html#header.upgrade" title="Upgrade">Section 6.7</a> of <a href="#Part1" id="rfc.xref.Part1.22"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>), for a change in the application protocol being used on this connection. The server will switch protocols to those defined2370 <h3 id="rfc.section.6.2.2"><a href="#rfc.section.6.2.2">6.2.2</a> <a id="status.101" href="#status.101">101 Switching Protocols</a></h3> 2371 <p id="rfc.section.6.2.2.p.1">The server understands and is willing to comply with the client's request, via the <a href="p1-messaging.html#header.upgrade" class="smpl">Upgrade</a> message header field (<a href="p1-messaging.html#header.upgrade" title="Upgrade">Section 6.7</a> of <a href="#Part1" id="rfc.xref.Part1.22"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>), for a change in the application protocol being used on this connection. The server will switch protocols to those defined 2381 2372 by the response's Upgrade header field immediately after the empty line which terminates the 101 response. 2382 2373 </p> 2383 <p id="rfc.section. 7.2.2.p.2">The protocol <em class="bcp14">SHOULD</em> be switched only when it is advantageous to do so. For example, switching to a newer version of HTTP is advantageous over2374 <p id="rfc.section.6.2.2.p.2">The protocol <em class="bcp14">SHOULD</em> be switched only when it is advantageous to do so. For example, switching to a newer version of HTTP is advantageous over 2384 2375 older versions, and switching to a real-time, synchronous protocol might be advantageous when delivering resources that use 2385 2376 such features. 2386 2377 </p> 2387 <h2 id="rfc.section. 7.3"><a href="#rfc.section.7.3">7.3</a> <a id="status.2xx" href="#status.2xx">Successful 2xx</a></h2>2378 <h2 id="rfc.section.6.3"><a href="#rfc.section.6.3">6.3</a> <a id="status.2xx" href="#status.2xx">Successful 2xx</a></h2> 2388 2379 <div id="rfc.iref.71"></div> 2389 2380 <div id="rfc.iref.s.3"></div> 2390 <p id="rfc.section. 7.3.p.1">This class of status code indicates that the client's request was successfully received, understood, and accepted.</p>2381 <p id="rfc.section.6.3.p.1">This class of status code indicates that the client's request was successfully received, understood, and accepted.</p> 2391 2382 <div id="rfc.iref.72"></div> 2392 <h3 id="rfc.section. 7.3.1"><a href="#rfc.section.7.3.1">7.3.1</a> <a id="status.200" href="#status.200">200 OK</a></h3>2393 <p id="rfc.section. 7.3.1.p.1">The request has succeeded. The payload returned with the response is dependent on the method used in the request, for example: </p>2383 <h3 id="rfc.section.6.3.1"><a href="#rfc.section.6.3.1">6.3.1</a> <a id="status.200" href="#status.200">200 OK</a></h3> 2384 <p id="rfc.section.6.3.1.p.1">The request has succeeded. The payload returned with the response is dependent on the method used in the request, for example: </p> 2394 2385 <dl> 2395 2386 <dt>GET</dt> … … 2402 2393 <dd>a representation containing the request message as received by the end server.</dd> 2403 2394 </dl> 2404 <p id="rfc.section. 7.3.1.p.2">Caches <em class="bcp14">MAY</em> use a heuristic (see <a href="p6-cache.html#heuristic.freshness" title="Calculating Heuristic Freshness">Section 4.1.2</a> of <a href="#Part6" id="rfc.xref.Part6.8"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>) to determine freshness for 200 responses.2395 <p id="rfc.section.6.3.1.p.2">Caches <em class="bcp14">MAY</em> use a heuristic (see <a href="p6-cache.html#heuristic.freshness" title="Calculating Heuristic Freshness">Section 4.1.2</a> of <a href="#Part6" id="rfc.xref.Part6.8"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>) to determine freshness for 200 responses. 2405 2396 </p> 2406 2397 <div id="rfc.iref.72"></div> 2407 <h3 id="rfc.section. 7.3.2"><a href="#rfc.section.7.3.2">7.3.2</a> <a id="status.201" href="#status.201">201 Created</a></h3>2408 <p id="rfc.section. 7.3.2.p.1">The request has been fulfilled and has resulted in one or more new resources being created.</p>2409 <p id="rfc.section. 7.3.2.p.2">Newly created resources are typically linked to from the response payload, with the most relevant URI also being carried in2398 <h3 id="rfc.section.6.3.2"><a href="#rfc.section.6.3.2">6.3.2</a> <a id="status.201" href="#status.201">201 Created</a></h3> 2399 <p id="rfc.section.6.3.2.p.1">The request has been fulfilled and has resulted in one or more new resources being created.</p> 2400 <p id="rfc.section.6.3.2.p.2">Newly created resources are typically linked to from the response payload, with the most relevant URI also being carried in 2410 2401 the <a href="#header.location" class="smpl">Location</a> header field. If the newly created resource's URI is the same as the Effective Request URI, this information can be omitted 2411 2402 (e.g., in the case of a response to a PUT request). 2412 2403 </p> 2413 <p id="rfc.section. 7.3.2.p.3">The origin server <em class="bcp14">MUST</em> create the resource(s) before returning the 201 status code. If the action cannot be carried out immediately, the server <em class="bcp14">SHOULD</em> respond with a <a href="#status.202" class="smpl">202 (Accepted)</a> response instead.2414 </p> 2415 <p id="rfc.section. 7.3.2.p.4">A 201 response <em class="bcp14">MAY</em> contain an <a href="p4-conditional.html#header.etag" class="smpl">ETag</a> response header field indicating the current value of the entity-tag for the representation of the resource identified by2404 <p id="rfc.section.6.3.2.p.3">The origin server <em class="bcp14">MUST</em> create the resource(s) before returning the 201 status code. If the action cannot be carried out immediately, the server <em class="bcp14">SHOULD</em> respond with a <a href="#status.202" class="smpl">202 (Accepted)</a> response instead. 2405 </p> 2406 <p id="rfc.section.6.3.2.p.4">A 201 response <em class="bcp14">MAY</em> contain an <a href="p4-conditional.html#header.etag" class="smpl">ETag</a> response header field indicating the current value of the entity-tag for the representation of the resource identified by 2416 2407 the <a href="#header.location" class="smpl">Location</a> header field or, in case the Location header field was omitted, by the Effective Request URI (see <a href="p4-conditional.html#header.etag" title="ETag">Section 2.3</a> of <a href="#Part4" id="rfc.xref.Part4.10"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests">[Part4]</cite></a>). 2417 2408 </p> 2418 2409 <div id="rfc.iref.72"></div> 2419 <h3 id="rfc.section. 7.3.3"><a href="#rfc.section.7.3.3">7.3.3</a> <a id="status.202" href="#status.202">202 Accepted</a></h3>2420 <p id="rfc.section. 7.3.3.p.1">The request has been accepted for processing, but the processing has not been completed. The request might or might not eventually2410 <h3 id="rfc.section.6.3.3"><a href="#rfc.section.6.3.3">6.3.3</a> <a id="status.202" href="#status.202">202 Accepted</a></h3> 2411 <p id="rfc.section.6.3.3.p.1">The request has been accepted for processing, but the processing has not been completed. The request might or might not eventually 2421 2412 be acted upon, as it might be disallowed when processing actually takes place. There is no facility for re-sending a status 2422 2413 code from an asynchronous operation such as this. 2423 2414 </p> 2424 <p id="rfc.section. 7.3.3.p.2">The 202 response is intentionally non-committal. Its purpose is to allow a server to accept a request for some other process2415 <p id="rfc.section.6.3.3.p.2">The 202 response is intentionally non-committal. Its purpose is to allow a server to accept a request for some other process 2425 2416 (perhaps a batch-oriented process that is only run once per day) without requiring that the user agent's connection to the 2426 2417 server persist until the process is completed. The representation returned with this response <em class="bcp14">SHOULD</em> include an indication of the request's current status and either a pointer to a status monitor or some estimate of when the … … 2428 2419 </p> 2429 2420 <div id="rfc.iref.72"></div> 2430 <h3 id="rfc.section. 7.3.4"><a href="#rfc.section.7.3.4">7.3.4</a> <a id="status.203" href="#status.203">203 Non-Authoritative Information</a></h3>2431 <p id="rfc.section. 7.3.4.p.1">The request was successful but the enclosed payload has been modified from that of the origin server's <a href="#status.200" class="smpl">200 (OK)</a> response by a transforming proxy (<a href="p1-messaging.html#message.transformations" title="Transformations">Section 5.7.2</a> of <a href="#Part1" id="rfc.xref.Part1.23"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>). This status code allows the proxy to notify recipients when a transformation has been applied, since that knowledge might2421 <h3 id="rfc.section.6.3.4"><a href="#rfc.section.6.3.4">6.3.4</a> <a id="status.203" href="#status.203">203 Non-Authoritative Information</a></h3> 2422 <p id="rfc.section.6.3.4.p.1">The request was successful but the enclosed payload has been modified from that of the origin server's <a href="#status.200" class="smpl">200 (OK)</a> response by a transforming proxy (<a href="p1-messaging.html#message.transformations" title="Transformations">Section 5.7.2</a> of <a href="#Part1" id="rfc.xref.Part1.23"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>). This status code allows the proxy to notify recipients when a transformation has been applied, since that knowledge might 2432 2423 impact later decisions regarding the content. For example, future cache validation requests for the content might only be 2433 2424 applicable along the same request path (through the same proxies). 2434 2425 </p> 2435 <p id="rfc.section. 7.3.4.p.2">The 203 response is similar to the Warning code of 214 Transformation Applied (<a href="p6-cache.html#header.warning" title="Warning">Section 7.5</a> of <a href="#Part6" id="rfc.xref.Part6.9"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>), which has the advantage of being applicable to responses with any status code.2426 <p id="rfc.section.6.3.4.p.2">The 203 response is similar to the Warning code of 214 Transformation Applied (<a href="p6-cache.html#header.warning" title="Warning">Section 7.5</a> of <a href="#Part6" id="rfc.xref.Part6.9"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>), which has the advantage of being applicable to responses with any status code. 2436 2427 </p> 2437 2428 <div id="rfc.iref.72"></div> 2438 <h3 id="rfc.section. 7.3.5"><a href="#rfc.section.7.3.5">7.3.5</a> <a id="status.204" href="#status.204">204 No Content</a></h3>2439 <p id="rfc.section. 7.3.5.p.1">The 204 (No Content) status code indicates that the server has successfully fulfilled the request and that there is no additional2429 <h3 id="rfc.section.6.3.5"><a href="#rfc.section.6.3.5">6.3.5</a> <a id="status.204" href="#status.204">204 No Content</a></h3> 2430 <p id="rfc.section.6.3.5.p.1">The 204 (No Content) status code indicates that the server has successfully fulfilled the request and that there is no additional 2440 2431 content to return in the response payload body. Metadata in the response header fields refer to the target resource and its 2441 2432 current representation after the requested action. 2442 2433 </p> 2443 <p id="rfc.section. 7.3.5.p.2">For example, if a 204 status code is received in response to a PUT request and the response contains an <a href="p4-conditional.html#header.etag" class="smpl">ETag</a> header field, then the PUT was successful and the ETag field-value contains the entity-tag for the new representation of that2434 <p id="rfc.section.6.3.5.p.2">For example, if a 204 status code is received in response to a PUT request and the response contains an <a href="p4-conditional.html#header.etag" class="smpl">ETag</a> header field, then the PUT was successful and the ETag field-value contains the entity-tag for the new representation of that 2444 2435 target resource. 2445 2436 </p> 2446 <p id="rfc.section. 7.3.5.p.3">The 204 response allows a server to indicate that the action has been successfully applied to the target resource while implying2437 <p id="rfc.section.6.3.5.p.3">The 204 response allows a server to indicate that the action has been successfully applied to the target resource while implying 2447 2438 that the user agent <em class="bcp14">SHOULD NOT</em> traverse away from its current "document view" (if any). The server assumes that the user agent will provide some indication 2448 2439 of the success to its user, in accord with its own interface, and apply any new or updated metadata in the response to the 2449 2440 active representation. 2450 2441 </p> 2451 <p id="rfc.section. 7.3.5.p.4">For example, a 204 status code is commonly used with document editing interfaces corresponding to a "save" action, such that2442 <p id="rfc.section.6.3.5.p.4">For example, a 204 status code is commonly used with document editing interfaces corresponding to a "save" action, such that 2452 2443 the document being saved remains available to the user for editing. It is also frequently used with interfaces that expect 2453 2444 automated data transfers to be prevalent, such as within distributed version control systems. 2454 2445 </p> 2455 <p id="rfc.section. 7.3.5.p.5">The 204 response <em class="bcp14">MUST NOT</em> include a message body, and thus is always terminated by the first empty line after the header fields.2446 <p id="rfc.section.6.3.5.p.5">The 204 response <em class="bcp14">MUST NOT</em> include a message body, and thus is always terminated by the first empty line after the header fields. 2456 2447 </p> 2457 2448 <div id="rfc.iref.72"></div> 2458 <h3 id="rfc.section. 7.3.6"><a href="#rfc.section.7.3.6">7.3.6</a> <a id="status.205" href="#status.205">205 Reset Content</a></h3>2459 <p id="rfc.section. 7.3.6.p.1">The server has fulfilled the request and the user agent <em class="bcp14">SHOULD</em> reset the document view which caused the request to be sent. This response is primarily intended to allow input for actions2449 <h3 id="rfc.section.6.3.6"><a href="#rfc.section.6.3.6">6.3.6</a> <a id="status.205" href="#status.205">205 Reset Content</a></h3> 2450 <p id="rfc.section.6.3.6.p.1">The server has fulfilled the request and the user agent <em class="bcp14">SHOULD</em> reset the document view which caused the request to be sent. This response is primarily intended to allow input for actions 2460 2451 to take place via user input, followed by a clearing of the form in which the input is given so that the user can easily initiate 2461 2452 another input action. 2462 2453 </p> 2463 <p id="rfc.section. 7.3.6.p.2">The message body included with the response <em class="bcp14">MUST</em> be empty. Note that receivers still need to parse the response according to the algorithm defined in <a href="p1-messaging.html#message.body" title="Message Body">Section 3.3</a> of <a href="#Part1" id="rfc.xref.Part1.24"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>.2464 </p> 2465 <h2 id="rfc.section. 7.4"><a href="#rfc.section.7.4">7.4</a> <a id="status.3xx" href="#status.3xx">Redirection 3xx</a></h2>2454 <p id="rfc.section.6.3.6.p.2">The message body included with the response <em class="bcp14">MUST</em> be empty. Note that receivers still need to parse the response according to the algorithm defined in <a href="p1-messaging.html#message.body" title="Message Body">Section 3.3</a> of <a href="#Part1" id="rfc.xref.Part1.24"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>. 2455 </p> 2456 <h2 id="rfc.section.6.4"><a href="#rfc.section.6.4">6.4</a> <a id="status.3xx" href="#status.3xx">Redirection 3xx</a></h2> 2466 2457 <div id="rfc.iref.72"></div> 2467 2458 <div id="rfc.iref.s.4"></div> 2468 <p id="rfc.section. 7.4.p.1">This class of status code indicates that further action needs to be taken by the user agent in order to fulfill the request.</p>2469 <p id="rfc.section. 7.4.p.2">There are several types of redirects: </p>2459 <p id="rfc.section.6.4.p.1">This class of status code indicates that further action needs to be taken by the user agent in order to fulfill the request.</p> 2460 <p id="rfc.section.6.4.p.2">There are several types of redirects: </p> 2470 2461 <ol> 2471 2462 <li> … … 2490 2481 </li> 2491 2482 </ol> 2492 <div class="note" id="rfc.section. 7.4.p.3">2483 <div class="note" id="rfc.section.6.4.p.3"> 2493 2484 <p> <b>Note:</b> In HTTP/1.0, only the status codes <a href="#status.301" class="smpl">301 (Moved Permanently)</a> and <a href="#status.302" class="smpl">302 (Found)</a> were defined for the first type of redirect, and the second type did not exist at all (<a href="#RFC1945" id="rfc.xref.RFC1945.1"><cite title="Hypertext Transfer Protocol -- HTTP/1.0">[RFC1945]</cite></a>, <a href="http://tools.ietf.org/html/rfc1945#section-9.3">Section 9.3</a>). However it turned out that web forms using POST expected redirects to change the operation for the subsequent request to 2494 2485 retrieval (GET). To address this use case, HTTP/1.1 introduced the second type of redirect with the status code <a href="#status.303" class="smpl">303 (See Other)</a> (<a href="#RFC2068" id="rfc.xref.RFC2068.2"><cite title="Hypertext Transfer Protocol -- HTTP/1.1">[RFC2068]</cite></a>, <a href="http://tools.ietf.org/html/rfc2068#section-10.3.4">Section 10.3.4</a>). As user agents did not change their behavior to maintain backwards compatibility, the first revision of HTTP/1.1 added … … 2496 2487 </p> 2497 2488 </div> 2498 <p id="rfc.section. 7.4.p.4">A <a href="#header.location" class="smpl">Location</a> header field on a 3xx response indicates that a client <em class="bcp14">MAY</em> automatically redirect to the URI provided; see <a href="#header.location" id="rfc.xref.header.location.2" title="Location">Section 8.1.2</a>.2499 </p> 2500 <p id="rfc.section. 7.4.p.5">Note that for methods not known to be "safe", as defined in <a href="#safe.methods" title="Safe Methods">Section 5.2.1</a>, automatic redirection needs to done with care, since the redirect might change the conditions under which the request was2489 <p id="rfc.section.6.4.p.4">A <a href="#header.location" class="smpl">Location</a> header field on a 3xx response indicates that a client <em class="bcp14">MAY</em> automatically redirect to the URI provided; see <a href="#header.location" id="rfc.xref.header.location.2" title="Location">Section 7.1.2</a>. 2490 </p> 2491 <p id="rfc.section.6.4.p.5">Note that for methods not known to be "safe", as defined in <a href="#safe.methods" title="Safe Methods">Section 4.2.1</a>, automatic redirection needs to done with care, since the redirect might change the conditions under which the request was 2501 2492 issued. 2502 2493 </p> 2503 <p id="rfc.section. 7.4.p.6">Clients <em class="bcp14">SHOULD</em> detect and intervene in cyclical redirections (i.e., "infinite" redirection loops).2504 </p> 2505 <div class="note" id="rfc.section. 7.4.p.7">2494 <p id="rfc.section.6.4.p.6">Clients <em class="bcp14">SHOULD</em> detect and intervene in cyclical redirections (i.e., "infinite" redirection loops). 2495 </p> 2496 <div class="note" id="rfc.section.6.4.p.7"> 2506 2497 <p> <b>Note:</b> An earlier version of this specification recommended a maximum of five redirections (<a href="#RFC2068" id="rfc.xref.RFC2068.3"><cite title="Hypertext Transfer Protocol -- HTTP/1.1">[RFC2068]</cite></a>, <a href="http://tools.ietf.org/html/rfc2068#section-10.3">Section 10.3</a>). Content developers need to be aware that some clients might implement such a fixed limitation. 2507 2498 </p> 2508 2499 </div> 2509 2500 <div id="rfc.iref.73"></div> 2510 <h3 id="rfc.section. 7.4.1"><a href="#rfc.section.7.4.1">7.4.1</a> <a id="status.300" href="#status.300">300 Multiple Choices</a></h3>2511 <p id="rfc.section. 7.4.1.p.1">The target resource has more than one representation, each with its own specific location, and reactive negotiation information2501 <h3 id="rfc.section.6.4.1"><a href="#rfc.section.6.4.1">6.4.1</a> <a id="status.300" href="#status.300">300 Multiple Choices</a></h3> 2502 <p id="rfc.section.6.4.1.p.1">The target resource has more than one representation, each with its own specific location, and reactive negotiation information 2512 2503 (<a href="#content.negotiation" title="Content Negotiation">Section 3.4</a>) is being provided so that the user (or user agent) can select a preferred representation by redirecting its request to that 2513 2504 location. 2514 2505 </p> 2515 <p id="rfc.section. 7.4.1.p.2">Unless it was a HEAD request, the response <em class="bcp14">SHOULD</em> include a representation containing a list of representation metadata and location(s) from which the user or user agent can2506 <p id="rfc.section.6.4.1.p.2">Unless it was a HEAD request, the response <em class="bcp14">SHOULD</em> include a representation containing a list of representation metadata and location(s) from which the user or user agent can 2516 2507 choose the one most appropriate. Depending upon the format and the capabilities of the user agent, selection of the most appropriate 2517 2508 choice <em class="bcp14">MAY</em> be performed automatically. However, this specification does not define any standard for such automatic selection. 2518 2509 </p> 2519 <p id="rfc.section. 7.4.1.p.3">If the server has a preferred choice of representation, it <em class="bcp14">SHOULD</em> include the specific URI for that representation in the <a href="#header.location" class="smpl">Location</a> field; user agents <em class="bcp14">MAY</em> use the Location field value for automatic redirection.2520 </p> 2521 <p id="rfc.section. 7.4.1.p.4">Caches <em class="bcp14">MAY</em> use a heuristic (see <a href="p6-cache.html#heuristic.freshness" title="Calculating Heuristic Freshness">Section 4.1.2</a> of <a href="#Part6" id="rfc.xref.Part6.10"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>) to determine freshness for 300 responses.2510 <p id="rfc.section.6.4.1.p.3">If the server has a preferred choice of representation, it <em class="bcp14">SHOULD</em> include the specific URI for that representation in the <a href="#header.location" class="smpl">Location</a> field; user agents <em class="bcp14">MAY</em> use the Location field value for automatic redirection. 2511 </p> 2512 <p id="rfc.section.6.4.1.p.4">Caches <em class="bcp14">MAY</em> use a heuristic (see <a href="p6-cache.html#heuristic.freshness" title="Calculating Heuristic Freshness">Section 4.1.2</a> of <a href="#Part6" id="rfc.xref.Part6.10"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>) to determine freshness for 300 responses. 2522 2513 </p> 2523 2514 <div id="rfc.iref.73"></div> 2524 <h3 id="rfc.section. 7.4.2"><a href="#rfc.section.7.4.2">7.4.2</a> <a id="status.301" href="#status.301">301 Moved Permanently</a></h3>2525 <p id="rfc.section. 7.4.2.p.1">The target resource has been assigned a new permanent URI and any future references to this resource <em class="bcp14">SHOULD</em> use one of the returned URIs. Clients with link editing capabilities ought to automatically re-link references to the effective2515 <h3 id="rfc.section.6.4.2"><a href="#rfc.section.6.4.2">6.4.2</a> <a id="status.301" href="#status.301">301 Moved Permanently</a></h3> 2516 <p id="rfc.section.6.4.2.p.1">The target resource has been assigned a new permanent URI and any future references to this resource <em class="bcp14">SHOULD</em> use one of the returned URIs. Clients with link editing capabilities ought to automatically re-link references to the effective 2526 2517 request URI to one or more of the new references returned by the server, where possible. 2527 2518 </p> 2528 <p id="rfc.section. 7.4.2.p.2">Caches <em class="bcp14">MAY</em> use a heuristic (see <a href="p6-cache.html#heuristic.freshness" title="Calculating Heuristic Freshness">Section 4.1.2</a> of <a href="#Part6" id="rfc.xref.Part6.11"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>) to determine freshness for 301 responses.2529 </p> 2530 <p id="rfc.section. 7.4.2.p.3">The new permanent URI <em class="bcp14">SHOULD</em> be given by the <a href="#header.location" class="smpl">Location</a> field in the response. A response payload can contain a short hypertext note with a hyperlink to the new URI(s).2531 </p> 2532 <div class="note" id="rfc.section. 7.4.2.p.4">2519 <p id="rfc.section.6.4.2.p.2">Caches <em class="bcp14">MAY</em> use a heuristic (see <a href="p6-cache.html#heuristic.freshness" title="Calculating Heuristic Freshness">Section 4.1.2</a> of <a href="#Part6" id="rfc.xref.Part6.11"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>) to determine freshness for 301 responses. 2520 </p> 2521 <p id="rfc.section.6.4.2.p.3">The new permanent URI <em class="bcp14">SHOULD</em> be given by the <a href="#header.location" class="smpl">Location</a> field in the response. A response payload can contain a short hypertext note with a hyperlink to the new URI(s). 2522 </p> 2523 <div class="note" id="rfc.section.6.4.2.p.4"> 2533 2524 <p> <b>Note:</b> For historic reasons, user agents <em class="bcp14">MAY</em> change the request method from POST to GET for the subsequent request. If this behavior is undesired, status code <a href="#status.307" class="smpl">307 (Temporary Redirect)</a> can be used instead. 2534 2525 </p> 2535 2526 </div> 2536 2527 <div id="rfc.iref.73"></div> 2537 <h3 id="rfc.section. 7.4.3"><a href="#rfc.section.7.4.3">7.4.3</a> <a id="status.302" href="#status.302">302 Found</a></h3>2538 <p id="rfc.section. 7.4.3.p.1">The target resource resides temporarily under a different URI. Since the redirection might be altered on occasion, the client <em class="bcp14">SHOULD</em> continue to use the effective request URI for future requests.2539 </p> 2540 <p id="rfc.section. 7.4.3.p.2">The temporary URI <em class="bcp14">SHOULD</em> be given by the <a href="#header.location" class="smpl">Location</a> field in the response. A response payload can contain a short hypertext note with a hyperlink to the new URI(s).2541 </p> 2542 <div class="note" id="rfc.section. 7.4.3.p.3">2528 <h3 id="rfc.section.6.4.3"><a href="#rfc.section.6.4.3">6.4.3</a> <a id="status.302" href="#status.302">302 Found</a></h3> 2529 <p id="rfc.section.6.4.3.p.1">The target resource resides temporarily under a different URI. Since the redirection might be altered on occasion, the client <em class="bcp14">SHOULD</em> continue to use the effective request URI for future requests. 2530 </p> 2531 <p id="rfc.section.6.4.3.p.2">The temporary URI <em class="bcp14">SHOULD</em> be given by the <a href="#header.location" class="smpl">Location</a> field in the response. A response payload can contain a short hypertext note with a hyperlink to the new URI(s). 2532 </p> 2533 <div class="note" id="rfc.section.6.4.3.p.3"> 2543 2534 <p> <b>Note:</b> For historic reasons, user agents <em class="bcp14">MAY</em> change the request method from POST to GET for the subsequent request. If this behavior is undesired, status code <a href="#status.307" class="smpl">307 (Temporary Redirect)</a> can be used instead. 2544 2535 </p> 2545 2536 </div> 2546 2537 <div id="rfc.iref.73"></div> 2547 <h3 id="rfc.section. 7.4.4"><a href="#rfc.section.7.4.4">7.4.4</a> <a id="status.303" href="#status.303">303 See Other</a></h3>2548 <p id="rfc.section. 7.4.4.p.1">The 303 status code indicates that the server is redirecting the user agent to a different resource, as indicated by a URI2538 <h3 id="rfc.section.6.4.4"><a href="#rfc.section.6.4.4">6.4.4</a> <a id="status.303" href="#status.303">303 See Other</a></h3> 2539 <p id="rfc.section.6.4.4.p.1">The 303 status code indicates that the server is redirecting the user agent to a different resource, as indicated by a URI 2549 2540 in the <a href="#header.location" class="smpl">Location</a> header field, that is intended to provide an indirect response to the original request. In order to satisfy the original request, 2550 2541 a user agent <em class="bcp14">SHOULD</em> perform a retrieval request using the Location URI (a GET or HEAD request if using HTTP), which can itself be redirected further, … … 2552 2543 not considered equivalent to the effective request URI. 2553 2544 </p> 2554 <p id="rfc.section. 7.4.4.p.2">This status code is generally applicable to any HTTP method. It is primarily used to allow the output of a POST action to2545 <p id="rfc.section.6.4.4.p.2">This status code is generally applicable to any HTTP method. It is primarily used to allow the output of a POST action to 2555 2546 redirect the user agent to a selected resource, since doing so provides the information corresponding to the POST response 2556 2547 in a form that can be separately identified, bookmarked, and cached independent of the original request. 2557 2548 </p> 2558 <p id="rfc.section. 7.4.4.p.3">A 303 response to a GET request indicates that the requested resource does not have a representation of its own that can be2549 <p id="rfc.section.6.4.4.p.3">A 303 response to a GET request indicates that the requested resource does not have a representation of its own that can be 2559 2550 transferred by the server over HTTP. The <a href="#header.location" class="smpl">Location</a> URI indicates a resource that is descriptive of the target resource, such that the follow-on representation might be useful 2560 2551 to recipients without implying that it adequately represents the target resource. Note that answers to the questions of what … … 2562 2553 and thus entirely determined by the URI owner(s). 2563 2554 </p> 2564 <p id="rfc.section. 7.4.4.p.4">Except for responses to a HEAD request, the representation of a 303 response <em class="bcp14">SHOULD</em> contain a short hypertext note with a hyperlink to the <a href="#header.location" class="smpl">Location</a> URI.2555 <p id="rfc.section.6.4.4.p.4">Except for responses to a HEAD request, the representation of a 303 response <em class="bcp14">SHOULD</em> contain a short hypertext note with a hyperlink to the <a href="#header.location" class="smpl">Location</a> URI. 2565 2556 </p> 2566 2557 <div id="rfc.iref.73"></div> 2567 <h3 id="rfc.section. 7.4.5"><a href="#rfc.section.7.4.5">7.4.5</a> <a id="status.305" href="#status.305">305 Use Proxy</a></h3>2568 <p id="rfc.section. 7.4.5.p.1">The 305 status code was defined in a previous version of this specification (see <a href="#changes.from.rfc.2616" title="Changes from RFC 2616">Appendix C</a>), and is now deprecated.2558 <h3 id="rfc.section.6.4.5"><a href="#rfc.section.6.4.5">6.4.5</a> <a id="status.305" href="#status.305">305 Use Proxy</a></h3> 2559 <p id="rfc.section.6.4.5.p.1">The 305 status code was defined in a previous version of this specification (see <a href="#changes.from.rfc.2616" title="Changes from RFC 2616">Appendix C</a>), and is now deprecated. 2569 2560 </p> 2570 2561 <div id="rfc.iref.73"></div> 2571 <h3 id="rfc.section. 7.4.6"><a href="#rfc.section.7.4.6">7.4.6</a> <a id="status.306" href="#status.306">306 (Unused)</a></h3>2572 <p id="rfc.section. 7.4.6.p.1">The 306 status code was used in a previous version of the specification, is no longer used, and the code is reserved.</p>2562 <h3 id="rfc.section.6.4.6"><a href="#rfc.section.6.4.6">6.4.6</a> <a id="status.306" href="#status.306">306 (Unused)</a></h3> 2563 <p id="rfc.section.6.4.6.p.1">The 306 status code was used in a previous version of the specification, is no longer used, and the code is reserved.</p> 2573 2564 <div id="rfc.iref.73"></div> 2574 <h3 id="rfc.section. 7.4.7"><a href="#rfc.section.7.4.7">7.4.7</a> <a id="status.307" href="#status.307">307 Temporary Redirect</a></h3>2575 <p id="rfc.section. 7.4.7.p.1">The target resource resides temporarily under a different URI. Since the redirection can change over time, the client <em class="bcp14">SHOULD</em> continue to use the effective request URI for future requests.2576 </p> 2577 <p id="rfc.section. 7.4.7.p.2">The temporary URI <em class="bcp14">SHOULD</em> be given by the <a href="#header.location" class="smpl">Location</a> field in the response. A response payload can contain a short hypertext note with a hyperlink to the new URI(s).2578 </p> 2579 <div class="note" id="rfc.section. 7.4.7.p.3">2565 <h3 id="rfc.section.6.4.7"><a href="#rfc.section.6.4.7">6.4.7</a> <a id="status.307" href="#status.307">307 Temporary Redirect</a></h3> 2566 <p id="rfc.section.6.4.7.p.1">The target resource resides temporarily under a different URI. Since the redirection can change over time, the client <em class="bcp14">SHOULD</em> continue to use the effective request URI for future requests. 2567 </p> 2568 <p id="rfc.section.6.4.7.p.2">The temporary URI <em class="bcp14">SHOULD</em> be given by the <a href="#header.location" class="smpl">Location</a> field in the response. A response payload can contain a short hypertext note with a hyperlink to the new URI(s). 2569 </p> 2570 <div class="note" id="rfc.section.6.4.7.p.3"> 2580 2571 <p> <b>Note:</b> This status code is similar to <a href="#status.302" class="smpl">302 (Found)</a>, except that it does not allow rewriting the request method from POST to GET. This specification defines no equivalent counterpart 2581 2572 for <a href="#status.301" class="smpl">301 (Moved … … 2583 2574 </p> 2584 2575 </div> 2585 <h2 id="rfc.section. 7.5"><a href="#rfc.section.7.5">7.5</a> <a id="status.4xx" href="#status.4xx">Client Error 4xx</a></h2>2576 <h2 id="rfc.section.6.5"><a href="#rfc.section.6.5">6.5</a> <a id="status.4xx" href="#status.4xx">Client Error 4xx</a></h2> 2586 2577 <div id="rfc.iref.73"></div> 2587 2578 <div id="rfc.iref.s.5"></div> 2588 <p id="rfc.section. 7.5.p.1">The 4xx class of status code is intended for cases in which the client seems to have erred. Except when responding to a HEAD2579 <p id="rfc.section.6.5.p.1">The 4xx class of status code is intended for cases in which the client seems to have erred. Except when responding to a HEAD 2589 2580 request, the server <em class="bcp14">SHOULD</em> include a representation containing an explanation of the error situation, and whether it is a temporary or permanent condition. 2590 2581 These status codes are applicable to any request method. User agents <em class="bcp14">SHOULD</em> display any included representation to the user. 2591 2582 </p> 2592 2583 <div id="rfc.iref.74"></div> 2593 <h3 id="rfc.section. 7.5.1"><a href="#rfc.section.7.5.1">7.5.1</a> <a id="status.400" href="#status.400">400 Bad Request</a></h3>2594 <p id="rfc.section. 7.5.1.p.1">The server cannot or will not process the request, due to a client error (e.g., malformed syntax).</p>2584 <h3 id="rfc.section.6.5.1"><a href="#rfc.section.6.5.1">6.5.1</a> <a id="status.400" href="#status.400">400 Bad Request</a></h3> 2585 <p id="rfc.section.6.5.1.p.1">The server cannot or will not process the request, due to a client error (e.g., malformed syntax).</p> 2595 2586 <div id="rfc.iref.74"></div> 2596 <h3 id="rfc.section. 7.5.2"><a href="#rfc.section.7.5.2">7.5.2</a> <a id="status.402" href="#status.402">402 Payment Required</a></h3>2597 <p id="rfc.section. 7.5.2.p.1">This code is reserved for future use.</p>2587 <h3 id="rfc.section.6.5.2"><a href="#rfc.section.6.5.2">6.5.2</a> <a id="status.402" href="#status.402">402 Payment Required</a></h3> 2588 <p id="rfc.section.6.5.2.p.1">This code is reserved for future use.</p> 2598 2589 <div id="rfc.iref.74"></div> 2599 <h3 id="rfc.section. 7.5.3"><a href="#rfc.section.7.5.3">7.5.3</a> <a id="status.403" href="#status.403">403 Forbidden</a></h3>2600 <p id="rfc.section. 7.5.3.p.1">The server understood the request, but refuses to authorize it. Providing different user authentication credentials might2590 <h3 id="rfc.section.6.5.3"><a href="#rfc.section.6.5.3">6.5.3</a> <a id="status.403" href="#status.403">403 Forbidden</a></h3> 2591 <p id="rfc.section.6.5.3.p.1">The server understood the request, but refuses to authorize it. Providing different user authentication credentials might 2601 2592 be successful, but any credentials that were provided in the request are insufficient. The request <em class="bcp14">SHOULD NOT</em> be repeated with the same credentials. 2602 2593 </p> 2603 <p id="rfc.section. 7.5.3.p.2">If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it <em class="bcp14">SHOULD</em> describe the reason for the refusal in the representation. If the server does not wish to make this information available2594 <p id="rfc.section.6.5.3.p.2">If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it <em class="bcp14">SHOULD</em> describe the reason for the refusal in the representation. If the server does not wish to make this information available 2604 2595 to the client, the status code <a href="#status.404" class="smpl">404 2605 2596 (Not Found)</a> <em class="bcp14">MAY</em> be used instead. 2606 2597 </p> 2607 2598 <div id="rfc.iref.74"></div> 2608 <h3 id="rfc.section. 7.5.4"><a href="#rfc.section.7.5.4">7.5.4</a> <a id="status.404" href="#status.404">404 Not Found</a></h3>2609 <p id="rfc.section. 7.5.4.p.1">The server has not found anything matching the effective request URI. No indication is given of whether the condition is temporary2599 <h3 id="rfc.section.6.5.4"><a href="#rfc.section.6.5.4">6.5.4</a> <a id="status.404" href="#status.404">404 Not Found</a></h3> 2600 <p id="rfc.section.6.5.4.p.1">The server has not found anything matching the effective request URI. No indication is given of whether the condition is temporary 2610 2601 or permanent. The <a href="#status.410" class="smpl">410 (Gone)</a> status code <em class="bcp14">SHOULD</em> be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable 2611 2602 and has no forwarding address. This status code is commonly used when the server does not wish to reveal exactly why the request … … 2613 2604 </p> 2614 2605 <div id="rfc.iref.74"></div> 2615 <h3 id="rfc.section. 7.5.5"><a href="#rfc.section.7.5.5">7.5.5</a> <a id="status.405" href="#status.405">405 Method Not Allowed</a></h3>2616 <p id="rfc.section. 7.5.5.p.1">The method specified in the request-line is not allowed for the target resource. The response <em class="bcp14">MUST</em> include an <a href="#header.allow" class="smpl">Allow</a> header field containing a list of valid methods for the requested resource.2606 <h3 id="rfc.section.6.5.5"><a href="#rfc.section.6.5.5">6.5.5</a> <a id="status.405" href="#status.405">405 Method Not Allowed</a></h3> 2607 <p id="rfc.section.6.5.5.p.1">The method specified in the request-line is not allowed for the target resource. The response <em class="bcp14">MUST</em> include an <a href="#header.allow" class="smpl">Allow</a> header field containing a list of valid methods for the requested resource. 2617 2608 </p> 2618 2609 <div id="rfc.iref.74"></div> 2619 <h3 id="rfc.section. 7.5.6"><a href="#rfc.section.7.5.6">7.5.6</a> <a id="status.406" href="#status.406">406 Not Acceptable</a></h3>2620 <p id="rfc.section. 7.5.6.p.1">The resource identified by the request is only capable of generating response representations which have content characteristics2610 <h3 id="rfc.section.6.5.6"><a href="#rfc.section.6.5.6">6.5.6</a> <a id="status.406" href="#status.406">406 Not Acceptable</a></h3> 2611 <p id="rfc.section.6.5.6.p.1">The resource identified by the request is only capable of generating response representations which have content characteristics 2621 2612 not acceptable according to the <a href="#header.accept" class="smpl">Accept</a> and Accept-* header fields sent in the request. 2622 2613 </p> 2623 <p id="rfc.section. 7.5.6.p.2">Unless it was a HEAD request, the response <em class="bcp14">SHOULD</em> include a representation containing a list of available representation characteristics and location(s) from which the user2614 <p id="rfc.section.6.5.6.p.2">Unless it was a HEAD request, the response <em class="bcp14">SHOULD</em> include a representation containing a list of available representation characteristics and location(s) from which the user 2624 2615 or user agent can choose the one most appropriate. Depending upon the format and the capabilities of the user agent, selection 2625 2616 of the most appropriate choice <em class="bcp14">MAY</em> be performed automatically. However, this specification does not define any standard for such automatic selection. 2626 2617 </p> 2627 <div class="note" id="rfc.section. 7.5.6.p.3">2618 <div class="note" id="rfc.section.6.5.6.p.3"> 2628 2619 <p> <b>Note:</b> HTTP/1.1 servers are allowed to return responses which are not acceptable according to the accept header fields sent in the 2629 2620 request. In some cases, this might even be preferable to sending a 406 response. User agents are encouraged to inspect the … … 2631 2622 </p> 2632 2623 </div> 2633 <p id="rfc.section. 7.5.6.p.4">If the response could be unacceptable, a user agent <em class="bcp14">SHOULD</em> temporarily stop receipt of more data and query the user for a decision on further actions.2624 <p id="rfc.section.6.5.6.p.4">If the response could be unacceptable, a user agent <em class="bcp14">SHOULD</em> temporarily stop receipt of more data and query the user for a decision on further actions. 2634 2625 </p> 2635 2626 <div id="rfc.iref.74"></div> 2636 <h3 id="rfc.section. 7.5.7"><a href="#rfc.section.7.5.7">7.5.7</a> <a id="status.408" href="#status.408">408 Request Timeout</a></h3>2637 <p id="rfc.section. 7.5.7.p.1">The server did not receive a complete request message within the time that it was prepared to wait. If the client has sent2627 <h3 id="rfc.section.6.5.7"><a href="#rfc.section.6.5.7">6.5.7</a> <a id="status.408" href="#status.408">408 Request Timeout</a></h3> 2628 <p id="rfc.section.6.5.7.p.1">The server did not receive a complete request message within the time that it was prepared to wait. If the client has sent 2638 2629 a request, it <em class="bcp14">MAY</em> repeat that request, possibly on a new connection if the server indicates that the present connection is being closed. 2639 2630 </p> 2640 2631 <div id="rfc.iref.74"></div> 2641 <h3 id="rfc.section. 7.5.8"><a href="#rfc.section.7.5.8">7.5.8</a> <a id="status.409" href="#status.409">409 Conflict</a></h3>2642 <p id="rfc.section. 7.5.8.p.1">The request could not be completed due to a conflict with the current state of the resource. This code is only allowed in2632 <h3 id="rfc.section.6.5.8"><a href="#rfc.section.6.5.8">6.5.8</a> <a id="status.409" href="#status.409">409 Conflict</a></h3> 2633 <p id="rfc.section.6.5.8.p.1">The request could not be completed due to a conflict with the current state of the resource. This code is only allowed in 2643 2634 situations where it is expected that the user might be able to resolve the conflict and resubmit the request. The payload <em class="bcp14">SHOULD</em> include enough information for the user to recognize the source of the conflict. Ideally, the response representation would 2644 2635 include enough information for the user or user agent to fix the problem; however, that might not be possible and is not required. 2645 2636 </p> 2646 <p id="rfc.section. 7.5.8.p.2">Conflicts are most likely to occur in response to a PUT request. For example, if versioning were being used and the representation2637 <p id="rfc.section.6.5.8.p.2">Conflicts are most likely to occur in response to a PUT request. For example, if versioning were being used and the representation 2647 2638 being PUT included changes to a resource which conflict with those made by an earlier (third-party) request, the server might 2648 2639 use the 409 response to indicate that it can't complete the request. In this case, the response representation would likely … … 2650 2641 </p> 2651 2642 <div id="rfc.iref.74"></div> 2652 <h3 id="rfc.section. 7.5.9"><a href="#rfc.section.7.5.9">7.5.9</a> <a id="status.410" href="#status.410">410 Gone</a></h3>2653 <p id="rfc.section. 7.5.9.p.1">The target resource is no longer available at the server and no forwarding address is known. This condition is expected to2643 <h3 id="rfc.section.6.5.9"><a href="#rfc.section.6.5.9">6.5.9</a> <a id="status.410" href="#status.410">410 Gone</a></h3> 2644 <p id="rfc.section.6.5.9.p.1">The target resource is no longer available at the server and no forwarding address is known. This condition is expected to 2654 2645 be considered permanent. Clients with link editing capabilities <em class="bcp14">SHOULD</em> delete references to the effective request URI after user approval. If the server does not know, or has no facility to determine, 2655 2646 whether or not the condition is permanent, the status code <a href="#status.404" class="smpl">404 (Not Found)</a> <em class="bcp14">SHOULD</em> be used instead. 2656 2647 </p> 2657 <p id="rfc.section. 7.5.9.p.2">The 410 response is primarily intended to assist the task of web maintenance by notifying the recipient that the resource2648 <p id="rfc.section.6.5.9.p.2">The 410 response is primarily intended to assist the task of web maintenance by notifying the recipient that the resource 2658 2649 is intentionally unavailable and that the server owners desire that remote links to that resource be removed. Such an event 2659 2650 is common for limited-time, promotional services and for resources belonging to individuals no longer working at the server's … … 2661 2652 — that is left to the discretion of the server owner. 2662 2653 </p> 2663 <p id="rfc.section. 7.5.9.p.3">Caches <em class="bcp14">MAY</em> use a heuristic (see <a href="p6-cache.html#heuristic.freshness" title="Calculating Heuristic Freshness">Section 4.1.2</a> of <a href="#Part6" id="rfc.xref.Part6.12"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>) to determine freshness for 410 responses.2654 <p id="rfc.section.6.5.9.p.3">Caches <em class="bcp14">MAY</em> use a heuristic (see <a href="p6-cache.html#heuristic.freshness" title="Calculating Heuristic Freshness">Section 4.1.2</a> of <a href="#Part6" id="rfc.xref.Part6.12"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>) to determine freshness for 410 responses. 2664 2655 </p> 2665 2656 <div id="rfc.iref.74"></div> 2666 <h3 id="rfc.section. 7.5.10"><a href="#rfc.section.7.5.10">7.5.10</a> <a id="status.411" href="#status.411">411 Length Required</a></h3>2667 <p id="rfc.section. 7.5.10.p.1">The server refuses to accept the request without a defined <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a>. The client <em class="bcp14">MAY</em> repeat the request if it adds a valid Content-Length header field containing the length of the message body in the request2657 <h3 id="rfc.section.6.5.10"><a href="#rfc.section.6.5.10">6.5.10</a> <a id="status.411" href="#status.411">411 Length Required</a></h3> 2658 <p id="rfc.section.6.5.10.p.1">The server refuses to accept the request without a defined <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a>. The client <em class="bcp14">MAY</em> repeat the request if it adds a valid Content-Length header field containing the length of the message body in the request 2668 2659 message. 2669 2660 </p> 2670 2661 <div id="rfc.iref.74"></div> 2671 <h3 id="rfc.section. 7.5.11"><a href="#rfc.section.7.5.11">7.5.11</a> <a id="status.413" href="#status.413">413 Request Representation Too Large</a></h3>2672 <p id="rfc.section. 7.5.11.p.1">The server is refusing to process a request because the request representation is larger than the server is willing or able2662 <h3 id="rfc.section.6.5.11"><a href="#rfc.section.6.5.11">6.5.11</a> <a id="status.413" href="#status.413">413 Request Representation Too Large</a></h3> 2663 <p id="rfc.section.6.5.11.p.1">The server is refusing to process a request because the request representation is larger than the server is willing or able 2673 2664 to process. The server <em class="bcp14">MAY</em> close the connection to prevent the client from continuing the request. 2674 2665 </p> 2675 <p id="rfc.section. 7.5.11.p.2">If the condition is temporary, the server <em class="bcp14">SHOULD</em> include a <a href="#header.retry-after" class="smpl">Retry-After</a> header field to indicate that it is temporary and after what time the client <em class="bcp14">MAY</em> try again.2666 <p id="rfc.section.6.5.11.p.2">If the condition is temporary, the server <em class="bcp14">SHOULD</em> include a <a href="#header.retry-after" class="smpl">Retry-After</a> header field to indicate that it is temporary and after what time the client <em class="bcp14">MAY</em> try again. 2676 2667 </p> 2677 2668 <div id="rfc.iref.74"></div> 2678 <h3 id="rfc.section. 7.5.12"><a href="#rfc.section.7.5.12">7.5.12</a> <a id="status.414" href="#status.414">414 URI Too Long</a></h3>2679 <p id="rfc.section. 7.5.12.p.1">The server is refusing to service the request because the effective request URI is longer than the server is willing to interpret.2669 <h3 id="rfc.section.6.5.12"><a href="#rfc.section.6.5.12">6.5.12</a> <a id="status.414" href="#status.414">414 URI Too Long</a></h3> 2670 <p id="rfc.section.6.5.12.p.1">The server is refusing to service the request because the effective request URI is longer than the server is willing to interpret. 2680 2671 This rare condition is only likely to occur when a client has improperly converted a POST request to a GET request with long 2681 2672 query information, when the client has descended into a URI "black hole" of redirection (e.g., a redirected URI prefix that … … 2684 2675 </p> 2685 2676 <div id="rfc.iref.74"></div> 2686 <h3 id="rfc.section. 7.5.13"><a href="#rfc.section.7.5.13">7.5.13</a> <a id="status.415" href="#status.415">415 Unsupported Media Type</a></h3>2687 <p id="rfc.section. 7.5.13.p.1">The server is refusing to service the request because the request payload is in a format not supported by this request method2677 <h3 id="rfc.section.6.5.13"><a href="#rfc.section.6.5.13">6.5.13</a> <a id="status.415" href="#status.415">415 Unsupported Media Type</a></h3> 2678 <p id="rfc.section.6.5.13.p.1">The server is refusing to service the request because the request payload is in a format not supported by this request method 2688 2679 on the target resource. The format problem might be due to the request's indicated <a href="#header.content-type" class="smpl">Content-Type</a> or <a href="#header.content-encoding" class="smpl">Content-Encoding</a>, or as a result of inspecting the data directly. 2689 2680 </p> 2690 2681 <div id="rfc.iref.74"></div> 2691 <h3 id="rfc.section. 7.5.14"><a href="#rfc.section.7.5.14">7.5.14</a> <a id="status.417" href="#status.417">417 Expectation Failed</a></h3>2692 <p id="rfc.section. 7.5.14.p.1">The expectation given in an <a href="#header.expect" class="smpl">Expect</a> header field (see <a href="#header.expect" id="rfc.xref.header.expect.2" title="Expect">Section 6.1.2</a>) could not be met by this server, or, if the server is a proxy, the server has unambiguous evidence that the request could2682 <h3 id="rfc.section.6.5.14"><a href="#rfc.section.6.5.14">6.5.14</a> <a id="status.417" href="#status.417">417 Expectation Failed</a></h3> 2683 <p id="rfc.section.6.5.14.p.1">The expectation given in an <a href="#header.expect" class="smpl">Expect</a> header field (see <a href="#header.expect" id="rfc.xref.header.expect.2" title="Expect">Section 5.1.2</a>) could not be met by this server, or, if the server is a proxy, the server has unambiguous evidence that the request could 2693 2684 not be met by the next-hop server. 2694 2685 </p> 2695 2686 <div id="rfc.iref.74"></div> 2696 <h3 id="rfc.section. 7.5.15"><a href="#rfc.section.7.5.15">7.5.15</a> <a id="status.426" href="#status.426">426 Upgrade Required</a></h3>2697 <p id="rfc.section. 7.5.15.p.1">The request can not be completed without a prior protocol upgrade. This response <em class="bcp14">MUST</em> include an <a href="p1-messaging.html#header.upgrade" class="smpl">Upgrade</a> header field (<a href="p1-messaging.html#header.upgrade" title="Upgrade">Section 6.7</a> of <a href="#Part1" id="rfc.xref.Part1.25"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) specifying the required protocols.2698 </p> 2699 <div id="rfc.figure.u.4 2"></div>2687 <h3 id="rfc.section.6.5.15"><a href="#rfc.section.6.5.15">6.5.15</a> <a id="status.426" href="#status.426">426 Upgrade Required</a></h3> 2688 <p id="rfc.section.6.5.15.p.1">The request can not be completed without a prior protocol upgrade. This response <em class="bcp14">MUST</em> include an <a href="p1-messaging.html#header.upgrade" class="smpl">Upgrade</a> header field (<a href="p1-messaging.html#header.upgrade" title="Upgrade">Section 6.7</a> of <a href="#Part1" id="rfc.xref.Part1.25"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) specifying the required protocols. 2689 </p> 2690 <div id="rfc.figure.u.41"></div> 2700 2691 <p>Example:</p> <pre class="text">HTTP/1.1 426 Upgrade Required 2701 2692 Upgrade: HTTP/3.0 … … 2705 2696 2706 2697 <span id="s426body">This service requires use of the HTTP/3.0 protocol. 2707 </span></pre><p id="rfc.section. 7.5.15.p.3">The server <em class="bcp14">SHOULD</em> include a message body in the 426 response which indicates in human readable form the reason for the error and describes any2698 </span></pre><p id="rfc.section.6.5.15.p.3">The server <em class="bcp14">SHOULD</em> include a message body in the 426 response which indicates in human readable form the reason for the error and describes any 2708 2699 alternative courses which might be available to the user. 2709 2700 </p> 2710 <h2 id="rfc.section. 7.6"><a href="#rfc.section.7.6">7.6</a> <a id="status.5xx" href="#status.5xx">Server Error 5xx</a></h2>2701 <h2 id="rfc.section.6.6"><a href="#rfc.section.6.6">6.6</a> <a id="status.5xx" href="#status.5xx">Server Error 5xx</a></h2> 2711 2702 <div id="rfc.iref.74"></div> 2712 2703 <div id="rfc.iref.s.6"></div> 2713 <p id="rfc.section. 7.6.p.1">Response status codes beginning with the digit "5" indicate cases in which the server is aware that it has erred or is incapable2704 <p id="rfc.section.6.6.p.1">Response status codes beginning with the digit "5" indicate cases in which the server is aware that it has erred or is incapable 2714 2705 of performing the request. Except when responding to a HEAD request, the server <em class="bcp14">SHOULD</em> include a representation containing an explanation of the error situation, and whether it is a temporary or permanent condition. 2715 2706 User agents <em class="bcp14">SHOULD</em> display any included representation to the user. These response codes are applicable to any request method. 2716 2707 </p> 2717 2708 <div id="rfc.iref.75"></div> 2718 <h3 id="rfc.section. 7.6.1"><a href="#rfc.section.7.6.1">7.6.1</a> <a id="status.500" href="#status.500">500 Internal Server Error</a></h3>2719 <p id="rfc.section. 7.6.1.p.1">The server encountered an unexpected condition which prevented it from fulfilling the request.</p>2709 <h3 id="rfc.section.6.6.1"><a href="#rfc.section.6.6.1">6.6.1</a> <a id="status.500" href="#status.500">500 Internal Server Error</a></h3> 2710 <p id="rfc.section.6.6.1.p.1">The server encountered an unexpected condition which prevented it from fulfilling the request.</p> 2720 2711 <div id="rfc.iref.75"></div> 2721 <h3 id="rfc.section. 7.6.2"><a href="#rfc.section.7.6.2">7.6.2</a> <a id="status.501" href="#status.501">501 Not Implemented</a></h3>2722 <p id="rfc.section. 7.6.2.p.1">The server does not support the functionality required to fulfill the request. This is the appropriate response when the server2712 <h3 id="rfc.section.6.6.2"><a href="#rfc.section.6.6.2">6.6.2</a> <a id="status.501" href="#status.501">501 Not Implemented</a></h3> 2713 <p id="rfc.section.6.6.2.p.1">The server does not support the functionality required to fulfill the request. This is the appropriate response when the server 2723 2714 does not recognize the request method and is not capable of supporting it for any resource. 2724 2715 </p> 2725 2716 <div id="rfc.iref.75"></div> 2726 <h3 id="rfc.section. 7.6.3"><a href="#rfc.section.7.6.3">7.6.3</a> <a id="status.502" href="#status.502">502 Bad Gateway</a></h3>2727 <p id="rfc.section. 7.6.3.p.1">The server, while acting as a gateway or proxy, received an invalid response from the upstream server it accessed in attempting2717 <h3 id="rfc.section.6.6.3"><a href="#rfc.section.6.6.3">6.6.3</a> <a id="status.502" href="#status.502">502 Bad Gateway</a></h3> 2718 <p id="rfc.section.6.6.3.p.1">The server, while acting as a gateway or proxy, received an invalid response from the upstream server it accessed in attempting 2728 2719 to fulfill the request. 2729 2720 </p> 2730 2721 <div id="rfc.iref.75"></div> 2731 <h3 id="rfc.section. 7.6.4"><a href="#rfc.section.7.6.4">7.6.4</a> <a id="status.503" href="#status.503">503 Service Unavailable</a></h3>2732 <p id="rfc.section. 7.6.4.p.1">The server is currently unable to handle the request due to a temporary overloading or maintenance of the server.</p>2733 <p id="rfc.section. 7.6.4.p.2">The implication is that this is a temporary condition which will be alleviated after some delay. If known, the length of the2734 delay <em class="bcp14">MAY</em> be indicated in a <a href="#header.retry-after" class="smpl">Retry-After</a> header field (<a href="#header.retry-after" id="rfc.xref.header.retry-after.1" title="Retry-After">Section 8.1.3</a>). If no Retry-After is given, the client <em class="bcp14">SHOULD</em> handle the response as it would for a <a href="#status.500" class="smpl">500 (Internal2722 <h3 id="rfc.section.6.6.4"><a href="#rfc.section.6.6.4">6.6.4</a> <a id="status.503" href="#status.503">503 Service Unavailable</a></h3> 2723 <p id="rfc.section.6.6.4.p.1">The server is currently unable to handle the request due to a temporary overloading or maintenance of the server.</p> 2724 <p id="rfc.section.6.6.4.p.2">The implication is that this is a temporary condition which will be alleviated after some delay. If known, the length of the 2725 delay <em class="bcp14">MAY</em> be indicated in a <a href="#header.retry-after" class="smpl">Retry-After</a> header field (<a href="#header.retry-after" id="rfc.xref.header.retry-after.1" title="Retry-After">Section 7.1.3</a>). If no Retry-After is given, the client <em class="bcp14">SHOULD</em> handle the response as it would for a <a href="#status.500" class="smpl">500 (Internal 2735 2726 Server Error)</a> response. 2736 2727 </p> 2737 <div class="note" id="rfc.section. 7.6.4.p.3">2728 <div class="note" id="rfc.section.6.6.4.p.3"> 2738 2729 <p> <b>Note:</b> The existence of the 503 status code does not imply that a server has to use it when becoming overloaded. Some servers might 2739 2730 wish to simply refuse the connection. … … 2741 2732 </div> 2742 2733 <div id="rfc.iref.75"></div> 2743 <h3 id="rfc.section. 7.6.5"><a href="#rfc.section.7.6.5">7.6.5</a> <a id="status.504" href="#status.504">504 Gateway Timeout</a></h3>2744 <p id="rfc.section. 7.6.5.p.1">The server, while acting as a gateway or proxy, did not receive a timely response from the upstream server specified by the2734 <h3 id="rfc.section.6.6.5"><a href="#rfc.section.6.6.5">6.6.5</a> <a id="status.504" href="#status.504">504 Gateway Timeout</a></h3> 2735 <p id="rfc.section.6.6.5.p.1">The server, while acting as a gateway or proxy, did not receive a timely response from the upstream server specified by the 2745 2736 URI (e.g., HTTP, FTP, LDAP) or some other auxiliary server (e.g., DNS) it needed to access in attempting to complete the request. 2746 2737 </p> 2747 <div class="note" id="rfc.section. 7.6.5.p.2">2738 <div class="note" id="rfc.section.6.6.5.p.2"> 2748 2739 <p> <b>Note</b> to implementers: some deployed proxies are known to return <a href="#status.400" class="smpl">400 (Bad Request)</a> or <a href="#status.500" class="smpl">500 (Internal Server 2749 2740 Error)</a> when DNS lookups time out. … … 2751 2742 </div> 2752 2743 <div id="rfc.iref.75"></div> 2753 <h3 id="rfc.section. 7.6.6"><a href="#rfc.section.7.6.6">7.6.6</a> <a id="status.505" href="#status.505">505 HTTP Version Not Supported</a></h3>2754 <p id="rfc.section. 7.6.6.p.1">The server does not support, or refuses to support, the protocol version that was used in the request message. The server2744 <h3 id="rfc.section.6.6.6"><a href="#rfc.section.6.6.6">6.6.6</a> <a id="status.505" href="#status.505">505 HTTP Version Not Supported</a></h3> 2745 <p id="rfc.section.6.6.6.p.1">The server does not support, or refuses to support, the protocol version that was used in the request message. The server 2755 2746 is indicating that it is unable or unwilling to complete the request using the same major version as the client, as described 2756 2747 in <a href="p1-messaging.html#http.version" title="Protocol Versioning">Section 2.6</a> of <a href="#Part1" id="rfc.xref.Part1.26"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>, other than with this error message. The response <em class="bcp14">SHOULD</em> contain a representation describing why that version is not supported and what other protocols are supported by that server. 2757 2748 </p> 2758 <h1 id="rfc.section. 8"><a href="#rfc.section.8">8.</a> <a id="response.header.fields" href="#response.header.fields">Response Header Fields</a></h1>2759 <p id="rfc.section. 8.p.1">The response header fields allow the server to pass additional information about the response which cannot be placed in the2749 <h1 id="rfc.section.7"><a href="#rfc.section.7">7.</a> <a id="response.header.fields" href="#response.header.fields">Response Header Fields</a></h1> 2750 <p id="rfc.section.7.p.1">The response header fields allow the server to pass additional information about the response which cannot be placed in the 2760 2751 status-line. These header fields give information about the server and about further access to the target resource (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.27"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>). 2761 2752 </p> 2762 <h2 id="rfc.section. 8.1"><a href="#rfc.section.8.1">8.1</a> <a id="response.control.data" href="#response.control.data">Control Data</a></h2>2763 <p id="rfc.section. 8.1.p.1">Response header fields can supply control data that supplements the status code or instructs the client where to go next.</p>2753 <h2 id="rfc.section.7.1"><a href="#rfc.section.7.1">7.1</a> <a id="response.control.data" href="#response.control.data">Control Data</a></h2> 2754 <p id="rfc.section.7.1.p.1">Response header fields can supply control data that supplements the status code or instructs the client where to go next.</p> 2764 2755 <div id="rfc.table.u.10"> 2765 2756 <table class="tt full left" cellpadding="3" cellspacing="0"> … … 2777 2768 <tr> 2778 2769 <td class="left">Date</td> 2779 <td class="left"><a href="#header.date" id="rfc.xref.header.date.2" title="Date">Section 8.1.1.2</a></td>2770 <td class="left"><a href="#header.date" id="rfc.xref.header.date.2" title="Date">Section 7.1.1.2</a></td> 2780 2771 </tr> 2781 2772 <tr> 2782 2773 <td class="left">Location</td> 2783 <td class="left"><a href="#header.location" id="rfc.xref.header.location.3" title="Location">Section 8.1.2</a></td>2774 <td class="left"><a href="#header.location" id="rfc.xref.header.location.3" title="Location">Section 7.1.2</a></td> 2784 2775 </tr> 2785 2776 <tr> 2786 2777 <td class="left">Retry-After</td> 2787 <td class="left"><a href="#header.retry-after" id="rfc.xref.header.retry-after.2" title="Retry-After">Section 8.1.3</a></td>2778 <td class="left"><a href="#header.retry-after" id="rfc.xref.header.retry-after.2" title="Retry-After">Section 7.1.3</a></td> 2788 2779 </tr> 2789 2780 </tbody> 2790 2781 </table> 2791 2782 </div> 2792 <h3 id="rfc.section. 8.1.1"><a href="#rfc.section.8.1.1">8.1.1</a> <a id="origination.date" href="#origination.date">Origination Date</a></h3>2793 <h4 id="rfc.section. 8.1.1.1"><a href="#rfc.section.8.1.1.1">8.1.1.1</a> <a id="http.date" href="#http.date">Date/Time Formats</a></h4>2794 <p id="rfc.section. 8.1.1.1.p.1">HTTP applications have historically allowed three different formats for date/time stamps. However, the preferred format is2783 <h3 id="rfc.section.7.1.1"><a href="#rfc.section.7.1.1">7.1.1</a> <a id="origination.date" href="#origination.date">Origination Date</a></h3> 2784 <h4 id="rfc.section.7.1.1.1"><a href="#rfc.section.7.1.1.1">7.1.1.1</a> <a id="http.date" href="#http.date">Date/Time Formats</a></h4> 2785 <p id="rfc.section.7.1.1.1.p.1">HTTP applications have historically allowed three different formats for date/time stamps. However, the preferred format is 2795 2786 a fixed-length subset of that defined by <a href="#RFC1123" id="rfc.xref.RFC1123.1"><cite title="Requirements for Internet Hosts - Application and Support">[RFC1123]</cite></a>: 2796 2787 </p> 2797 <div id="rfc.figure.u.4 3"></div><pre class="text">Sun, 06 Nov 1994 08:49:37 GMT ; RFC 11232798 </pre><p id="rfc.section. 8.1.1.1.p.3">The other formats are described here only for compatibility with obsolete implementations.</p>2799 <div id="rfc.figure.u.4 4"></div><pre class="text">Sunday, 06-Nov-94 08:49:37 GMT ; obsolete RFC 850 format2788 <div id="rfc.figure.u.42"></div><pre class="text">Sun, 06 Nov 1994 08:49:37 GMT ; RFC 1123 2789 </pre><p id="rfc.section.7.1.1.1.p.3">The other formats are described here only for compatibility with obsolete implementations.</p> 2790 <div id="rfc.figure.u.43"></div><pre class="text">Sunday, 06-Nov-94 08:49:37 GMT ; obsolete RFC 850 format 2800 2791 Sun Nov 6 08:49:37 1994 ; ANSI C's asctime() format 2801 </pre><p id="rfc.section. 8.1.1.1.p.5">HTTP/1.1 clients and servers that parse a date value <em class="bcp14">MUST</em> accept all three formats (for compatibility with HTTP/1.0), though they <em class="bcp14">MUST</em> only generate the RFC 1123 format for representing HTTP-date values in header fields.2802 </p> 2803 <p id="rfc.section. 8.1.1.1.p.6">All HTTP date/time stamps <em class="bcp14">MUST</em> be represented in Greenwich Mean Time (GMT), without exception. For the purposes of HTTP, GMT is exactly equal to UTC (Coordinated2792 </pre><p id="rfc.section.7.1.1.1.p.5">HTTP/1.1 clients and servers that parse a date value <em class="bcp14">MUST</em> accept all three formats (for compatibility with HTTP/1.0), though they <em class="bcp14">MUST</em> only generate the RFC 1123 format for representing HTTP-date values in header fields. 2793 </p> 2794 <p id="rfc.section.7.1.1.1.p.6">All HTTP date/time stamps <em class="bcp14">MUST</em> be represented in Greenwich Mean Time (GMT), without exception. For the purposes of HTTP, GMT is exactly equal to UTC (Coordinated 2804 2795 Universal Time). This is indicated in the first two formats by the inclusion of "GMT" as the three-letter abbreviation for 2805 2796 time zone, and <em class="bcp14">MUST</em> be assumed when reading the asctime format. HTTP-date is case sensitive and <em class="bcp14">MUST NOT</em> include additional whitespace beyond that specifically included as SP in the grammar. 2806 2797 </p> 2807 <div id="rfc.figure.u.4 5"></div><pre class="inline"><span id="rfc.iref.g.39"></span> <a href="#http.date" class="smpl">HTTP-date</a> = <a href="#preferred.date.format" class="smpl">rfc1123-date</a> / <a href="#obsolete.date.formats" class="smpl">obs-date</a>2798 <div id="rfc.figure.u.44"></div><pre class="inline"><span id="rfc.iref.g.39"></span> <a href="#http.date" class="smpl">HTTP-date</a> = <a href="#preferred.date.format" class="smpl">rfc1123-date</a> / <a href="#obsolete.date.formats" class="smpl">obs-date</a> 2808 2799 </pre><div id="preferred.date.format"> 2809 <p id="rfc.section. 8.1.1.1.p.8"> Preferred format:</p>2800 <p id="rfc.section.7.1.1.1.p.8"> Preferred format:</p> 2810 2801 </div> 2811 <div id="rfc.figure.u.4 6"></div><pre class="inline"><span id="rfc.iref.g.40"></span><span id="rfc.iref.g.41"></span><span id="rfc.iref.g.42"></span><span id="rfc.iref.g.43"></span><span id="rfc.iref.g.44"></span><span id="rfc.iref.g.45"></span><span id="rfc.iref.g.46"></span><span id="rfc.iref.g.47"></span><span id="rfc.iref.g.48"></span><span id="rfc.iref.g.49"></span><span id="rfc.iref.g.50"></span><span id="rfc.iref.g.51"></span> <a href="#preferred.date.format" class="smpl">rfc1123-date</a> = <a href="#preferred.date.format" class="smpl">day-name</a> "," <a href="#imported.abnf" class="smpl">SP</a> date1 <a href="#imported.abnf" class="smpl">SP</a> <a href="#preferred.date.format" class="smpl">time-of-day</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#preferred.date.format" class="smpl">GMT</a>2802 <div id="rfc.figure.u.45"></div><pre class="inline"><span id="rfc.iref.g.40"></span><span id="rfc.iref.g.41"></span><span id="rfc.iref.g.42"></span><span id="rfc.iref.g.43"></span><span id="rfc.iref.g.44"></span><span id="rfc.iref.g.45"></span><span id="rfc.iref.g.46"></span><span id="rfc.iref.g.47"></span><span id="rfc.iref.g.48"></span><span id="rfc.iref.g.49"></span><span id="rfc.iref.g.50"></span><span id="rfc.iref.g.51"></span> <a href="#preferred.date.format" class="smpl">rfc1123-date</a> = <a href="#preferred.date.format" class="smpl">day-name</a> "," <a href="#imported.abnf" class="smpl">SP</a> date1 <a href="#imported.abnf" class="smpl">SP</a> <a href="#preferred.date.format" class="smpl">time-of-day</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#preferred.date.format" class="smpl">GMT</a> 2812 2803 ; fixed length subset of the format defined in 2813 2804 ; <a href="http://tools.ietf.org/html/rfc1123#section-5.2.14">Section 5.2.14</a> of <a href="#RFC1123" id="rfc.xref.RFC1123.2"><cite title="Requirements for Internet Hosts - Application and Support">[RFC1123]</cite></a> … … 2847 2838 <a href="#preferred.date.format" class="smpl">minute</a> = 2<a href="#imported.abnf" class="smpl">DIGIT</a> 2848 2839 <a href="#preferred.date.format" class="smpl">second</a> = 2<a href="#imported.abnf" class="smpl">DIGIT</a> 2849 </pre><p id="rfc.section. 8.1.1.1.p.10">The semantics of <a href="#preferred.date.format" class="smpl">day-name</a>, <a href="#preferred.date.format" class="smpl">day</a>, <a href="#preferred.date.format" class="smpl">month</a>, <a href="#preferred.date.format" class="smpl">year</a>, and <a href="#preferred.date.format" class="smpl">time-of-day</a> are the same as those defined for the RFC 5322 constructs with the corresponding name (<a href="#RFC5322" id="rfc.xref.RFC5322.3"><cite title="Internet Message Format">[RFC5322]</cite></a>, <a href="http://tools.ietf.org/html/rfc5322#section-3.3">Section 3.3</a>).2840 </pre><p id="rfc.section.7.1.1.1.p.10">The semantics of <a href="#preferred.date.format" class="smpl">day-name</a>, <a href="#preferred.date.format" class="smpl">day</a>, <a href="#preferred.date.format" class="smpl">month</a>, <a href="#preferred.date.format" class="smpl">year</a>, and <a href="#preferred.date.format" class="smpl">time-of-day</a> are the same as those defined for the RFC 5322 constructs with the corresponding name (<a href="#RFC5322" id="rfc.xref.RFC5322.3"><cite title="Internet Message Format">[RFC5322]</cite></a>, <a href="http://tools.ietf.org/html/rfc5322#section-3.3">Section 3.3</a>). 2850 2841 </p> 2851 2842 <div id="obsolete.date.formats"> 2852 <p id="rfc.section. 8.1.1.1.p.11"> Obsolete formats:</p>2843 <p id="rfc.section.7.1.1.1.p.11"> Obsolete formats:</p> 2853 2844 </div> 2854 <div id="rfc.figure.u.4 7"></div><pre class="inline"><span id="rfc.iref.g.52"></span> <a href="#obsolete.date.formats" class="smpl">obs-date</a> = <a href="#obsolete.date.formats" class="smpl">rfc850-date</a> / <a href="#obsolete.date.formats" class="smpl">asctime-date</a>2855 </pre><div id="rfc.figure.u.4 8"></div><pre class="inline"><span id="rfc.iref.g.53"></span> <a href="#obsolete.date.formats" class="smpl">rfc850-date</a> = <a href="#obsolete.date.formats" class="smpl">day-name-l</a> "," <a href="#imported.abnf" class="smpl">SP</a> <a href="#obsolete.date.formats" class="smpl">date2</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#preferred.date.format" class="smpl">time-of-day</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#preferred.date.format" class="smpl">GMT</a>2845 <div id="rfc.figure.u.46"></div><pre class="inline"><span id="rfc.iref.g.52"></span> <a href="#obsolete.date.formats" class="smpl">obs-date</a> = <a href="#obsolete.date.formats" class="smpl">rfc850-date</a> / <a href="#obsolete.date.formats" class="smpl">asctime-date</a> 2846 </pre><div id="rfc.figure.u.47"></div><pre class="inline"><span id="rfc.iref.g.53"></span> <a href="#obsolete.date.formats" class="smpl">rfc850-date</a> = <a href="#obsolete.date.formats" class="smpl">day-name-l</a> "," <a href="#imported.abnf" class="smpl">SP</a> <a href="#obsolete.date.formats" class="smpl">date2</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#preferred.date.format" class="smpl">time-of-day</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#preferred.date.format" class="smpl">GMT</a> 2856 2847 <a href="#obsolete.date.formats" class="smpl">date2</a> = <a href="#preferred.date.format" class="smpl">day</a> "-" <a href="#preferred.date.format" class="smpl">month</a> "-" 2<a href="#imported.abnf" class="smpl">DIGIT</a> 2857 2848 ; day-month-year (e.g., 02-Jun-82) … … 2864 2855 / %x53.61.74.75.72.64.61.79 ; "Saturday", case-sensitive 2865 2856 / %x53.75.6E.64.61.79 ; "Sunday", case-sensitive 2866 </pre><div id="rfc.figure.u.4 9"></div><pre class="inline"><span id="rfc.iref.g.54"></span> <a href="#obsolete.date.formats" class="smpl">asctime-date</a> = <a href="#preferred.date.format" class="smpl">day-name</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#obsolete.date.formats" class="smpl">date3</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#preferred.date.format" class="smpl">time-of-day</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#preferred.date.format" class="smpl">year</a>2857 </pre><div id="rfc.figure.u.48"></div><pre class="inline"><span id="rfc.iref.g.54"></span> <a href="#obsolete.date.formats" class="smpl">asctime-date</a> = <a href="#preferred.date.format" class="smpl">day-name</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#obsolete.date.formats" class="smpl">date3</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#preferred.date.format" class="smpl">time-of-day</a> <a href="#imported.abnf" class="smpl">SP</a> <a href="#preferred.date.format" class="smpl">year</a> 2867 2858 <a href="#obsolete.date.formats" class="smpl">date3</a> = <a href="#preferred.date.format" class="smpl">month</a> <a href="#imported.abnf" class="smpl">SP</a> ( 2<a href="#imported.abnf" class="smpl">DIGIT</a> / ( <a href="#imported.abnf" class="smpl">SP</a> 1<a href="#imported.abnf" class="smpl">DIGIT</a> )) 2868 2859 ; month day (e.g., Jun 2) 2869 </pre><div class="note" id="rfc.section. 8.1.1.1.p.15">2860 </pre><div class="note" id="rfc.section.7.1.1.1.p.15"> 2870 2861 <p> <b>Note:</b> Recipients of date values are encouraged to be robust in accepting date values that might have been sent by non-HTTP applications, 2871 2862 as is sometimes the case when retrieving or posting messages via proxies/gateways to SMTP or NNTP. 2872 2863 </p> 2873 2864 </div> 2874 <div class="note" id="rfc.section. 8.1.1.1.p.16">2865 <div class="note" id="rfc.section.7.1.1.1.p.16"> 2875 2866 <p> <b>Note:</b> HTTP requirements for the date/time stamp format apply only to their usage within the protocol stream. Clients and servers 2876 2867 are not required to use these formats for user presentation, request logging, etc. … … 2878 2869 </div> 2879 2870 <div id="rfc.iref.d.3"></div> 2880 <h4 id="rfc.section. 8.1.1.2"><a href="#rfc.section.8.1.1.2">8.1.1.2</a> <a id="header.date" href="#header.date">Date</a></h4>2881 <p id="rfc.section. 8.1.1.2.p.1">The "Date" header field represents the date and time at which the message was originated, having the same semantics as the2882 Origination Date Field (orig-date) defined in <a href="http://tools.ietf.org/html/rfc5322#section-3.6.1">Section 3.6.1</a> of <a href="#RFC5322" id="rfc.xref.RFC5322.4"><cite title="Internet Message Format">[RFC5322]</cite></a>. The field value is an HTTP-date, as defined in <a href="#http.date" title="Date/Time Formats">Section 8.1.1.1</a>; it <em class="bcp14">MUST</em> be sent in rfc1123-date format.2883 </p> 2884 <div id="rfc.figure.u. 50"></div><pre class="inline"><span id="rfc.iref.g.55"></span> <a href="#header.date" class="smpl">Date</a> = <a href="#http.date" class="smpl">HTTP-date</a>2885 </pre><p id="rfc.section. 8.1.1.2.p.3">An example is</p>2886 <div id="rfc.figure.u.5 1"></div><pre class="text"> Date: Tue, 15 Nov 1994 08:12:31 GMT2887 </pre><p id="rfc.section. 8.1.1.2.p.5">Origin servers <em class="bcp14">MUST</em> include a Date header field in all responses, except in these cases:2871 <h4 id="rfc.section.7.1.1.2"><a href="#rfc.section.7.1.1.2">7.1.1.2</a> <a id="header.date" href="#header.date">Date</a></h4> 2872 <p id="rfc.section.7.1.1.2.p.1">The "Date" header field represents the date and time at which the message was originated, having the same semantics as the 2873 Origination Date Field (orig-date) defined in <a href="http://tools.ietf.org/html/rfc5322#section-3.6.1">Section 3.6.1</a> of <a href="#RFC5322" id="rfc.xref.RFC5322.4"><cite title="Internet Message Format">[RFC5322]</cite></a>. The field value is an HTTP-date, as defined in <a href="#http.date" title="Date/Time Formats">Section 7.1.1.1</a>; it <em class="bcp14">MUST</em> be sent in rfc1123-date format. 2874 </p> 2875 <div id="rfc.figure.u.49"></div><pre class="inline"><span id="rfc.iref.g.55"></span> <a href="#header.date" class="smpl">Date</a> = <a href="#http.date" class="smpl">HTTP-date</a> 2876 </pre><p id="rfc.section.7.1.1.2.p.3">An example is</p> 2877 <div id="rfc.figure.u.50"></div><pre class="text"> Date: Tue, 15 Nov 1994 08:12:31 GMT 2878 </pre><p id="rfc.section.7.1.1.2.p.5">Origin servers <em class="bcp14">MUST</em> include a Date header field in all responses, except in these cases: 2888 2879 </p> 2889 2880 <ol> … … 2896 2887 </li> 2897 2888 </ol> 2898 <p id="rfc.section. 8.1.1.2.p.6">A received message that does not have a Date header field <em class="bcp14">MUST</em> be assigned one by the recipient if the message will be cached by that recipient.2899 </p> 2900 <p id="rfc.section. 8.1.1.2.p.7">Clients can use the Date header field as well; in order to keep request messages small, they are advised not to include it2889 <p id="rfc.section.7.1.1.2.p.6">A received message that does not have a Date header field <em class="bcp14">MUST</em> be assigned one by the recipient if the message will be cached by that recipient. 2890 </p> 2891 <p id="rfc.section.7.1.1.2.p.7">Clients can use the Date header field as well; in order to keep request messages small, they are advised not to include it 2901 2892 when it doesn't convey any useful information (as is usually the case for requests that do not contain a payload). 2902 2893 </p> 2903 <p id="rfc.section. 8.1.1.2.p.8">The HTTP-date sent in a Date header field <em class="bcp14">SHOULD NOT</em> represent a date and time subsequent to the generation of the message. It <em class="bcp14">SHOULD</em> represent the best available approximation of the date and time of message generation, unless the implementation has no means2894 <p id="rfc.section.7.1.1.2.p.8">The HTTP-date sent in a Date header field <em class="bcp14">SHOULD NOT</em> represent a date and time subsequent to the generation of the message. It <em class="bcp14">SHOULD</em> represent the best available approximation of the date and time of message generation, unless the implementation has no means 2904 2895 of generating a reasonably accurate date and time. In theory, the date ought to represent the moment just before the payload 2905 2896 is generated. In practice, the date can be generated at any time during the message origination without affecting its semantic … … 2907 2898 </p> 2908 2899 <div id="rfc.iref.l.1"></div> 2909 <h3 id="rfc.section. 8.1.2"><a href="#rfc.section.8.1.2">8.1.2</a> <a id="header.location" href="#header.location">Location</a></h3>2910 <p id="rfc.section. 8.1.2.p.1">The "Location" header field <em class="bcp14">MAY</em> be sent in responses to refer to a specific resource in accordance with the semantics of the status code.2911 </p> 2912 <div id="rfc.figure.u.5 2"></div><pre class="inline"><span id="rfc.iref.g.56"></span> <a href="#header.location" class="smpl">Location</a> = <a href="#imported.abnf" class="smpl">URI-reference</a>2913 </pre><p id="rfc.section. 8.1.2.p.3">For <a href="#status.201" class="smpl">201 (Created)</a> responses, the Location is the URI of the new resource which was created by the request. For <a href="#status.3xx" class="smpl">3xx (Redirection)</a> responses, the location <em class="bcp14">SHOULD</em> indicate the server's preferred URI for automatic redirection to the resource.2914 </p> 2915 <p id="rfc.section. 8.1.2.p.4">The field value consists of a single URI-reference. When it has the form of a relative reference (<a href="#RFC3986" id="rfc.xref.RFC3986.1"><cite title="Uniform Resource Identifier (URI): Generic Syntax">[RFC3986]</cite></a>, <a href="http://tools.ietf.org/html/rfc3986#section-4.2">Section 4.2</a>), the final value is computed by resolving it against the effective request URI (<a href="#RFC3986" id="rfc.xref.RFC3986.2"><cite title="Uniform Resource Identifier (URI): Generic Syntax">[RFC3986]</cite></a>, <a href="http://tools.ietf.org/html/rfc3986#section-5">Section 5</a>). If the original URI, as navigated to by the user agent, did contain a fragment identifier, and the final value does not,2900 <h3 id="rfc.section.7.1.2"><a href="#rfc.section.7.1.2">7.1.2</a> <a id="header.location" href="#header.location">Location</a></h3> 2901 <p id="rfc.section.7.1.2.p.1">The "Location" header field <em class="bcp14">MAY</em> be sent in responses to refer to a specific resource in accordance with the semantics of the status code. 2902 </p> 2903 <div id="rfc.figure.u.51"></div><pre class="inline"><span id="rfc.iref.g.56"></span> <a href="#header.location" class="smpl">Location</a> = <a href="#imported.abnf" class="smpl">URI-reference</a> 2904 </pre><p id="rfc.section.7.1.2.p.3">For <a href="#status.201" class="smpl">201 (Created)</a> responses, the Location is the URI of the new resource which was created by the request. For <a href="#status.3xx" class="smpl">3xx (Redirection)</a> responses, the location <em class="bcp14">SHOULD</em> indicate the server's preferred URI for automatic redirection to the resource. 2905 </p> 2906 <p id="rfc.section.7.1.2.p.4">The field value consists of a single URI-reference. When it has the form of a relative reference (<a href="#RFC3986" id="rfc.xref.RFC3986.1"><cite title="Uniform Resource Identifier (URI): Generic Syntax">[RFC3986]</cite></a>, <a href="http://tools.ietf.org/html/rfc3986#section-4.2">Section 4.2</a>), the final value is computed by resolving it against the effective request URI (<a href="#RFC3986" id="rfc.xref.RFC3986.2"><cite title="Uniform Resource Identifier (URI): Generic Syntax">[RFC3986]</cite></a>, <a href="http://tools.ietf.org/html/rfc3986#section-5">Section 5</a>). If the original URI, as navigated to by the user agent, did contain a fragment identifier, and the final value does not, 2916 2907 then the original URI's fragment identifier is added to the final value. 2917 2908 </p> 2918 <div id="rfc.figure.u.5 3"></div>2909 <div id="rfc.figure.u.52"></div> 2919 2910 <p>For example, the original URI "http://www.example.org/~tim", combined with a field value given as:</p> <pre class="text"> Location: /pub/WWW/People.html#tim 2920 2911 </pre> <p>would result in a final value of "http://www.example.org/pub/WWW/People.html#tim"</p> 2921 <div id="rfc.figure.u.5 4"></div>2912 <div id="rfc.figure.u.53"></div> 2922 2913 <p>An original URI "http://www.example.org/index.html#larry", combined with a field value given as:</p> <pre class="text"> Location: http://www.example.net/index.html 2923 2914 </pre> <p>would result in a final value of "http://www.example.net/index.html#larry", preserving the original fragment identifier.</p> 2924 <div class="note" id="rfc.section. 8.1.2.p.7">2915 <div class="note" id="rfc.section.7.1.2.p.7"> 2925 2916 <p> <b>Note:</b> Some recipients attempt to recover from Location fields that are not valid URI references. This specification does not mandate 2926 2917 or define such processing, but does allow it. 2927 2918 </p> 2928 2919 </div> 2929 <p id="rfc.section. 8.1.2.p.8">There are circumstances in which a fragment identifier in a Location URI would not be appropriate. For instance, when it appears2920 <p id="rfc.section.7.1.2.p.8">There are circumstances in which a fragment identifier in a Location URI would not be appropriate. For instance, when it appears 2930 2921 in a <a href="#status.201" class="smpl">201 2931 2922 (Created)</a> response, where the Location header field specifies the URI for the entire created resource. 2932 2923 </p> 2933 <div class="note" id="rfc.section. 8.1.2.p.9">2924 <div class="note" id="rfc.section.7.1.2.p.9"> 2934 2925 <p> <b>Note:</b> The <a href="#header.content-location" class="smpl">Content-Location</a> header field (<a href="#header.content-location" id="rfc.xref.header.content-location.3" title="Content-Location">Section 3.1.4.2</a>) differs from Location in that the Content-Location identifies the most specific resource corresponding to the enclosed representation. 2935 2926 It is therefore possible for a response to contain header fields for both Location and Content-Location. … … 2937 2928 </div> 2938 2929 <div id="rfc.iref.r.3"></div> 2939 <h3 id="rfc.section. 8.1.3"><a href="#rfc.section.8.1.3">8.1.3</a> <a id="header.retry-after" href="#header.retry-after">Retry-After</a></h3>2940 <p id="rfc.section. 8.1.3.p.1">The header "Retry-After" field can be used with a <a href="#status.503" class="smpl">503 (Service2930 <h3 id="rfc.section.7.1.3"><a href="#rfc.section.7.1.3">7.1.3</a> <a id="header.retry-after" href="#header.retry-after">Retry-After</a></h3> 2931 <p id="rfc.section.7.1.3.p.1">The header "Retry-After" field can be used with a <a href="#status.503" class="smpl">503 (Service 2941 2932 Unavailable)</a> response to indicate how long the service is expected to be unavailable to the requesting client. This field <em class="bcp14">MAY</em> also be used with any <a href="#status.3xx" class="smpl">3xx (Redirection)</a> response to indicate the minimum time the user agent is asked to wait before issuing the redirected request. 2942 2933 </p> 2943 <p id="rfc.section. 8.1.3.p.2">The value of this field can be either an HTTP-date or an integer number of seconds (in decimal) after the time of the response.</p>2944 <div id="rfc.figure.u.5 5"></div><pre class="inline"><span id="rfc.iref.g.57"></span> <a href="#header.retry-after" class="smpl">Retry-After</a> = <a href="#http.date" class="smpl">HTTP-date</a> / <a href="#rule.delta-seconds" class="smpl">delta-seconds</a>2934 <p id="rfc.section.7.1.3.p.2">The value of this field can be either an HTTP-date or an integer number of seconds (in decimal) after the time of the response.</p> 2935 <div id="rfc.figure.u.54"></div><pre class="inline"><span id="rfc.iref.g.57"></span> <a href="#header.retry-after" class="smpl">Retry-After</a> = <a href="#http.date" class="smpl">HTTP-date</a> / <a href="#rule.delta-seconds" class="smpl">delta-seconds</a> 2945 2936 </pre><div id="rule.delta-seconds"> 2946 <p id="rfc.section. 8.1.3.p.4"> Time spans are non-negative decimal integers, representing time in seconds.</p>2937 <p id="rfc.section.7.1.3.p.4"> Time spans are non-negative decimal integers, representing time in seconds.</p> 2947 2938 </div> 2948 <div id="rfc.figure.u.5 6"></div><pre class="inline"><span id="rfc.iref.g.58"></span> <a href="#rule.delta-seconds" class="smpl">delta-seconds</a> = 1*<a href="#imported.abnf" class="smpl">DIGIT</a>2949 </pre><p id="rfc.section. 8.1.3.p.6">Two examples of its use are</p>2950 <div id="rfc.figure.u.5 7"></div><pre class="text"> Retry-After: Fri, 31 Dec 1999 23:59:59 GMT2939 <div id="rfc.figure.u.55"></div><pre class="inline"><span id="rfc.iref.g.58"></span> <a href="#rule.delta-seconds" class="smpl">delta-seconds</a> = 1*<a href="#imported.abnf" class="smpl">DIGIT</a> 2940 </pre><p id="rfc.section.7.1.3.p.6">Two examples of its use are</p> 2941 <div id="rfc.figure.u.56"></div><pre class="text"> Retry-After: Fri, 31 Dec 1999 23:59:59 GMT 2951 2942 Retry-After: 120 2952 </pre><p id="rfc.section. 8.1.3.p.8">In the latter example, the delay is 2 minutes.</p>2953 <h2 id="rfc.section. 8.2"><a href="#rfc.section.8.2">8.2</a> <a id="selected.representation" href="#selected.representation">Selected Representation Header Fields</a></h2>2954 <p id="rfc.section. 8.2.p.1"><span id="rfc.iref.s.7"></span> We use the term "<dfn>selected representation</dfn>" to refer to the the current representation of a target resource that would have been selected in a successful response if2943 </pre><p id="rfc.section.7.1.3.p.8">In the latter example, the delay is 2 minutes.</p> 2944 <h2 id="rfc.section.7.2"><a href="#rfc.section.7.2">7.2</a> <a id="selected.representation" href="#selected.representation">Selected Representation Header Fields</a></h2> 2945 <p id="rfc.section.7.2.p.1"><span id="rfc.iref.s.7"></span> We use the term "<dfn>selected representation</dfn>" to refer to the the current representation of a target resource that would have been selected in a successful response if 2955 2946 the same request had used the method GET and excluded any conditional request header fields. 2956 2947 </p> 2957 <p id="rfc.section. 8.2.p.2">Additional header fields define metadata about the selected representation, which might differ from the representation included2948 <p id="rfc.section.7.2.p.2">Additional header fields define metadata about the selected representation, which might differ from the representation included 2958 2949 in the message for responses to some state-changing methods. The following header fields are defined as selected representation 2959 2950 metadata: … … 2978 2969 <tr> 2979 2970 <td class="left">Vary</td> 2980 <td class="left"><a href="#header.vary" id="rfc.xref.header.vary.2" title="Vary">Section 8.2.1</a></td>2971 <td class="left"><a href="#header.vary" id="rfc.xref.header.vary.2" title="Vary">Section 7.2.1</a></td> 2981 2972 </tr> 2982 2973 </tbody> … … 2984 2975 </div> 2985 2976 <div id="rfc.iref.v.1"></div> 2986 <h3 id="rfc.section. 8.2.1"><a href="#rfc.section.8.2.1">8.2.1</a> <a id="header.vary" href="#header.vary">Vary</a></h3>2987 <p id="rfc.section. 8.2.1.p.1">The "Vary" header field conveys the set of header fields that were used to select the representation.</p>2988 <p id="rfc.section. 8.2.1.p.2">Caches use this information as part of determining whether a stored response can be used to satisfy a given request (<a href="p6-cache.html#caching.negotiated.responses" title="Using Negotiated Responses">Section 4.3</a> of <a href="#Part6" id="rfc.xref.Part6.14"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>).2989 </p> 2990 <p id="rfc.section. 8.2.1.p.3">In uncacheable or stale responses, the Vary field value advises the user agent about the criteria that were used to select2977 <h3 id="rfc.section.7.2.1"><a href="#rfc.section.7.2.1">7.2.1</a> <a id="header.vary" href="#header.vary">Vary</a></h3> 2978 <p id="rfc.section.7.2.1.p.1">The "Vary" header field conveys the set of header fields that were used to select the representation.</p> 2979 <p id="rfc.section.7.2.1.p.2">Caches use this information as part of determining whether a stored response can be used to satisfy a given request (<a href="p6-cache.html#caching.negotiated.responses" title="Using Negotiated Responses">Section 4.3</a> of <a href="#Part6" id="rfc.xref.Part6.14"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>). 2980 </p> 2981 <p id="rfc.section.7.2.1.p.3">In uncacheable or stale responses, the Vary field value advises the user agent about the criteria that were used to select 2991 2982 the representation. 2992 2983 </p> 2993 <div id="rfc.figure.u.5 8"></div><pre class="inline"><span id="rfc.iref.g.59"></span> <a href="#header.vary" class="smpl">Vary</a> = "*" / 1#<a href="#imported.abnf" class="smpl">field-name</a>2994 </pre><p id="rfc.section. 8.2.1.p.5">The set of header fields named by the Vary field value is known as the selecting header fields.</p>2995 <p id="rfc.section. 8.2.1.p.6">A server <em class="bcp14">SHOULD</em> include a Vary header field with any cacheable response that is subject to proactive negotiation. Doing so allows a cache2984 <div id="rfc.figure.u.57"></div><pre class="inline"><span id="rfc.iref.g.59"></span> <a href="#header.vary" class="smpl">Vary</a> = "*" / 1#<a href="#imported.abnf" class="smpl">field-name</a> 2985 </pre><p id="rfc.section.7.2.1.p.5">The set of header fields named by the Vary field value is known as the selecting header fields.</p> 2986 <p id="rfc.section.7.2.1.p.6">A server <em class="bcp14">SHOULD</em> include a Vary header field with any cacheable response that is subject to proactive negotiation. Doing so allows a cache 2996 2987 to properly interpret future requests on that resource and informs the user agent about the presence of negotiation on that 2997 2988 resource. A server <em class="bcp14">MAY</em> include a Vary header field with a non-cacheable response that is subject to proactive negotiation, since this might provide 2998 2989 the user agent with useful information about the dimensions over which the response varies at the time of the response. 2999 2990 </p> 3000 <p id="rfc.section. 8.2.1.p.7">A Vary field value of "*" signals that unspecified parameters not limited to the header fields (e.g., the network address2991 <p id="rfc.section.7.2.1.p.7">A Vary field value of "*" signals that unspecified parameters not limited to the header fields (e.g., the network address 3001 2992 of the client), play a role in the selection of the response representation; therefore, a cache cannot determine whether this 3002 2993 response is appropriate. A proxy <em class="bcp14">MUST NOT</em> generate the "*" value. 3003 2994 </p> 3004 <p id="rfc.section. 8.2.1.p.8">The field-names given are not limited to the set of standard header fields defined by this specification. Field names are2995 <p id="rfc.section.7.2.1.p.8">The field-names given are not limited to the set of standard header fields defined by this specification. Field names are 3005 2996 case-insensitive. 3006 2997 </p> 3007 <h2 id="rfc.section. 8.3"><a href="#rfc.section.8.3">8.3</a> <a id="response.auth" href="#response.auth">Authentication Challenges</a></h2>3008 <p id="rfc.section. 8.3.p.1">Authentication challenges indicate what mechanisms are available for the client to provide authentication credentials in future2998 <h2 id="rfc.section.7.3"><a href="#rfc.section.7.3">7.3</a> <a id="response.auth" href="#response.auth">Authentication Challenges</a></h2> 2999 <p id="rfc.section.7.3.p.1">Authentication challenges indicate what mechanisms are available for the client to provide authentication credentials in future 3009 3000 requests. 3010 3001 </p> … … 3029 3020 </table> 3030 3021 </div> 3031 <h2 id="rfc.section. 8.4"><a href="#rfc.section.8.4">8.4</a> <a id="response.inform" href="#response.inform">Informative</a></h2>3032 <p id="rfc.section. 8.4.p.1">The remaining response header fields provide more information about the target resource for potential use in later requests.</p>3022 <h2 id="rfc.section.7.4"><a href="#rfc.section.7.4">7.4</a> <a id="response.context" href="#response.context">Response Context</a></h2> 3023 <p id="rfc.section.7.4.p.1">The remaining response header fields provide more information about the target resource for potential use in later requests.</p> 3033 3024 <div id="rfc.table.u.13"> 3034 3025 <table class="tt full left" cellpadding="3" cellspacing="0"> … … 3046 3037 <tr> 3047 3038 <td class="left">Allow</td> 3048 <td class="left"><a href="#header.allow" id="rfc.xref.header.allow.2" title="Allow">Section 8.4.1</a></td>3039 <td class="left"><a href="#header.allow" id="rfc.xref.header.allow.2" title="Allow">Section 7.4.1</a></td> 3049 3040 </tr> 3050 3041 <tr> 3051 3042 <td class="left">Server</td> 3052 <td class="left"><a href="#header.server" id="rfc.xref.header.server.1" title="Server">Section 8.4.2</a></td>3043 <td class="left"><a href="#header.server" id="rfc.xref.header.server.1" title="Server">Section 7.4.2</a></td> 3053 3044 </tr> 3054 3045 </tbody> … … 3056 3047 </div> 3057 3048 <div id="rfc.iref.a.5"></div> 3058 <h3 id="rfc.section. 8.4.1"><a href="#rfc.section.8.4.1">8.4.1</a> <a id="header.allow" href="#header.allow">Allow</a></h3>3059 <p id="rfc.section. 8.4.1.p.1">The "Allow" header field lists the set of methods advertised as supported by the target resource. The purpose of this field3049 <h3 id="rfc.section.7.4.1"><a href="#rfc.section.7.4.1">7.4.1</a> <a id="header.allow" href="#header.allow">Allow</a></h3> 3050 <p id="rfc.section.7.4.1.p.1">The "Allow" header field lists the set of methods advertised as supported by the target resource. The purpose of this field 3060 3051 is strictly to inform the recipient of valid request methods associated with the resource. 3061 3052 </p> 3062 <div id="rfc.figure.u.5 9"></div><pre class="inline"><span id="rfc.iref.g.60"></span> <a href="#header.allow" class="smpl">Allow</a> = #<a href="#method.overview" class="smpl">method</a>3063 </pre><p id="rfc.section. 8.4.1.p.3">Example of use:</p>3064 <div id="rfc.figure.u. 60"></div><pre class="text"> Allow: GET, HEAD, PUT3065 </pre><p id="rfc.section. 8.4.1.p.5">The actual set of allowed methods is defined by the origin server at the time of each request.</p>3066 <p id="rfc.section. 8.4.1.p.6">A proxy <em class="bcp14">MUST NOT</em> modify the Allow header field — it does not need to understand all the methods specified in order to handle them according3053 <div id="rfc.figure.u.58"></div><pre class="inline"><span id="rfc.iref.g.60"></span> <a href="#header.allow" class="smpl">Allow</a> = #<a href="#method.overview" class="smpl">method</a> 3054 </pre><p id="rfc.section.7.4.1.p.3">Example of use:</p> 3055 <div id="rfc.figure.u.59"></div><pre class="text"> Allow: GET, HEAD, PUT 3056 </pre><p id="rfc.section.7.4.1.p.5">The actual set of allowed methods is defined by the origin server at the time of each request.</p> 3057 <p id="rfc.section.7.4.1.p.6">A proxy <em class="bcp14">MUST NOT</em> modify the Allow header field — it does not need to understand all the methods specified in order to handle them according 3067 3058 to the generic message handling rules. 3068 3059 </p> 3069 3060 <div id="rfc.iref.s.8"></div> 3070 <h3 id="rfc.section. 8.4.2"><a href="#rfc.section.8.4.2">8.4.2</a> <a id="header.server" href="#header.server">Server</a></h3>3071 <p id="rfc.section. 8.4.2.p.1">The "Server" header field contains information about the software used by the origin server to handle the request.</p>3072 <p id="rfc.section.8.4.2.p.2">The field can contain multiple product tokens (<a href="#product.tokens" title="Product Tokens">Section 4</a>) and comments (<a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a> of <a href="#Part1" id="rfc.xref.Part1.28"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) identifying the server and any significant subproducts. The product tokens are listed in order of their significance for3073 identifying the application.3074 </p> 3075 <div id="rfc.figure.u.6 1"></div><pre class="inline"><span id="rfc.iref.g.61"></span> <a href="#header.server" class="smpl">Server</a> = <a href="#product.tokens" class="smpl">product</a> *( <a href="#imported.abnf" class="smpl">RWS</a> ( <a href="#product.tokens" class="smpl">product</a> / <a href="#imported.abnf" class="smpl">comment</a> ) )3076 </pre><p id="rfc.section. 8.4.2.p.4">Example:</p>3077 <div id="rfc.figure.u.62"></div><pre class="text"> Server: CERN/3.0 libwww/2.173078 </pre><p id="rfc.section.8.4.2.p.6">If the response is being forwarded through a proxy, the proxy application <em class="bcp14">MUST NOT</em> modify the <a href="#header.server" class="smpl">Server</a> header field. Instead, it <em class="bcp14">MUST</em> include a <a href="p1-messaging.html#header.via" class="smpl">Via</a> field (as described in <a href="p1-messaging.html#header.via" title="Via">Section 5.7.1</a> of <a href="#Part1" id="rfc.xref.Part1.29"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>).3079 </p> 3080 < div class="note" id="rfc.section.8.4.2.p.7">3081 <p> <b>Note:</b> Revealing the specific software version of the server might allow the server machine to become more vulnerable to attacks3082 against software that is known to contain security holes. Server implementers are encouraged to make this field a configurable 3083 option.3084 </p>3085 </ div>3086 <h1 id="rfc.section. 9"><a href="#rfc.section.9">9.</a> <a id="IANA.considerations" href="#IANA.considerations">IANA Considerations</a></h1>3087 <h2 id="rfc.section. 9.1"><a href="#rfc.section.9.1">9.1</a> <a id="method.registry" href="#method.registry">Method Registry</a></h2>3088 <p id="rfc.section. 9.1.p.1">The HTTP Method Registry defines the name space for the request method token (<a href="#methods" title="Request Methods">Section 5</a>). The method registry is maintained at <<a href="http://www.iana.org/assignments/http-methods">http://www.iana.org/assignments/http-methods</a>>.3089 </p> 3090 <h3 id="rfc.section. 9.1.1"><a href="#rfc.section.9.1.1">9.1.1</a> <a id="method.procedure" href="#method.procedure">Procedure</a></h3>3091 <p id="rfc.section. 9.1.1.p.1">HTTP method registrations <em class="bcp14">MUST</em> include the following fields:3061 <h3 id="rfc.section.7.4.2"><a href="#rfc.section.7.4.2">7.4.2</a> <a id="header.server" href="#header.server">Server</a></h3> 3062 <p id="rfc.section.7.4.2.p.1">The "Server" header field contains information about the software used by the origin server to handle the request, which is 3063 often used by clients to help identify the scope of reported interoperability problems, to work around or tailor requests 3064 to avoid particular server limitations, and for analytics regarding server or operating system use. An origin server <em class="bcp14">MAY</em> generate a Server field in its responses. 3065 </p> 3066 <div id="rfc.figure.u.60"></div><pre class="inline"><span id="rfc.iref.g.61"></span> <a href="#header.server" class="smpl">Server</a> = <a href="#header.user-agent" class="smpl">product</a> *( <a href="#imported.abnf" class="smpl">RWS</a> ( <a href="#header.user-agent" class="smpl">product</a> / <a href="#imported.abnf" class="smpl">comment</a> ) ) 3067 </pre><p id="rfc.section.7.4.2.p.3">The Server field-value consists of one or more product identifiers, each followed by zero or more comments (<a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a> of <a href="#Part1" id="rfc.xref.Part1.28"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>), which together identify the origin server software and its significant subproducts. By convention, the product identifiers 3068 are listed in order of their significance for identifying the origin server software. Each product identifier consists of 3069 a name and optional version, as defined in <a href="#header.user-agent" id="rfc.xref.header.user-agent.2" title="User-Agent">Section 5.5.3</a>. 3070 </p> 3071 <p id="rfc.section.7.4.2.p.4">Example:</p> 3072 <div id="rfc.figure.u.61"></div><pre class="text"> Server: CERN/3.0 libwww/2.17 3073 </pre><p id="rfc.section.7.4.2.p.6">An origin server <em class="bcp14">SHOULD NOT</em> generate a Server field containing needlessly fine-grained detail and <em class="bcp14">SHOULD</em> limit the addition of subproducts by third parties. Overly long and detailed Server field values increase response latency 3074 and potentially reveal internal implementation details that might make it (slightly) easier for attackers to find and exploit 3075 known security holes. 3076 </p> 3077 <h1 id="rfc.section.8"><a href="#rfc.section.8">8.</a> <a id="IANA.considerations" href="#IANA.considerations">IANA Considerations</a></h1> 3078 <h2 id="rfc.section.8.1"><a href="#rfc.section.8.1">8.1</a> <a id="method.registry" href="#method.registry">Method Registry</a></h2> 3079 <p id="rfc.section.8.1.p.1">The HTTP Method Registry defines the name space for the request method token (<a href="#methods" title="Request Methods">Section 4</a>). The method registry is maintained at <<a href="http://www.iana.org/assignments/http-methods">http://www.iana.org/assignments/http-methods</a>>. 3080 </p> 3081 <h3 id="rfc.section.8.1.1"><a href="#rfc.section.8.1.1">8.1.1</a> <a id="method.procedure" href="#method.procedure">Procedure</a></h3> 3082 <p id="rfc.section.8.1.1.p.1">HTTP method registrations <em class="bcp14">MUST</em> include the following fields: 3092 3083 </p> 3093 3084 <ul> 3094 <li>Method Name (see <a href="#methods" title="Request Methods">Section 5</a>)3095 </li> 3096 <li>Safe ("yes" or "no", see <a href="#safe.methods" title="Safe Methods">Section 5.2.1</a>)3097 </li> 3098 <li>Idempotent ("yes" or "no", see <a href="#idempotent.methods" title="Idempotent Methods">Section 5.2.2</a>)3085 <li>Method Name (see <a href="#methods" title="Request Methods">Section 4</a>) 3086 </li> 3087 <li>Safe ("yes" or "no", see <a href="#safe.methods" title="Safe Methods">Section 4.2.1</a>) 3088 </li> 3089 <li>Idempotent ("yes" or "no", see <a href="#idempotent.methods" title="Idempotent Methods">Section 4.2.2</a>) 3099 3090 </li> 3100 3091 <li>Pointer to specification text</li> 3101 3092 </ul> 3102 <p id="rfc.section. 9.1.1.p.2">Values to be added to this name space require IETF Review (see <a href="#RFC5226" id="rfc.xref.RFC5226.1"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>, <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a>).3103 </p> 3104 <h3 id="rfc.section. 9.1.2"><a href="#rfc.section.9.1.2">9.1.2</a> <a id="considerations.for.new.methods" href="#considerations.for.new.methods">Considerations for New Methods</a></h3>3105 <p id="rfc.section. 9.1.2.p.1">Standardized methods are generic; that is, they are potentially applicable to any resource, not just one particular media3093 <p id="rfc.section.8.1.1.p.2">Values to be added to this name space require IETF Review (see <a href="#RFC5226" id="rfc.xref.RFC5226.1"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>, <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a>). 3094 </p> 3095 <h3 id="rfc.section.8.1.2"><a href="#rfc.section.8.1.2">8.1.2</a> <a id="considerations.for.new.methods" href="#considerations.for.new.methods">Considerations for New Methods</a></h3> 3096 <p id="rfc.section.8.1.2.p.1">Standardized methods are generic; that is, they are potentially applicable to any resource, not just one particular media 3106 3097 type, kind of resource, or application. As such, it is preferred that new methods be registered in a document that isn't specific 3107 3098 to a single application or data format, since orthogonal technologies deserve orthogonal specification. 3108 3099 </p> 3109 <p id="rfc.section. 9.1.2.p.2">Since message parsing (<a href="p1-messaging.html#message.body" title="Message Body">Section 3.3</a> of <a href="#Part1" id="rfc.xref.Part1.30"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) needs to be independent of method semantics (aside from responses to HEAD), definitions of new methods cannot change the3100 <p id="rfc.section.8.1.2.p.2">Since message parsing (<a href="p1-messaging.html#message.body" title="Message Body">Section 3.3</a> of <a href="#Part1" id="rfc.xref.Part1.29"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>) needs to be independent of method semantics (aside from responses to HEAD), definitions of new methods cannot change the 3110 3101 parsing algorithm or prohibit the presence of a message body on either the request or the response message. Definitions of 3111 3102 new methods can specify that only a zero-length message body is allowed by requiring a Content-Length header field with a 3112 3103 value of "0". 3113 3104 </p> 3114 <p id="rfc.section. 9.1.2.p.3">New method definitions need to indicate whether they are safe (<a href="#safe.methods" title="Safe Methods">Section 5.2.1</a>), idempotent (<a href="#idempotent.methods" title="Idempotent Methods">Section 5.2.2</a>), cacheable (<a href="#cacheable.methods" title="Cacheable Methods">Section 5.2.3</a>), and what semantics are to be associated with the payload body if any is present in the request. If a method is cacheable,3105 <p id="rfc.section.8.1.2.p.3">New method definitions need to indicate whether they are safe (<a href="#safe.methods" title="Safe Methods">Section 4.2.1</a>), idempotent (<a href="#idempotent.methods" title="Idempotent Methods">Section 4.2.2</a>), cacheable (<a href="#cacheable.methods" title="Cacheable Methods">Section 4.2.3</a>), and what semantics are to be associated with the payload body if any is present in the request. If a method is cacheable, 3115 3106 the method definition ought to describe how, and under what conditions, a cache can store a response and use it to satisfy 3116 3107 a subsequent request. 3117 3108 </p> 3118 <h3 id="rfc.section. 9.1.3"><a href="#rfc.section.9.1.3">9.1.3</a> <a id="method.registration" href="#method.registration">Registrations</a></h3>3119 <p id="rfc.section. 9.1.3.p.1">The HTTP Method Registry shall be populated with the registrations below:</p>3109 <h3 id="rfc.section.8.1.3"><a href="#rfc.section.8.1.3">8.1.3</a> <a id="method.registration" href="#method.registration">Registrations</a></h3> 3110 <p id="rfc.section.8.1.3.p.1">The HTTP Method Registry shall be populated with the registrations below:</p> 3120 3111 <div id="rfc.table.2"> 3121 3112 <div id="iana.method.registration.table"></div> … … 3134 3125 <td class="left">no</td> 3135 3126 <td class="left">no</td> 3136 <td class="left"> <a href="#CONNECT" id="rfc.xref.CONNECT.2" title="CONNECT">Section 5.3.6</a>3127 <td class="left"> <a href="#CONNECT" id="rfc.xref.CONNECT.2" title="CONNECT">Section 4.3.6</a> 3137 3128 </td> 3138 3129 </tr> … … 3141 3132 <td class="left">no</td> 3142 3133 <td class="left">yes</td> 3143 <td class="left"> <a href="#DELETE" id="rfc.xref.DELETE.2" title="DELETE">Section 5.3.5</a>3134 <td class="left"> <a href="#DELETE" id="rfc.xref.DELETE.2" title="DELETE">Section 4.3.5</a> 3144 3135 </td> 3145 3136 </tr> … … 3148 3139 <td class="left">yes</td> 3149 3140 <td class="left">yes</td> 3150 <td class="left"> <a href="#GET" id="rfc.xref.GET.3" title="GET">Section 5.3.1</a>3141 <td class="left"> <a href="#GET" id="rfc.xref.GET.3" title="GET">Section 4.3.1</a> 3151 3142 </td> 3152 3143 </tr> … … 3155 3146 <td class="left">yes</td> 3156 3147 <td class="left">yes</td> 3157 <td class="left"> <a href="#HEAD" id="rfc.xref.HEAD.2" title="HEAD">Section 5.3.2</a>3148 <td class="left"> <a href="#HEAD" id="rfc.xref.HEAD.2" title="HEAD">Section 4.3.2</a> 3158 3149 </td> 3159 3150 </tr> … … 3162 3153 <td class="left">yes</td> 3163 3154 <td class="left">yes</td> 3164 <td class="left"> <a href="#OPTIONS" id="rfc.xref.OPTIONS.3" title="OPTIONS">Section 5.3.7</a>3155 <td class="left"> <a href="#OPTIONS" id="rfc.xref.OPTIONS.3" title="OPTIONS">Section 4.3.7</a> 3165 3156 </td> 3166 3157 </tr> … … 3169 3160 <td class="left">no</td> 3170 3161 <td class="left">no</td> 3171 <td class="left"> <a href="#POST" id="rfc.xref.POST.3" title="POST">Section 5.3.3</a>3162 <td class="left"> <a href="#POST" id="rfc.xref.POST.3" title="POST">Section 4.3.3</a> 3172 3163 </td> 3173 3164 </tr> … … 3176 3167 <td class="left">no</td> 3177 3168 <td class="left">yes</td> 3178 <td class="left"> <a href="#PUT" id="rfc.xref.PUT.3" title="PUT">Section 5.3.4</a>3169 <td class="left"> <a href="#PUT" id="rfc.xref.PUT.3" title="PUT">Section 4.3.4</a> 3179 3170 </td> 3180 3171 </tr> … … 3183 3174 <td class="left">yes</td> 3184 3175 <td class="left">yes</td> 3185 <td class="left"> <a href="#TRACE" id="rfc.xref.TRACE.3" title="TRACE">Section 5.3.8</a>3176 <td class="left"> <a href="#TRACE" id="rfc.xref.TRACE.3" title="TRACE">Section 4.3.8</a> 3186 3177 </td> 3187 3178 </tr> … … 3189 3180 </table> 3190 3181 </div> 3191 <h2 id="rfc.section. 9.2"><a href="#rfc.section.9.2">9.2</a> <a id="status.code.registry" href="#status.code.registry">Status Code Registry</a></h2>3192 <p id="rfc.section. 9.2.p.1">The HTTP Status Code Registry defines the name space for the response status-code token (<a href="#status.codes" title="Response Status Codes">Section 7</a>). The status code registry is maintained at <<a href="http://www.iana.org/assignments/http-status-codes">http://www.iana.org/assignments/http-status-codes</a>>.3193 </p> 3194 <p id="rfc.section. 9.2.p.2">This section replaces the registration procedure for HTTP Status Codes previously defined in <a href="http://tools.ietf.org/html/rfc2817#section-7.1">Section 7.1</a> of <a href="#RFC2817" id="rfc.xref.RFC2817.1"><cite title="Upgrading to TLS Within HTTP/1.1">[RFC2817]</cite></a>.3195 </p> 3196 <h3 id="rfc.section. 9.2.1"><a href="#rfc.section.9.2.1">9.2.1</a> <a id="status.code.procedure" href="#status.code.procedure">Procedure</a></h3>3197 <p id="rfc.section. 9.2.1.p.1">Values to be added to the HTTP status code name space require IETF Review (see <a href="#RFC5226" id="rfc.xref.RFC5226.2"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>, <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a>).3198 </p> 3199 <h3 id="rfc.section. 9.2.2"><a href="#rfc.section.9.2.2">9.2.2</a> <a id="considerations.for.new.status.codes" href="#considerations.for.new.status.codes">Considerations for New Status Codes</a></h3>3200 <p id="rfc.section. 9.2.2.p.1">When it is necessary to express semantics for a response that are not defined by current status codes, a new status code can3182 <h2 id="rfc.section.8.2"><a href="#rfc.section.8.2">8.2</a> <a id="status.code.registry" href="#status.code.registry">Status Code Registry</a></h2> 3183 <p id="rfc.section.8.2.p.1">The HTTP Status Code Registry defines the name space for the response status-code token (<a href="#status.codes" title="Response Status Codes">Section 6</a>). The status code registry is maintained at <<a href="http://www.iana.org/assignments/http-status-codes">http://www.iana.org/assignments/http-status-codes</a>>. 3184 </p> 3185 <p id="rfc.section.8.2.p.2">This section replaces the registration procedure for HTTP Status Codes previously defined in <a href="http://tools.ietf.org/html/rfc2817#section-7.1">Section 7.1</a> of <a href="#RFC2817" id="rfc.xref.RFC2817.1"><cite title="Upgrading to TLS Within HTTP/1.1">[RFC2817]</cite></a>. 3186 </p> 3187 <h3 id="rfc.section.8.2.1"><a href="#rfc.section.8.2.1">8.2.1</a> <a id="status.code.procedure" href="#status.code.procedure">Procedure</a></h3> 3188 <p id="rfc.section.8.2.1.p.1">Values to be added to the HTTP status code name space require IETF Review (see <a href="#RFC5226" id="rfc.xref.RFC5226.2"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>, <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a>). 3189 </p> 3190 <h3 id="rfc.section.8.2.2"><a href="#rfc.section.8.2.2">8.2.2</a> <a id="considerations.for.new.status.codes" href="#considerations.for.new.status.codes">Considerations for New Status Codes</a></h3> 3191 <p id="rfc.section.8.2.2.p.1">When it is necessary to express semantics for a response that are not defined by current status codes, a new status code can 3201 3192 be registered. HTTP status codes are generic; they are potentially applicable to any resource, not just one particular media 3202 3193 type, "type" of resource, or application. As such, it is preferred that new status codes be registered in a document that 3203 3194 isn't specific to a single application. 3204 3195 </p> 3205 <p id="rfc.section. 9.2.2.p.2">New status codes are required to fall under one of the categories defined in <a href="#status.codes" title="Response Status Codes">Section 7</a>. To allow existing parsers to properly handle them, new status codes cannot disallow a payload, although they can mandate3196 <p id="rfc.section.8.2.2.p.2">New status codes are required to fall under one of the categories defined in <a href="#status.codes" title="Response Status Codes">Section 6</a>. To allow existing parsers to properly handle them, new status codes cannot disallow a payload, although they can mandate 3206 3197 a zero-length payload body. 3207 3198 </p> 3208 <p id="rfc.section. 9.2.2.p.3">A definition for a new status code ought to explain the request conditions that would cause a response containing that status3199 <p id="rfc.section.8.2.2.p.3">A definition for a new status code ought to explain the request conditions that would cause a response containing that status 3209 3200 code (e.g., combinations of request header fields and/or method(s)) along with any dependencies on response header fields 3210 3201 (e.g., what fields are required and what fields can modify the semantics). A response that can transfer a payload ought to 3211 3202 specify expected cache behavior (e.g., cacheability and freshness criteria, as described in <a href="#Part6" id="rfc.xref.Part6.15"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Caching">[Part6]</cite></a>) and whether the payload has any implied association with an identified resource (<a href="#identifying.payload" title="Identifying a Representation">Section 3.1.4.1</a>). 3212 3203 </p> 3213 <h3 id="rfc.section. 9.2.3"><a href="#rfc.section.9.2.3">9.2.3</a> <a id="status.code.registration" href="#status.code.registration">Registrations</a></h3>3214 <p id="rfc.section. 9.2.3.p.1">The HTTP Status Code Registry shall be updated with the registrations below:</p>3204 <h3 id="rfc.section.8.2.3"><a href="#rfc.section.8.2.3">8.2.3</a> <a id="status.code.registration" href="#status.code.registration">Registrations</a></h3> 3205 <p id="rfc.section.8.2.3.p.1">The HTTP Status Code Registry shall be updated with the registrations below:</p> 3215 3206 <div id="rfc.table.3"> 3216 3207 <div id="iana.status.code.registration.table"></div> … … 3227 3218 <td class="left">100</td> 3228 3219 <td class="left">Continue</td> 3229 <td class="left"> <a href="#status.100" id="rfc.xref.status.100.4" title="100 Continue">Section 7.2.1</a>3220 <td class="left"> <a href="#status.100" id="rfc.xref.status.100.4" title="100 Continue">Section 6.2.1</a> 3230 3221 </td> 3231 3222 </tr> … … 3233 3224 <td class="left">101</td> 3234 3225 <td class="left">Switching Protocols</td> 3235 <td class="left"> <a href="#status.101" id="rfc.xref.status.101.2" title="101 Switching Protocols">Section 7.2.2</a>3226 <td class="left"> <a href="#status.101" id="rfc.xref.status.101.2" title="101 Switching Protocols">Section 6.2.2</a> 3236 3227 </td> 3237 3228 </tr> … … 3239 3230 <td class="left">200</td> 3240 3231 <td class="left">OK</td> 3241 <td class="left"> <a href="#status.200" id="rfc.xref.status.200.2" title="200 OK">Section 7.3.1</a>3232 <td class="left"> <a href="#status.200" id="rfc.xref.status.200.2" title="200 OK">Section 6.3.1</a> 3242 3233 </td> 3243 3234 </tr> … … 3245 3236 <td class="left">201</td> 3246 3237 <td class="left">Created</td> 3247 <td class="left"> <a href="#status.201" id="rfc.xref.status.201.2" title="201 Created">Section 7.3.2</a>3238 <td class="left"> <a href="#status.201" id="rfc.xref.status.201.2" title="201 Created">Section 6.3.2</a> 3248 3239 </td> 3249 3240 </tr> … … 3251 3242 <td class="left">202</td> 3252 3243 <td class="left">Accepted</td> 3253 <td class="left"> <a href="#status.202" id="rfc.xref.status.202.2" title="202 Accepted">Section 7.3.3</a>3244 <td class="left"> <a href="#status.202" id="rfc.xref.status.202.2" title="202 Accepted">Section 6.3.3</a> 3254 3245 </td> 3255 3246 </tr> … … 3257 3248 <td class="left">203</td> 3258 3249 <td class="left">Non-Authoritative Information</td> 3259 <td class="left"> <a href="#status.203" id="rfc.xref.status.203.2" title="203 Non-Authoritative Information">Section 7.3.4</a>3250 <td class="left"> <a href="#status.203" id="rfc.xref.status.203.2" title="203 Non-Authoritative Information">Section 6.3.4</a> 3260 3251 </td> 3261 3252 </tr> … … 3263 3254 <td class="left">204</td> 3264 3255 <td class="left">No Content</td> 3265 <td class="left"> <a href="#status.204" id="rfc.xref.status.204.2" title="204 No Content">Section 7.3.5</a>3256 <td class="left"> <a href="#status.204" id="rfc.xref.status.204.2" title="204 No Content">Section 6.3.5</a> 3266 3257 </td> 3267 3258 </tr> … … 3269 3260 <td class="left">205</td> 3270 3261 <td class="left">Reset Content</td> 3271 <td class="left"> <a href="#status.205" id="rfc.xref.status.205.2" title="205 Reset Content">Section 7.3.6</a>3262 <td class="left"> <a href="#status.205" id="rfc.xref.status.205.2" title="205 Reset Content">Section 6.3.6</a> 3272 3263 </td> 3273 3264 </tr> … … 3275 3266 <td class="left">300</td> 3276 3267 <td class="left">Multiple Choices</td> 3277 <td class="left"> <a href="#status.300" id="rfc.xref.status.300.2" title="300 Multiple Choices">Section 7.4.1</a>3268 <td class="left"> <a href="#status.300" id="rfc.xref.status.300.2" title="300 Multiple Choices">Section 6.4.1</a> 3278 3269 </td> 3279 3270 </tr> … … 3281 3272 <td class="left">301</td> 3282 3273 <td class="left">Moved Permanently</td> 3283 <td class="left"> <a href="#status.301" id="rfc.xref.status.301.2" title="301 Moved Permanently">Section 7.4.2</a>3274 <td class="left"> <a href="#status.301" id="rfc.xref.status.301.2" title="301 Moved Permanently">Section 6.4.2</a> 3284 3275 </td> 3285 3276 </tr> … … 3287 3278 <td class="left">302</td> 3288 3279 <td class="left">Found</td> 3289 <td class="left"> <a href="#status.302" id="rfc.xref.status.302.2" title="302 Found">Section 7.4.3</a>3280 <td class="left"> <a href="#status.302" id="rfc.xref.status.302.2" title="302 Found">Section 6.4.3</a> 3290 3281 </td> 3291 3282 </tr> … … 3293 3284 <td class="left">303</td> 3294 3285 <td class="left">See Other</td> 3295 <td class="left"> <a href="#status.303" id="rfc.xref.status.303.2" title="303 See Other">Section 7.4.4</a>3286 <td class="left"> <a href="#status.303" id="rfc.xref.status.303.2" title="303 See Other">Section 6.4.4</a> 3296 3287 </td> 3297 3288 </tr> … … 3299 3290 <td class="left">305</td> 3300 3291 <td class="left">Use Proxy</td> 3301 <td class="left"> <a href="#status.305" id="rfc.xref.status.305.2" title="305 Use Proxy">Section 7.4.5</a>3292 <td class="left"> <a href="#status.305" id="rfc.xref.status.305.2" title="305 Use Proxy">Section 6.4.5</a> 3302 3293 </td> 3303 3294 </tr> … … 3305 3296 <td class="left">306</td> 3306 3297 <td class="left">(Unused)</td> 3307 <td class="left"> <a href="#status.306" id="rfc.xref.status.306.1" title="306 (Unused)">Section 7.4.6</a>3298 <td class="left"> <a href="#status.306" id="rfc.xref.status.306.1" title="306 (Unused)">Section 6.4.6</a> 3308 3299 </td> 3309 3300 </tr> … … 3311 3302 <td class="left">307</td> 3312 3303 <td class="left">Temporary Redirect</td> 3313 <td class="left"> <a href="#status.307" id="rfc.xref.status.307.2" title="307 Temporary Redirect">Section 7.4.7</a>3304 <td class="left"> <a href="#status.307" id="rfc.xref.status.307.2" title="307 Temporary Redirect">Section 6.4.7</a> 3314 3305 </td> 3315 3306 </tr> … … 3317 3308 <td class="left">400</td> 3318 3309 <td class="left">Bad Request</td> 3319 <td class="left"> <a href="#status.400" id="rfc.xref.status.400.2" title="400 Bad Request">Section 7.5.1</a>3310 <td class="left"> <a href="#status.400" id="rfc.xref.status.400.2" title="400 Bad Request">Section 6.5.1</a> 3320 3311 </td> 3321 3312 </tr> … … 3323 3314 <td class="left">402</td> 3324 3315 <td class="left">Payment Required</td> 3325 <td class="left"> <a href="#status.402" id="rfc.xref.status.402.2" title="402 Payment Required">Section 7.5.2</a>3316 <td class="left"> <a href="#status.402" id="rfc.xref.status.402.2" title="402 Payment Required">Section 6.5.2</a> 3326 3317 </td> 3327 3318 </tr> … … 3329 3320 <td class="left">403</td> 3330 3321 <td class="left">Forbidden</td> 3331 <td class="left"> <a href="#status.403" id="rfc.xref.status.403.2" title="403 Forbidden">Section 7.5.3</a>3322 <td class="left"> <a href="#status.403" id="rfc.xref.status.403.2" title="403 Forbidden">Section 6.5.3</a> 3332 3323 </td> 3333 3324 </tr> … … 3335 3326 <td class="left">404</td> 3336 3327 <td class="left">Not Found</td> 3337 <td class="left"> <a href="#status.404" id="rfc.xref.status.404.2" title="404 Not Found">Section 7.5.4</a>3328 <td class="left"> <a href="#status.404" id="rfc.xref.status.404.2" title="404 Not Found">Section 6.5.4</a> 3338 3329 </td> 3339 3330 </tr> … … 3341 3332 <td class="left">405</td> 3342 3333 <td class="left">Method Not Allowed</td> 3343 <td class="left"> <a href="#status.405" id="rfc.xref.status.405.2" title="405 Method Not Allowed">Section 7.5.5</a>3334 <td class="left"> <a href="#status.405" id="rfc.xref.status.405.2" title="405 Method Not Allowed">Section 6.5.5</a> 3344 3335 </td> 3345 3336 </tr> … … 3347 3338 <td class="left">406</td> 3348 3339 <td class="left">Not Acceptable</td> 3349 <td class="left"> <a href="#status.406" id="rfc.xref.status.406.2" title="406 Not Acceptable">Section 7.5.6</a>3340 <td class="left"> <a href="#status.406" id="rfc.xref.status.406.2" title="406 Not Acceptable">Section 6.5.6</a> 3350 3341 </td> 3351 3342 </tr> … … 3353 3344 <td class="left">408</td> 3354 3345 <td class="left">Request Timeout</td> 3355 <td class="left"> <a href="#status.408" id="rfc.xref.status.408.2" title="408 Request Timeout">Section 7.5.7</a>3346 <td class="left"> <a href="#status.408" id="rfc.xref.status.408.2" title="408 Request Timeout">Section 6.5.7</a> 3356 3347 </td> 3357 3348 </tr> … … 3359 3350 <td class="left">409</td> 3360 3351 <td class="left">Conflict</td> 3361 <td class="left"> <a href="#status.409" id="rfc.xref.status.409.2" title="409 Conflict">Section 7.5.8</a>3352 <td class="left"> <a href="#status.409" id="rfc.xref.status.409.2" title="409 Conflict">Section 6.5.8</a> 3362 3353 </td> 3363 3354 </tr> … … 3365 3356 <td class="left">410</td> 3366 3357 <td class="left">Gone</td> 3367 <td class="left"> <a href="#status.410" id="rfc.xref.status.410.2" title="410 Gone">Section 7.5.9</a>3358 <td class="left"> <a href="#status.410" id="rfc.xref.status.410.2" title="410 Gone">Section 6.5.9</a> 3368 3359 </td> 3369 3360 </tr> … … 3371 3362 <td class="left">411</td> 3372 3363 <td class="left">Length Required</td> 3373 <td class="left"> <a href="#status.411" id="rfc.xref.status.411.2" title="411 Length Required">Section 7.5.10</a>3364 <td class="left"> <a href="#status.411" id="rfc.xref.status.411.2" title="411 Length Required">Section 6.5.10</a> 3374 3365 </td> 3375 3366 </tr> … … 3377 3368 <td class="left">413</td> 3378 3369 <td class="left">Request Representation Too Large</td> 3379 <td class="left"> <a href="#status.413" id="rfc.xref.status.413.2" title="413 Request Representation Too Large">Section 7.5.11</a>3370 <td class="left"> <a href="#status.413" id="rfc.xref.status.413.2" title="413 Request Representation Too Large">Section 6.5.11</a> 3380 3371 </td> 3381 3372 </tr> … … 3383 3374 <td class="left">414</td> 3384 3375 <td class="left">URI Too Long</td> 3385 <td class="left"> <a href="#status.414" id="rfc.xref.status.414.2" title="414 URI Too Long">Section 7.5.12</a>3376 <td class="left"> <a href="#status.414" id="rfc.xref.status.414.2" title="414 URI Too Long">Section 6.5.12</a> 3386 3377 </td> 3387 3378 </tr> … … 3389 3380 <td class="left">415</td> 3390 3381 <td class="left">Unsupported Media Type</td> 3391 <td class="left"> <a href="#status.415" id="rfc.xref.status.415.2" title="415 Unsupported Media Type">Section 7.5.13</a>3382 <td class="left"> <a href="#status.415" id="rfc.xref.status.415.2" title="415 Unsupported Media Type">Section 6.5.13</a> 3392 3383 </td> 3393 3384 </tr> … … 3395 3386 <td class="left">417</td> 3396 3387 <td class="left">Expectation Failed</td> 3397 <td class="left"> <a href="#status.417" id="rfc.xref.status.417.2" title="417 Expectation Failed">Section 7.5.14</a>3388 <td class="left"> <a href="#status.417" id="rfc.xref.status.417.2" title="417 Expectation Failed">Section 6.5.14</a> 3398 3389 </td> 3399 3390 </tr> … … 3401 3392 <td class="left">426</td> 3402 3393 <td class="left">Upgrade Required</td> 3403 <td class="left"> <a href="#status.426" id="rfc.xref.status.426.2" title="426 Upgrade Required">Section 7.5.15</a>3394 <td class="left"> <a href="#status.426" id="rfc.xref.status.426.2" title="426 Upgrade Required">Section 6.5.15</a> 3404 3395 </td> 3405 3396 </tr> … … 3407 3398 <td class="left">500</td> 3408 3399 <td class="left">Internal Server Error</td> 3409 <td class="left"> <a href="#status.500" id="rfc.xref.status.500.2" title="500 Internal Server Error">Section 7.6.1</a>3400 <td class="left"> <a href="#status.500" id="rfc.xref.status.500.2" title="500 Internal Server Error">Section 6.6.1</a> 3410 3401 </td> 3411 3402 </tr> … … 3413 3404 <td class="left">501</td> 3414 3405 <td class="left">Not Implemented</td> 3415 <td class="left"> <a href="#status.501" id="rfc.xref.status.501.2" title="501 Not Implemented">Section 7.6.2</a>3406 <td class="left"> <a href="#status.501" id="rfc.xref.status.501.2" title="501 Not Implemented">Section 6.6.2</a> 3416 3407 </td> 3417 3408 </tr> … … 3419 3410 <td class="left">502</td> 3420 3411 <td class="left">Bad Gateway</td> 3421 <td class="left"> <a href="#status.502" id="rfc.xref.status.502.2" title="502 Bad Gateway">Section 7.6.3</a>3412 <td class="left"> <a href="#status.502" id="rfc.xref.status.502.2" title="502 Bad Gateway">Section 6.6.3</a> 3422 3413 </td> 3423 3414 </tr> … … 3425 3416 <td class="left">503</td> 3426 3417 <td class="left">Service Unavailable</td> 3427 <td class="left"> <a href="#status.503" id="rfc.xref.status.503.2" title="503 Service Unavailable">Section 7.6.4</a>3418 <td class="left"> <a href="#status.503" id="rfc.xref.status.503.2" title="503 Service Unavailable">Section 6.6.4</a> 3428 3419 </td> 3429 3420 </tr> … … 3431 3422 <td class="left">504</td> 3432 3423 <td class="left">Gateway Timeout</td> 3433 <td class="left"> <a href="#status.504" id="rfc.xref.status.504.2" title="504 Gateway Timeout">Section 7.6.5</a>3424 <td class="left"> <a href="#status.504" id="rfc.xref.status.504.2" title="504 Gateway Timeout">Section 6.6.5</a> 3434 3425 </td> 3435 3426 </tr> … … 3437 3428 <td class="left">505</td> 3438 3429 <td class="left">HTTP Version Not Supported</td> 3439 <td class="left"> <a href="#status.505" id="rfc.xref.status.505.2" title="505 HTTP Version Not Supported">Section 7.6.6</a>3430 <td class="left"> <a href="#status.505" id="rfc.xref.status.505.2" title="505 HTTP Version Not Supported">Section 6.6.6</a> 3440 3431 </td> 3441 3432 </tr> … … 3443 3434 </table> 3444 3435 </div> 3445 <h2 id="rfc.section. 9.3"><a href="#rfc.section.9.3">9.3</a> <a id="header.field.registry" href="#header.field.registry">Header Field Registry</a></h2>3446 <p id="rfc.section. 9.3.p.1">HTTP header fields are registered within the Message Header Field Registry located at <<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>>, as defined by <a href="#BCP90" id="rfc.xref.BCP90.1"><cite title="Registration Procedures for Message Header Fields">[BCP90]</cite></a>.3447 </p> 3448 <h3 id="rfc.section. 9.3.1"><a href="#rfc.section.9.3.1">9.3.1</a> <a id="considerations.for.new.header.fields" href="#considerations.for.new.header.fields">Considerations for New Header Fields</a></h3>3449 <p id="rfc.section. 9.3.1.p.1">Header fields are key:value pairs that can be used to communicate data about the message, its payload, the target resource,3450 or the connection (i.e., control data). See <a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a> of <a href="#Part1" id="rfc.xref.Part1.3 1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> for a general definition of header field syntax in HTTP messages.3451 </p> 3452 <p id="rfc.section. 9.3.1.p.2">The requirements for header field names are defined in <a href="#BCP90" id="rfc.xref.BCP90.2"><cite title="Registration Procedures for Message Header Fields">[BCP90]</cite></a>. Authors of specifications defining new fields are advised to keep the name as short as practical and to not prefix the name3436 <h2 id="rfc.section.8.3"><a href="#rfc.section.8.3">8.3</a> <a id="header.field.registry" href="#header.field.registry">Header Field Registry</a></h2> 3437 <p id="rfc.section.8.3.p.1">HTTP header fields are registered within the Message Header Field Registry located at <<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>>, as defined by <a href="#BCP90" id="rfc.xref.BCP90.1"><cite title="Registration Procedures for Message Header Fields">[BCP90]</cite></a>. 3438 </p> 3439 <h3 id="rfc.section.8.3.1"><a href="#rfc.section.8.3.1">8.3.1</a> <a id="considerations.for.new.header.fields" href="#considerations.for.new.header.fields">Considerations for New Header Fields</a></h3> 3440 <p id="rfc.section.8.3.1.p.1">Header fields are key:value pairs that can be used to communicate data about the message, its payload, the target resource, 3441 or the connection (i.e., control data). See <a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a> of <a href="#Part1" id="rfc.xref.Part1.30"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> for a general definition of header field syntax in HTTP messages. 3442 </p> 3443 <p id="rfc.section.8.3.1.p.2">The requirements for header field names are defined in <a href="#BCP90" id="rfc.xref.BCP90.2"><cite title="Registration Procedures for Message Header Fields">[BCP90]</cite></a>. Authors of specifications defining new fields are advised to keep the name as short as practical and to not prefix the name 3453 3444 with "X-" unless the header field will never be used on the Internet. (The "x-" prefix idiom has been extensively misused 3454 3445 in practice; it was intended to only be used as a mechanism for avoiding name collisions inside proprietary software or intranet 3455 3446 processing, since the prefix would ensure that private names never collide with a newly registered Internet name.) 3456 3447 </p> 3457 <p id="rfc.section. 9.3.1.p.3">New header field values typically have their syntax defined using ABNF (<a href="#RFC5234" id="rfc.xref.RFC5234.2"><cite title="Augmented BNF for Syntax Specifications: ABNF">[RFC5234]</cite></a>), using the extension defined in <a href="p1-messaging.html#abnf.extension" title="ABNF list extension: #rule">Appendix B</a> of <a href="#Part1" id="rfc.xref.Part1.32"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> as necessary, and are usually constrained to the range of ASCII characters. Header fields needing a greater range of characters3448 <p id="rfc.section.8.3.1.p.3">New header field values typically have their syntax defined using ABNF (<a href="#RFC5234" id="rfc.xref.RFC5234.2"><cite title="Augmented BNF for Syntax Specifications: ABNF">[RFC5234]</cite></a>), using the extension defined in <a href="p1-messaging.html#abnf.extension" title="ABNF list extension: #rule">Appendix B</a> of <a href="#Part1" id="rfc.xref.Part1.31"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> as necessary, and are usually constrained to the range of ASCII characters. Header fields needing a greater range of characters 3458 3449 can use an encoding such as the one defined in <a href="#RFC5987" id="rfc.xref.RFC5987.1"><cite title="Character Set and Language Encoding for Hypertext Transfer Protocol (HTTP) Header Field Parameters">[RFC5987]</cite></a>. 3459 3450 </p> 3460 <p id="rfc.section. 9.3.1.p.4">Because commas (",") are used as a generic delimiter between field-values, they need to be treated with care if they are allowed3451 <p id="rfc.section.8.3.1.p.4">Because commas (",") are used as a generic delimiter between field-values, they need to be treated with care if they are allowed 3461 3452 in the field-value's payload. Typically, components that might contain a comma are protected with double-quotes using the 3462 quoted-string ABNF production (<a href="p1-messaging.html#field.components" title="Field value components">Section 3.2.6</a> of <a href="#Part1" id="rfc.xref.Part1.3 3"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>).3463 </p> 3464 <p id="rfc.section. 9.3.1.p.5">For example, a textual date and a URI (either of which might contain a comma) could be safely carried in field-values like3453 quoted-string ABNF production (<a href="p1-messaging.html#field.components" title="Field value components">Section 3.2.6</a> of <a href="#Part1" id="rfc.xref.Part1.32"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>). 3454 </p> 3455 <p id="rfc.section.8.3.1.p.5">For example, a textual date and a URI (either of which might contain a comma) could be safely carried in field-values like 3465 3456 these: 3466 3457 </p> 3467 <div id="rfc.figure.u.6 3"></div><pre class="text"> Example-URI-Field: "http://example.com/a.html,foo",3458 <div id="rfc.figure.u.62"></div><pre class="text"> Example-URI-Field: "http://example.com/a.html,foo", 3468 3459 "http://without-a-comma.example.com/" 3469 3460 Example-Date-Field: "Sat, 04 May 1996", "Wed, 14 Sep 2005" 3470 </pre><p id="rfc.section. 9.3.1.p.7">Note that double-quote delimiters almost always are used with the quoted-string production; using a different syntax inside3461 </pre><p id="rfc.section.8.3.1.p.7">Note that double-quote delimiters almost always are used with the quoted-string production; using a different syntax inside 3471 3462 double-quotes will likely cause unnecessary confusion. 3472 3463 </p> 3473 <p id="rfc.section. 9.3.1.p.8">Many header fields use a format including (case-insensitively) named parameters (for instance, <a href="#header.content-type" class="smpl">Content-Type</a>, defined in <a href="#header.content-type" id="rfc.xref.header.content-type.4" title="Content-Type">Section 3.1.1.5</a>). Allowing both unquoted (token) and quoted (quoted-string) syntax for the parameter value enables recipients to use existing3464 <p id="rfc.section.8.3.1.p.8">Many header fields use a format including (case-insensitively) named parameters (for instance, <a href="#header.content-type" class="smpl">Content-Type</a>, defined in <a href="#header.content-type" id="rfc.xref.header.content-type.4" title="Content-Type">Section 3.1.1.5</a>). Allowing both unquoted (token) and quoted (quoted-string) syntax for the parameter value enables recipients to use existing 3474 3465 parser components. When allowing both forms, the meaning of a parameter value ought to be independent of the syntax used for 3475 3466 it (for an example, see the notes on parameter handling for media types in <a href="#media.type" title="Media Type">Section 3.1.1.1</a>). 3476 3467 </p> 3477 <p id="rfc.section. 9.3.1.p.9">Authors of specifications defining new header fields are advised to consider documenting: </p>3468 <p id="rfc.section.8.3.1.p.9">Authors of specifications defining new header fields are advised to consider documenting: </p> 3478 3469 <ul> 3479 3470 <li> 3480 <p>Whether the field is a single value, or whether it can be a list (delimited by commas; see <a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a> of <a href="#Part1" id="rfc.xref.Part1.3 4"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>).3471 <p>Whether the field is a single value, or whether it can be a list (delimited by commas; see <a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a> of <a href="#Part1" id="rfc.xref.Part1.33"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>). 3481 3472 </p> 3482 3473 <p>If it does not use the list syntax, document how to treat messages where the header field occurs multiple times (a sensible … … 3494 3485 </li> 3495 3486 <li> 3496 <p>Whether it is appropriate to list the field-name in the <a href="p1-messaging.html#header.connection" class="smpl">Connection</a> header field (i.e., if the header field is to be hop-by-hop; see <a href="p1-messaging.html#header.connection" title="Connection">Section 6.1</a> of <a href="#Part1" id="rfc.xref.Part1.3 5"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>).3487 <p>Whether it is appropriate to list the field-name in the <a href="p1-messaging.html#header.connection" class="smpl">Connection</a> header field (i.e., if the header field is to be hop-by-hop; see <a href="p1-messaging.html#header.connection" title="Connection">Section 6.1</a> of <a href="#Part1" id="rfc.xref.Part1.34"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>). 3497 3488 </p> 3498 3489 </li> … … 3505 3496 </li> 3506 3497 <li> 3507 <p>Whether the header field is useful or allowable in trailers (see <a href="p1-messaging.html#chunked.encoding" title="Chunked Transfer Coding">Section 4.1</a> of <a href="#Part1" id="rfc.xref.Part1.3 6"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>).3498 <p>Whether the header field is useful or allowable in trailers (see <a href="p1-messaging.html#chunked.encoding" title="Chunked Transfer Coding">Section 4.1</a> of <a href="#Part1" id="rfc.xref.Part1.35"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>). 3508 3499 </p> 3509 3500 </li> … … 3512 3503 </li> 3513 3504 </ul> 3514 <h3 id="rfc.section. 9.3.2"><a href="#rfc.section.9.3.2">9.3.2</a> <a id="header.field.registration" href="#header.field.registration">Registrations</a></h3>3515 <p id="rfc.section. 9.3.2.p.1">The Message Header Field Registry shall be updated with the following permanent registrations:</p>3505 <h3 id="rfc.section.8.3.2"><a href="#rfc.section.8.3.2">8.3.2</a> <a id="header.field.registration" href="#header.field.registration">Registrations</a></h3> 3506 <p id="rfc.section.8.3.2.p.1">The Message Header Field Registry shall be updated with the following permanent registrations:</p> 3516 3507 <div id="rfc.table.4"> 3517 3508 <div id="iana.header.registration.table"></div> … … 3530 3521 <td class="left">http</td> 3531 3522 <td class="left">standard</td> 3532 <td class="left"> <a href="#header.accept" id="rfc.xref.header.accept.3" title="Accept">Section 6.3.2</a>3523 <td class="left"> <a href="#header.accept" id="rfc.xref.header.accept.3" title="Accept">Section 5.3.2</a> 3533 3524 </td> 3534 3525 </tr> … … 3537 3528 <td class="left">http</td> 3538 3529 <td class="left">standard</td> 3539 <td class="left"> <a href="#header.accept-charset" id="rfc.xref.header.accept-charset.2" title="Accept-Charset">Section 6.3.3</a>3530 <td class="left"> <a href="#header.accept-charset" id="rfc.xref.header.accept-charset.2" title="Accept-Charset">Section 5.3.3</a> 3540 3531 </td> 3541 3532 </tr> … … 3544 3535 <td class="left">http</td> 3545 3536 <td class="left">standard</td> 3546 <td class="left"> <a href="#header.accept-encoding" id="rfc.xref.header.accept-encoding.3" title="Accept-Encoding">Section 6.3.4</a>3537 <td class="left"> <a href="#header.accept-encoding" id="rfc.xref.header.accept-encoding.3" title="Accept-Encoding">Section 5.3.4</a> 3547 3538 </td> 3548 3539 </tr> … … 3551 3542 <td class="left">http</td> 3552 3543 <td class="left">standard</td> 3553 <td class="left"> <a href="#header.accept-language" id="rfc.xref.header.accept-language.2" title="Accept-Language">Section 6.3.5</a>3544 <td class="left"> <a href="#header.accept-language" id="rfc.xref.header.accept-language.2" title="Accept-Language">Section 5.3.5</a> 3554 3545 </td> 3555 3546 </tr> … … 3558 3549 <td class="left">http</td> 3559 3550 <td class="left">standard</td> 3560 <td class="left"> <a href="#header.allow" id="rfc.xref.header.allow.3" title="Allow">Section 8.4.1</a>3551 <td class="left"> <a href="#header.allow" id="rfc.xref.header.allow.3" title="Allow">Section 7.4.1</a> 3561 3552 </td> 3562 3553 </tr> … … 3593 3584 <td class="left">http</td> 3594 3585 <td class="left">standard</td> 3595 <td class="left"> <a href="#header.date" id="rfc.xref.header.date.3" title="Date">Section 8.1.1.2</a>3586 <td class="left"> <a href="#header.date" id="rfc.xref.header.date.3" title="Date">Section 7.1.1.2</a> 3596 3587 </td> 3597 3588 </tr> … … 3600 3591 <td class="left">http</td> 3601 3592 <td class="left">standard</td> 3602 <td class="left"> <a href="#header.expect" id="rfc.xref.header.expect.3" title="Expect">Section 6.1.2</a>3593 <td class="left"> <a href="#header.expect" id="rfc.xref.header.expect.3" title="Expect">Section 5.1.2</a> 3603 3594 </td> 3604 3595 </tr> … … 3607 3598 <td class="left">http</td> 3608 3599 <td class="left">standard</td> 3609 <td class="left"> <a href="#header.from" id="rfc.xref.header.from.2" title="From">Section 6.5.1</a>3600 <td class="left"> <a href="#header.from" id="rfc.xref.header.from.2" title="From">Section 5.5.1</a> 3610 3601 </td> 3611 3602 </tr> … … 3614 3605 <td class="left">http</td> 3615 3606 <td class="left">standard</td> 3616 <td class="left"> <a href="#header.location" id="rfc.xref.header.location.4" title="Location">Section 8.1.2</a>3607 <td class="left"> <a href="#header.location" id="rfc.xref.header.location.4" title="Location">Section 7.1.2</a> 3617 3608 </td> 3618 3609 </tr> … … 3628 3619 <td class="left">http</td> 3629 3620 <td class="left">standard</td> 3630 <td class="left"> <a href="#header.max-forwards" id="rfc.xref.header.max-forwards.4" title="Max-Forwards">Section 6.1.1</a>3621 <td class="left"> <a href="#header.max-forwards" id="rfc.xref.header.max-forwards.4" title="Max-Forwards">Section 5.1.1</a> 3631 3622 </td> 3632 3623 </tr> … … 3635 3626 <td class="left">http</td> 3636 3627 <td class="left">standard</td> 3637 <td class="left"> <a href="#header.referer" id="rfc.xref.header.referer.2" title="Referer">Section 6.5.2</a>3628 <td class="left"> <a href="#header.referer" id="rfc.xref.header.referer.2" title="Referer">Section 5.5.2</a> 3638 3629 </td> 3639 3630 </tr> … … 3642 3633 <td class="left">http</td> 3643 3634 <td class="left">standard</td> 3644 <td class="left"> <a href="#header.retry-after" id="rfc.xref.header.retry-after.3" title="Retry-After">Section 8.1.3</a>3635 <td class="left"> <a href="#header.retry-after" id="rfc.xref.header.retry-after.3" title="Retry-After">Section 7.1.3</a> 3645 3636 </td> 3646 3637 </tr> … … 3649 3640 <td class="left">http</td> 3650 3641 <td class="left">standard</td> 3651 <td class="left"> <a href="#header.server" id="rfc.xref.header.server.2" title="Server">Section 8.4.2</a>3642 <td class="left"> <a href="#header.server" id="rfc.xref.header.server.2" title="Server">Section 7.4.2</a> 3652 3643 </td> 3653 3644 </tr> … … 3656 3647 <td class="left">http</td> 3657 3648 <td class="left">standard</td> 3658 <td class="left"> <a href="#header.user-agent" id="rfc.xref.header.user-agent. 2" title="User-Agent">Section 6.5.3</a>3649 <td class="left"> <a href="#header.user-agent" id="rfc.xref.header.user-agent.3" title="User-Agent">Section 5.5.3</a> 3659 3650 </td> 3660 3651 </tr> … … 3663 3654 <td class="left">http</td> 3664 3655 <td class="left">standard</td> 3665 <td class="left"> <a href="#header.vary" id="rfc.xref.header.vary.3" title="Vary">Section 8.2.1</a>3656 <td class="left"> <a href="#header.vary" id="rfc.xref.header.vary.3" title="Vary">Section 7.2.1</a> 3666 3657 </td> 3667 3658 </tr> … … 3669 3660 </table> 3670 3661 </div> 3671 <p id="rfc.section. 9.3.2.p.2">The change controller for the above registrations is: "IETF (iesg@ietf.org) - Internet Engineering Task Force".</p>3672 <h2 id="rfc.section. 9.4"><a href="#rfc.section.9.4">9.4</a> <a id="content.coding.registry" href="#content.coding.registry">Content Coding Registry</a></h2>3673 <p id="rfc.section. 9.4.p.1">The HTTP Content Coding Registry defines the name space for content coding names (<a href="p1-messaging.html#compression.codings" title="Compression Codings">Section 4.2</a> of <a href="#Part1" id="rfc.xref.Part1.37"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>). The content coding registry is maintained at <<a href="http://www.iana.org/assignments/http-parameters">http://www.iana.org/assignments/http-parameters</a>>.3674 </p> 3675 <h3 id="rfc.section. 9.4.1"><a href="#rfc.section.9.4.1">9.4.1</a> <a id="content.coding.procedure" href="#content.coding.procedure">Procedure</a></h3>3676 <p id="rfc.section. 9.4.1.p.1">Content Coding registrations <em class="bcp14">MUST</em> include the following fields:3662 <p id="rfc.section.8.3.2.p.2">The change controller for the above registrations is: "IETF (iesg@ietf.org) - Internet Engineering Task Force".</p> 3663 <h2 id="rfc.section.8.4"><a href="#rfc.section.8.4">8.4</a> <a id="content.coding.registry" href="#content.coding.registry">Content Coding Registry</a></h2> 3664 <p id="rfc.section.8.4.p.1">The HTTP Content Coding Registry defines the name space for content coding names (<a href="p1-messaging.html#compression.codings" title="Compression Codings">Section 4.2</a> of <a href="#Part1" id="rfc.xref.Part1.36"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>). The content coding registry is maintained at <<a href="http://www.iana.org/assignments/http-parameters">http://www.iana.org/assignments/http-parameters</a>>. 3665 </p> 3666 <h3 id="rfc.section.8.4.1"><a href="#rfc.section.8.4.1">8.4.1</a> <a id="content.coding.procedure" href="#content.coding.procedure">Procedure</a></h3> 3667 <p id="rfc.section.8.4.1.p.1">Content Coding registrations <em class="bcp14">MUST</em> include the following fields: 3677 3668 </p> 3678 3669 <ul> … … 3681 3672 <li>Pointer to specification text</li> 3682 3673 </ul> 3683 <p id="rfc.section. 9.4.1.p.2">Names of content codings <em class="bcp14">MUST NOT</em> overlap with names of transfer codings (<a href="p1-messaging.html#transfer.codings" title="Transfer Codings">Section 4</a> of <a href="#Part1" id="rfc.xref.Part1.38"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>), unless the encoding transformation is identical (as is the case for the compression codings defined in <a href="p1-messaging.html#compression.codings" title="Compression Codings">Section 4.2</a> of <a href="#Part1" id="rfc.xref.Part1.39"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>).3684 </p> 3685 <p id="rfc.section. 9.4.1.p.3">Values to be added to this name space require IETF Review (see <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a> of <a href="#RFC5226" id="rfc.xref.RFC5226.3"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>), and <em class="bcp14">MUST</em> conform to the purpose of content coding defined in this section.3686 </p> 3687 <h3 id="rfc.section. 9.4.2"><a href="#rfc.section.9.4.2">9.4.2</a> <a id="content.coding.registration" href="#content.coding.registration">Registrations</a></h3>3688 <p id="rfc.section. 9.4.2.p.1">The HTTP Content Codings Registry shall be updated with the registrations below:</p>3674 <p id="rfc.section.8.4.1.p.2">Names of content codings <em class="bcp14">MUST NOT</em> overlap with names of transfer codings (<a href="p1-messaging.html#transfer.codings" title="Transfer Codings">Section 4</a> of <a href="#Part1" id="rfc.xref.Part1.37"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>), unless the encoding transformation is identical (as is the case for the compression codings defined in <a href="p1-messaging.html#compression.codings" title="Compression Codings">Section 4.2</a> of <a href="#Part1" id="rfc.xref.Part1.38"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>). 3675 </p> 3676 <p id="rfc.section.8.4.1.p.3">Values to be added to this name space require IETF Review (see <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a> of <a href="#RFC5226" id="rfc.xref.RFC5226.3"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>), and <em class="bcp14">MUST</em> conform to the purpose of content coding defined in this section. 3677 </p> 3678 <h3 id="rfc.section.8.4.2"><a href="#rfc.section.8.4.2">8.4.2</a> <a id="content.coding.registration" href="#content.coding.registration">Registrations</a></h3> 3679 <p id="rfc.section.8.4.2.p.1">The HTTP Content Codings Registry shall be updated with the registrations below:</p> 3689 3680 <div id="rfc.table.5"> 3690 3681 <div id="iana.content.coding.registration.table"></div> … … 3701 3692 <td class="left">compress</td> 3702 3693 <td class="left">UNIX "compress" program method</td> 3703 <td class="left"> <a href="p1-messaging.html#compress.coding" title="Compress Coding">Section 4.2.1</a> of <a href="#Part1" id="rfc.xref.Part1. 40"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>3694 <td class="left"> <a href="p1-messaging.html#compress.coding" title="Compress Coding">Section 4.2.1</a> of <a href="#Part1" id="rfc.xref.Part1.39"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> 3704 3695 </td> 3705 3696 </tr> … … 3708 3699 <td class="left">"deflate" compression mechanism (<a href="#RFC1951" id="rfc.xref.RFC1951.1"><cite title="DEFLATE Compressed Data Format Specification version 1.3">[RFC1951]</cite></a>) used inside the "zlib" data format (<a href="#RFC1950" id="rfc.xref.RFC1950.1"><cite title="ZLIB Compressed Data Format Specification version 3.3">[RFC1950]</cite></a>) 3709 3700 </td> 3710 <td class="left"> <a href="p1-messaging.html#deflate.coding" title="Deflate Coding">Section 4.2.2</a> of <a href="#Part1" id="rfc.xref.Part1.4 1"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>3701 <td class="left"> <a href="p1-messaging.html#deflate.coding" title="Deflate Coding">Section 4.2.2</a> of <a href="#Part1" id="rfc.xref.Part1.40"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> 3711 3702 </td> 3712 3703 </tr> … … 3714 3705 <td class="left">gzip</td> 3715 3706 <td class="left">Same as GNU zip <a href="#RFC1952" id="rfc.xref.RFC1952.1"><cite title="GZIP file format specification version 4.3">[RFC1952]</cite></a></td> 3716 <td class="left"> <a href="p1-messaging.html#gzip.coding" title="Gzip Coding">Section 4.2.3</a> of <a href="#Part1" id="rfc.xref.Part1.4 2"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>3707 <td class="left"> <a href="p1-messaging.html#gzip.coding" title="Gzip Coding">Section 4.2.3</a> of <a href="#Part1" id="rfc.xref.Part1.41"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a> 3717 3708 </td> 3718 3709 </tr> … … 3721 3712 <td class="left">reserved (synonym for "no encoding" in <a href="#header.accept-encoding" class="smpl">Accept-Encoding</a> header field) 3722 3713 </td> 3723 <td class="left"> <a href="#header.accept-encoding" id="rfc.xref.header.accept-encoding.4" title="Accept-Encoding">Section 6.3.4</a>3714 <td class="left"> <a href="#header.accept-encoding" id="rfc.xref.header.accept-encoding.4" title="Accept-Encoding">Section 5.3.4</a> 3724 3715 </td> 3725 3716 </tr> … … 3727 3718 </table> 3728 3719 </div> 3729 <h1 id="rfc.section. 10"><a href="#rfc.section.10">10.</a> <a id="security.considerations" href="#security.considerations">Security Considerations</a></h1>3730 <p id="rfc.section. 10.p.1">This section is meant to inform application developers, information providers, and users of the security limitations in HTTP/1.13720 <h1 id="rfc.section.9"><a href="#rfc.section.9">9.</a> <a id="security.considerations" href="#security.considerations">Security Considerations</a></h1> 3721 <p id="rfc.section.9.p.1">This section is meant to inform application developers, information providers, and users of the security limitations in HTTP/1.1 3731 3722 as described by this document. The discussion does not include definitive solutions to the problems revealed, though it does 3732 3723 make some suggestions for reducing security risks. 3733 3724 </p> 3734 <h2 id="rfc.section. 10.1"><a href="#rfc.section.10.1">10.1</a> <a id="security.sensitive" href="#security.sensitive">Transfer of Sensitive Information</a></h2>3735 <p id="rfc.section. 10.1.p.1">Like any generic data transfer protocol, HTTP cannot regulate the content of the data that is transferred, nor is there any3725 <h2 id="rfc.section.9.1"><a href="#rfc.section.9.1">9.1</a> <a id="security.sensitive" href="#security.sensitive">Transfer of Sensitive Information</a></h2> 3726 <p id="rfc.section.9.1.p.1">Like any generic data transfer protocol, HTTP cannot regulate the content of the data that is transferred, nor is there any 3736 3727 a priori method of determining the sensitivity of any particular piece of information within the context of any given request. 3737 3728 Therefore, applications <em class="bcp14">SHOULD</em> supply as much control over this information as possible to the provider of that information. Four header fields are worth 3738 3729 special mention in this context: <a href="#header.server" class="smpl">Server</a>, <a href="p1-messaging.html#header.via" class="smpl">Via</a>, <a href="#header.referer" class="smpl">Referer</a> and <a href="#header.from" class="smpl">From</a>. 3739 3730 </p> 3740 <p id="rfc.section. 10.1.p.2">Revealing the specific software version of the server might allow the server machine to become more vulnerable to attacks3731 <p id="rfc.section.9.1.p.2">Revealing the specific software version of the server might allow the server machine to become more vulnerable to attacks 3741 3732 against software that is known to contain security holes. Implementers <em class="bcp14">SHOULD</em> make the <a href="#header.server" class="smpl">Server</a> header field a configurable option. 3742 3733 </p> 3743 <p id="rfc.section. 10.1.p.3">Proxies which serve as a portal through a network firewall <em class="bcp14">SHOULD</em> take special precautions regarding the transfer of header information that identifies the hosts behind the firewall. In particular,3734 <p id="rfc.section.9.1.p.3">Proxies which serve as a portal through a network firewall <em class="bcp14">SHOULD</em> take special precautions regarding the transfer of header information that identifies the hosts behind the firewall. In particular, 3744 3735 they <em class="bcp14">SHOULD</em> remove, or replace with sanitized versions, any <a href="p1-messaging.html#header.via" class="smpl">Via</a> fields generated behind the firewall. 3745 3736 </p> 3746 <p id="rfc.section. 10.1.p.4">The <a href="#header.referer" class="smpl">Referer</a> header field allows reading patterns to be studied and reverse links drawn. Although it can be very useful, its power can3737 <p id="rfc.section.9.1.p.4">The <a href="#header.referer" class="smpl">Referer</a> header field allows reading patterns to be studied and reverse links drawn. Although it can be very useful, its power can 3747 3738 be abused if user details are not separated from the information contained in the Referer. Even when the personal information 3748 3739 has been removed, the Referer header field might indicate a private document's URI whose publication would be inappropriate. 3749 3740 </p> 3750 <p id="rfc.section. 10.1.p.5">The information sent in the <a href="#header.from" class="smpl">From</a> field might conflict with the user's privacy interests or their site's security policy, and hence it <em class="bcp14">SHOULD NOT</em> be transmitted without the user being able to disable, enable, and modify the contents of the field. The user <em class="bcp14">MUST</em> be able to set the contents of this field within a user preference or application defaults configuration.3751 </p> 3752 <p id="rfc.section. 10.1.p.6">We suggest, though do not require, that a convenient toggle interface be provided for the user to enable or disable the sending3741 <p id="rfc.section.9.1.p.5">The information sent in the <a href="#header.from" class="smpl">From</a> field might conflict with the user's privacy interests or their site's security policy, and hence it <em class="bcp14">SHOULD NOT</em> be transmitted without the user being able to disable, enable, and modify the contents of the field. The user <em class="bcp14">MUST</em> be able to set the contents of this field within a user preference or application defaults configuration. 3742 </p> 3743 <p id="rfc.section.9.1.p.6">We suggest, though do not require, that a convenient toggle interface be provided for the user to enable or disable the sending 3753 3744 of <a href="#header.from" class="smpl">From</a> and <a href="#header.referer" class="smpl">Referer</a> information. 3754 3745 </p> 3755 <p id="rfc.section. 10.1.p.7">The <a href="#header.user-agent" class="smpl">User-Agent</a> (<a href="#header.user-agent" id="rfc.xref.header.user-agent.3" title="User-Agent">Section 6.5.3</a>) or <a href="#header.server" class="smpl">Server</a> (<a href="#header.server" id="rfc.xref.header.server.3" title="Server">Section 8.4.2</a>) header fields can sometimes be used to determine that a specific client or server has a particular security hole which might3746 <p id="rfc.section.9.1.p.7">The <a href="#header.user-agent" class="smpl">User-Agent</a> (<a href="#header.user-agent" id="rfc.xref.header.user-agent.4" title="User-Agent">Section 5.5.3</a>) or <a href="#header.server" class="smpl">Server</a> (<a href="#header.server" id="rfc.xref.header.server.3" title="Server">Section 7.4.2</a>) header fields can sometimes be used to determine that a specific client or server has a particular security hole which might 3756 3747 be exploited. Unfortunately, this same information is often used for other valuable purposes for which HTTP currently has 3757 3748 no better mechanism. 3758 3749 </p> 3759 <p id="rfc.section. 10.1.p.8">Furthermore, the <a href="#header.user-agent" class="smpl">User-Agent</a> header field might contain enough entropy to be used, possibly in conjunction with other material, to uniquely identify the3750 <p id="rfc.section.9.1.p.8">Furthermore, the <a href="#header.user-agent" class="smpl">User-Agent</a> header field might contain enough entropy to be used, possibly in conjunction with other material, to uniquely identify the 3760 3751 user. 3761 3752 </p> 3762 <p id="rfc.section. 10.1.p.9">Some request methods, like TRACE (<a href="#TRACE" id="rfc.xref.TRACE.4" title="TRACE">Section 5.3.8</a>), expose information that was sent in request header fields within the body of their response. Clients <em class="bcp14">SHOULD</em> be careful with sensitive information, like Cookies, Authorization credentials, and other header fields that might be used3753 <p id="rfc.section.9.1.p.9">Some request methods, like TRACE (<a href="#TRACE" id="rfc.xref.TRACE.4" title="TRACE">Section 4.3.8</a>), expose information that was sent in request header fields within the body of their response. Clients <em class="bcp14">SHOULD</em> be careful with sensitive information, like Cookies, Authorization credentials, and other header fields that might be used 3763 3754 to collect data from the client. 3764 3755 </p> 3765 <h2 id="rfc.section. 10.2"><a href="#rfc.section.10.2">10.2</a> <a id="encoding.sensitive.information.in.uris" href="#encoding.sensitive.information.in.uris">Encoding Sensitive Information in URIs</a></h2>3766 <p id="rfc.section. 10.2.p.1">Because the source of a link might be private information or might reveal an otherwise private information source, it is strongly3756 <h2 id="rfc.section.9.2"><a href="#rfc.section.9.2">9.2</a> <a id="encoding.sensitive.information.in.uris" href="#encoding.sensitive.information.in.uris">Encoding Sensitive Information in URIs</a></h2> 3757 <p id="rfc.section.9.2.p.1">Because the source of a link might be private information or might reveal an otherwise private information source, it is strongly 3767 3758 recommended that the user be able to select whether or not the <a href="#header.referer" class="smpl">Referer</a> field is sent. For example, a browser client could have a toggle switch for browsing openly/anonymously, which would respectively 3768 3759 enable/disable the sending of Referer and From information. 3769 3760 </p> 3770 <p id="rfc.section. 10.2.p.2">Clients <em class="bcp14">SHOULD NOT</em> include a <a href="#header.referer" class="smpl">Referer</a> header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol.3771 </p> 3772 <p id="rfc.section. 10.2.p.3">Authors of services <em class="bcp14">SHOULD NOT</em> use GET-based forms for the submission of sensitive data because that data will be placed in the request-target. Many existing3761 <p id="rfc.section.9.2.p.2">Clients <em class="bcp14">SHOULD NOT</em> include a <a href="#header.referer" class="smpl">Referer</a> header field in a (non-secure) HTTP request if the referring page was transferred with a secure protocol. 3762 </p> 3763 <p id="rfc.section.9.2.p.3">Authors of services <em class="bcp14">SHOULD NOT</em> use GET-based forms for the submission of sensitive data because that data will be placed in the request-target. Many existing 3773 3764 servers, proxies, and user agents log or display the request-target in places where it might be visible to third parties. 3774 3765 Such services can use POST-based form submission instead. 3775 3766 </p> 3776 <h2 id="rfc.section. 10.3"><a href="#rfc.section.10.3">10.3</a> <a id="location.spoofing-leakage" href="#location.spoofing-leakage">Location Header Fields: Spoofing and Information Leakage</a></h2>3777 <p id="rfc.section. 10.3.p.1">If a single server supports multiple organizations that do not trust one another, then it <em class="bcp14">MUST</em> check the values of <a href="#header.location" class="smpl">Location</a> and <a href="#header.content-location" class="smpl">Content-Location</a> header fields in responses that are generated under control of said organizations to make sure that they do not attempt to3767 <h2 id="rfc.section.9.3"><a href="#rfc.section.9.3">9.3</a> <a id="location.spoofing-leakage" href="#location.spoofing-leakage">Location Header Fields: Spoofing and Information Leakage</a></h2> 3768 <p id="rfc.section.9.3.p.1">If a single server supports multiple organizations that do not trust one another, then it <em class="bcp14">MUST</em> check the values of <a href="#header.location" class="smpl">Location</a> and <a href="#header.content-location" class="smpl">Content-Location</a> header fields in responses that are generated under control of said organizations to make sure that they do not attempt to 3778 3769 invalidate resources over which they have no authority. 3779 3770 </p> 3780 <p id="rfc.section. 10.3.p.2">Furthermore, appending the fragment identifier from one URI to another one obtained from a <a href="#header.location" class="smpl">Location</a> header field might leak confidential information to the target server — although the fragment identifier is not transmitted3771 <p id="rfc.section.9.3.p.2">Furthermore, appending the fragment identifier from one URI to another one obtained from a <a href="#header.location" class="smpl">Location</a> header field might leak confidential information to the target server — although the fragment identifier is not transmitted 3781 3772 in the final request, it might be visible to the user agent through other means, such as scripting. 3782 3773 </p> 3783 <h2 id="rfc.section. 10.4"><a href="#rfc.section.10.4">10.4</a> Security Considerations for CONNECT3774 <h2 id="rfc.section.9.4"><a href="#rfc.section.9.4">9.4</a> Security Considerations for CONNECT 3784 3775 </h2> 3785 <p id="rfc.section. 10.4.p.1">Since tunneled data is opaque to the proxy, there are additional risks to tunneling to other well-known or reserved ports.3776 <p id="rfc.section.9.4.p.1">Since tunneled data is opaque to the proxy, there are additional risks to tunneling to other well-known or reserved ports. 3786 3777 An HTTP client CONNECTing to port 25 could relay spam via SMTP, for example. As such, proxies <em class="bcp14">SHOULD</em> restrict CONNECT access to a small number of known ports. 3787 3778 </p> 3788 <h2 id="rfc.section. 10.5"><a href="#rfc.section.10.5">10.5</a> <a id="privacy.issues.connected.to.accept.header.fields" href="#privacy.issues.connected.to.accept.header.fields">Privacy Issues Connected to Accept Header Fields</a></h2>3789 <p id="rfc.section. 10.5.p.1">Accept header fields can reveal information about the user to all servers which are accessed. The <a href="#header.accept-language" class="smpl">Accept-Language</a> header field in particular can reveal information the user would consider to be of a private nature, because the understanding3779 <h2 id="rfc.section.9.5"><a href="#rfc.section.9.5">9.5</a> <a id="privacy.issues.connected.to.accept.header.fields" href="#privacy.issues.connected.to.accept.header.fields">Privacy Issues Connected to Accept Header Fields</a></h2> 3780 <p id="rfc.section.9.5.p.1">Accept header fields can reveal information about the user to all servers which are accessed. The <a href="#header.accept-language" class="smpl">Accept-Language</a> header field in particular can reveal information the user would consider to be of a private nature, because the understanding 3790 3781 of particular languages is often strongly correlated to the membership of a particular ethnic group. User agents which offer 3791 3782 the option to configure the contents of an Accept-Language header field to be sent in every request are strongly encouraged 3792 3783 to let the configuration process include a message which makes the user aware of the loss of privacy involved. 3793 3784 </p> 3794 <p id="rfc.section. 10.5.p.2">An approach that limits the loss of privacy would be for a user agent to omit the sending of Accept-Language header fields3785 <p id="rfc.section.9.5.p.2">An approach that limits the loss of privacy would be for a user agent to omit the sending of Accept-Language header fields 3795 3786 by default, and to ask the user whether or not to start sending Accept-Language header fields to a server if it detects, by 3796 3787 looking for any <a href="#header.vary" class="smpl">Vary</a> header fields generated by the server, that such sending could improve the quality of service. 3797 3788 </p> 3798 <p id="rfc.section. 10.5.p.3">Elaborate user-customized accept header fields sent in every request, in particular if these include quality values, can be3789 <p id="rfc.section.9.5.p.3">Elaborate user-customized accept header fields sent in every request, in particular if these include quality values, can be 3799 3790 used by servers as relatively reliable and long-lived user identifiers. Such user identifiers would allow content providers 3800 3791 to do click-trail tracking, and would allow collaborating content providers to match cross-server click-trails or form submissions … … 3805 3796 field configurability <em class="bcp14">SHOULD</em> warn users about the loss of privacy which can be involved. 3806 3797 </p> 3807 <h1 id="rfc.section.1 1"><a href="#rfc.section.11">11.</a> <a id="acks" href="#acks">Acknowledgments</a></h1>3808 <p id="rfc.section.1 1.p.1">See <a href="p1-messaging.html#acks" title="Acknowledgments">Section 9</a> of <a href="#Part1" id="rfc.xref.Part1.43"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>.3809 </p> 3810 <h1 id="rfc.references"><a id="rfc.section.1 2" href="#rfc.section.12">12.</a> References3798 <h1 id="rfc.section.10"><a href="#rfc.section.10">10.</a> <a id="acks" href="#acks">Acknowledgments</a></h1> 3799 <p id="rfc.section.10.p.1">See <a href="p1-messaging.html#acks" title="Acknowledgments">Section 9</a> of <a href="#Part1" id="rfc.xref.Part1.42"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>. 3800 </p> 3801 <h1 id="rfc.references"><a id="rfc.section.11" href="#rfc.section.11">11.</a> References 3811 3802 </h1> 3812 <h2 id="rfc.references.1"><a href="#rfc.section.1 2.1" id="rfc.section.12.1">12.1</a> Normative References3803 <h2 id="rfc.references.1"><a href="#rfc.section.11.1" id="rfc.section.11.1">11.1</a> Normative References 3813 3804 </h2> 3814 3805 <table> … … 3894 3885 </tr> 3895 3886 </table> 3896 <h2 id="rfc.references.2"><a href="#rfc.section.1 2.2" id="rfc.section.12.2">12.2</a> Informative References3887 <h2 id="rfc.references.2"><a href="#rfc.section.11.2" id="rfc.section.11.2">11.2</a> Informative References 3897 3888 </h2> 3898 3889 <table> … … 4028 4019 MIME environments. 4029 4020 </p> 4030 <div id="rfc.figure.u.6 4"></div><pre class="inline"><span id="rfc.iref.g.62"></span> <a href="#mime-version" class="smpl">MIME-Version</a> = 1*<a href="#imported.abnf" class="smpl">DIGIT</a> "." 1*<a href="#imported.abnf" class="smpl">DIGIT</a>4021 <div id="rfc.figure.u.63"></div><pre class="inline"><span id="rfc.iref.g.62"></span> <a href="#mime-version" class="smpl">MIME-Version</a> = 1*<a href="#imported.abnf" class="smpl">DIGIT</a> "." 1*<a href="#imported.abnf" class="smpl">DIGIT</a> 4031 4022 </pre><p id="rfc.section.A.1.p.3">MIME version "1.0" is the default for use in HTTP/1.1. However, HTTP/1.1 message parsing and semantics are defined by this 4032 4023 document and not the MIME specification. … … 4044 4035 </p> 4045 4036 <h2 id="rfc.section.A.3"><a href="#rfc.section.A.3">A.3</a> <a id="conversion.of.date.formats" href="#conversion.of.date.formats">Conversion of Date Formats</a></h2> 4046 <p id="rfc.section.A.3.p.1">HTTP/1.1 uses a restricted set of date formats (<a href="#http.date" title="Date/Time Formats">Section 8.1.1.1</a>) to simplify the process of date comparison. Proxies and gateways from other protocols <em class="bcp14">SHOULD</em> ensure that any <a href="#header.date" class="smpl">Date</a> header field present in a message conforms to one of the HTTP/1.1 formats and rewrite the date if necessary.4037 <p id="rfc.section.A.3.p.1">HTTP/1.1 uses a restricted set of date formats (<a href="#http.date" title="Date/Time Formats">Section 7.1.1.1</a>) to simplify the process of date comparison. Proxies and gateways from other protocols <em class="bcp14">SHOULD</em> ensure that any <a href="#header.date" class="smpl">Date</a> header field present in a message conforms to one of the HTTP/1.1 formats and rewrite the date if necessary. 4047 4038 </p> 4048 4039 <h2 id="rfc.section.A.4"><a href="#rfc.section.A.4">A.4</a> <a id="introduction.of.content-encoding" href="#introduction.of.content-encoding">Introduction of Content-Encoding</a></h2> … … 4088 4079 resources). (<a href="#header.content-location" id="rfc.xref.header.content-location.5" title="Content-Location">Section 3.1.4.2</a>) 4089 4080 </p> 4090 <p id="rfc.section.C.p.6">GET requests can have a body; it just has no meaning. (<a href="#GET" id="rfc.xref.GET.4" title="GET">Section 5.3.1</a>)4091 </p> 4092 <p id="rfc.section.C.p.7">The definition of POST has been clarified. (<a href="#POST" id="rfc.xref.POST.4" title="POST">Section 5.3.3</a>)4093 </p> 4094 <p id="rfc.section.C.p.8">Servers are no longer required to handle all Content-* header fields in requests. (<a href="#PUT" id="rfc.xref.PUT.4" title="PUT">Section 5.3.4</a>)4095 </p> 4096 <p id="rfc.section.C.p.9">Use of <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a> is explicitly banned on PUT requests. (<a href="#PUT" id="rfc.xref.PUT.5" title="PUT">Section 5.3.4</a>)4097 </p> 4098 <p id="rfc.section.C.p.10">The CONNECT method is now defined by this specification, taking over from <a href="#RFC2817" id="rfc.xref.RFC2817.2"><cite title="Upgrading to TLS Within HTTP/1.1">[RFC2817]</cite></a>. (<a href="#CONNECT" id="rfc.xref.CONNECT.3" title="CONNECT">Section 5.3.6</a>)4099 </p> 4100 <p id="rfc.section.C.p.11">The requirements upon and semantics of CONNECT request and response bodies have been clarified. (<a href="#CONNECT" id="rfc.xref.CONNECT.4" title="CONNECT">Section 5.3.6</a>)4101 </p> 4102 <p id="rfc.section.C.p.12">The <a href="#OPTIONS" class="smpl">OPTIONS</a> and <a href="#TRACE" class="smpl">TRACE</a> request methods are now defined as being safe. (<a href="#OPTIONS" id="rfc.xref.OPTIONS.4" title="OPTIONS">Section 5.3.7</a> and <a href="#TRACE" id="rfc.xref.TRACE.5" title="TRACE">Section 5.3.8</a>)4081 <p id="rfc.section.C.p.6">GET requests can have a body; it just has no meaning. (<a href="#GET" id="rfc.xref.GET.4" title="GET">Section 4.3.1</a>) 4082 </p> 4083 <p id="rfc.section.C.p.7">The definition of POST has been clarified. (<a href="#POST" id="rfc.xref.POST.4" title="POST">Section 4.3.3</a>) 4084 </p> 4085 <p id="rfc.section.C.p.8">Servers are no longer required to handle all Content-* header fields in requests. (<a href="#PUT" id="rfc.xref.PUT.4" title="PUT">Section 4.3.4</a>) 4086 </p> 4087 <p id="rfc.section.C.p.9">Use of <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a> is explicitly banned on PUT requests. (<a href="#PUT" id="rfc.xref.PUT.5" title="PUT">Section 4.3.4</a>) 4088 </p> 4089 <p id="rfc.section.C.p.10">The CONNECT method is now defined by this specification, taking over from <a href="#RFC2817" id="rfc.xref.RFC2817.2"><cite title="Upgrading to TLS Within HTTP/1.1">[RFC2817]</cite></a>. (<a href="#CONNECT" id="rfc.xref.CONNECT.3" title="CONNECT">Section 4.3.6</a>) 4090 </p> 4091 <p id="rfc.section.C.p.11">The requirements upon and semantics of CONNECT request and response bodies have been clarified. (<a href="#CONNECT" id="rfc.xref.CONNECT.4" title="CONNECT">Section 4.3.6</a>) 4092 </p> 4093 <p id="rfc.section.C.p.12">The <a href="#OPTIONS" class="smpl">OPTIONS</a> and <a href="#TRACE" class="smpl">TRACE</a> request methods are now defined as being safe. (<a href="#OPTIONS" id="rfc.xref.OPTIONS.4" title="OPTIONS">Section 4.3.7</a> and <a href="#TRACE" id="rfc.xref.TRACE.5" title="TRACE">Section 4.3.8</a>) 4103 4094 </p> 4104 4095 <p id="rfc.section.C.p.13">The <a href="#header.max-forwards" class="smpl">Max-Forwards</a> header field is now restricted to the OPTIONS and TRACE methods (previously, extension methods could have used it as well). 4105 (<a href="#header.max-forwards" id="rfc.xref.header.max-forwards.5" title="Max-Forwards">Section 6.1.1</a>)4096 (<a href="#header.max-forwards" id="rfc.xref.header.max-forwards.5" title="Max-Forwards">Section 5.1.1</a>) 4106 4097 </p> 4107 4098 <p id="rfc.section.C.p.14">The ABNF for the "<a href="#header.expect" class="smpl">Expect</a>" header field has been both fixed (allowing parameters for value-less expectations as well) and simplified (allowing trailing 4108 semicolons after "100-continue" when they were invalid before). (<a href="#header.expect" id="rfc.xref.header.expect.4" title="Expect">Section 6.1.2</a>)4109 </p> 4110 <p id="rfc.section.C.p.15">Special casing for ISO-8859-1 in <a href="#header.accept-charset" class="smpl">Accept-Charset</a> has been removed. (<a href="#header.accept-charset" id="rfc.xref.header.accept-charset.3" title="Accept-Charset">Section 6.3.3</a>)4111 </p> 4112 <p id="rfc.section.C.p.16">Requirements for sending the Date header field have been clarified. (<a href="#header.date" id="rfc.xref.header.date.4" title="Date">Section 8.1.1.2</a>)4113 </p> 4114 <p id="rfc.section.C.p.17">The <a href="#header.referer" class="smpl">Referer</a> header field can now have a value of "about:blank" as an alternative to not sending a Referer header field. (<a href="#header.referer" id="rfc.xref.header.referer.3" title="Referer">Section 6.5.2</a>)4099 semicolons after "100-continue" when they were invalid before). (<a href="#header.expect" id="rfc.xref.header.expect.4" title="Expect">Section 5.1.2</a>) 4100 </p> 4101 <p id="rfc.section.C.p.15">Special casing for ISO-8859-1 in <a href="#header.accept-charset" class="smpl">Accept-Charset</a> has been removed. (<a href="#header.accept-charset" id="rfc.xref.header.accept-charset.3" title="Accept-Charset">Section 5.3.3</a>) 4102 </p> 4103 <p id="rfc.section.C.p.16">Requirements for sending the Date header field have been clarified. (<a href="#header.date" id="rfc.xref.header.date.4" title="Date">Section 7.1.1.2</a>) 4104 </p> 4105 <p id="rfc.section.C.p.17">The <a href="#header.referer" class="smpl">Referer</a> header field can now have a value of "about:blank" as an alternative to not sending a Referer header field. (<a href="#header.referer" id="rfc.xref.header.referer.3" title="Referer">Section 5.5.2</a>)