Changeset 2053
- Timestamp:
- 17/12/12 00:26:52 (10 years ago)
- Location:
- draft-ietf-httpbis/latest
- Files:
-
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p1-messaging.html
r2052 r2053 449 449 } 450 450 @bottom-center { 451 content: "Expires June 1 8, 2013";451 content: "Expires June 19, 2013"; 452 452 } 453 453 @bottom-right { … … 491 491 <meta name="dct.creator" content="Reschke, J. F."> 492 492 <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p1-messaging-latest"> 493 <meta name="dct.issued" scheme="ISO8601" content="2012-12-1 5">493 <meta name="dct.issued" scheme="ISO8601" content="2012-12-16"> 494 494 <meta name="dct.replaces" content="urn:ietf:rfc:2145"> 495 495 <meta name="dct.replaces" content="urn:ietf:rfc:2616"> … … 520 520 <tr> 521 521 <td class="left">Intended status: Standards Track</td> 522 <td class="right">December 1 5, 2012</td>522 <td class="right">December 16, 2012</td> 523 523 </tr> 524 524 <tr> 525 <td class="left">Expires: June 1 8, 2013</td>525 <td class="left">Expires: June 19, 2013</td> 526 526 <td class="right"></td> 527 527 </tr> … … 551 551 in progress”. 552 552 </p> 553 <p>This Internet-Draft will expire on June 1 8, 2013.</p>553 <p>This Internet-Draft will expire on June 19, 2013.</p> 554 554 <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1> 555 555 <p>Copyright © 2012 IETF Trust and the persons identified as the document authors. All rights reserved.</p> … … 2479 2479 </p> 2480 2480 <h2 id="rfc.section.8.3"><a href="#rfc.section.8.3">8.3</a> <a id="attack.pathname" href="#attack.pathname">Attacks Based On File and Path Names</a></h2> 2481 <p id="rfc.section.8.3.p.1">Origin servers <em class="bcp14">SHOULD</em> be careful to restrict the documents sent byHTTP requests to be only those that were intended by the server administrators.2481 <p id="rfc.section.8.3.p.1">Origin servers <em class="bcp14">SHOULD</em> be careful to restrict the documents sent in response to HTTP requests to be only those that were intended by the server administrators. 2482 2482 If an HTTP server translates HTTP URIs directly into file system calls, the server <em class="bcp14">MUST</em> take special care not to serve files that were not intended to be delivered to HTTP clients. For example, UNIX, Microsoft 2483 2483 Windows, and other operating systems use ".." as a path component to indicate a directory level above the current one. On -
draft-ietf-httpbis/latest/p1-messaging.xml
r2052 r2053 3538 3538 <t> 3539 3539 Origin servers &SHOULD; be careful to restrict 3540 the documents sent byHTTP requests to be only those that were3540 the documents sent in response to HTTP requests to be only those that were 3541 3541 intended by the server administrators. If an HTTP server translates 3542 3542 HTTP URIs directly into file system calls, the server &MUST; take -
draft-ietf-httpbis/latest/p5-range.html
r2052 r2053 449 449 } 450 450 @bottom-center { 451 content: "Expires June 1 8, 2013";451 content: "Expires June 19, 2013"; 452 452 } 453 453 @bottom-right { … … 493 493 <meta name="dct.creator" content="Reschke, J. F."> 494 494 <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p5-range-latest"> 495 <meta name="dct.issued" scheme="ISO8601" content="2012-12-1 5">495 <meta name="dct.issued" scheme="ISO8601" content="2012-12-16"> 496 496 <meta name="dct.replaces" content="urn:ietf:rfc:2616"> 497 497 <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypertext information systems. This document defines range requests and the rules for constructing and combining responses to those requests."> … … 519 519 </tr> 520 520 <tr> 521 <td class="left">Expires: June 1 8, 2013</td>521 <td class="left">Expires: June 19, 2013</td> 522 522 <td class="right">J. Reschke, Editor</td> 523 523 </tr> … … 528 528 <tr> 529 529 <td class="left"></td> 530 <td class="right">December 1 5, 2012</td>530 <td class="right">December 16, 2012</td> 531 531 </tr> 532 532 </tbody> … … 553 553 in progress”. 554 554 </p> 555 <p>This Internet-Draft will expire on June 1 8, 2013.</p>555 <p>This Internet-Draft will expire on June 19, 2013.</p> 556 556 <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1> 557 557 <p>Copyright © 2012 IETF Trust and the persons identified as the document authors. All rights reserved.</p> … … 703 703 length of the selected resource.) 704 704 </p> 705 <p id="rfc.section.3.2.p.2">When this status code is sent for a byte-range request, the response <em class="bcp14">SHOULD</em> include a <a href="#header.content-range" class="smpl">Content-Range</a> header field specifying the current length of the representation (see <a href="#header.content-range" id="rfc.xref.header.content-range.3" title="Content-Range">Section 5.2</a>). This response <em class="bcp14">MUST NOT</em> use the multipart/byteranges content-type.705 <p id="rfc.section.3.2.p.2">When this status code is sent in response to a byte-range request, the response <em class="bcp14">SHOULD</em> include a <a href="#header.content-range" class="smpl">Content-Range</a> header field specifying the current length of the representation (see <a href="#header.content-range" id="rfc.xref.header.content-range.3" title="Content-Range">Section 5.2</a>). This response <em class="bcp14">MUST NOT</em> use the multipart/byteranges media type. 706 706 </p> 707 707 <div id="rfc.figure.u.2"></div> … … 1233 1233 <p id="rfc.section.B.p.2">The Content-Range header field only has meaning when the status code explicitly defines its use. (<a href="#header.content-range" id="rfc.xref.header.content-range.5" title="Content-Range">Section 5.2</a>) 1234 1234 </p> 1235 <p id="rfc.section.B.p.3">Servers are given more leeway in what they send to a range request, in order to mitigate malicious (or just greedy) clients.</p> 1235 <p id="rfc.section.B.p.3">Servers are given more leeway in how they respond to a range request, in order to mitigate abuse by malicious (or just greedy) 1236 clients. 1237 </p> 1236 1238 <p id="rfc.section.B.p.4">multipart/byteranges can consist of a single part. (<a href="#internet.media.type.multipart.byteranges" title="Internet Media Type multipart/byteranges">Appendix A</a>) 1237 1239 </p> -
draft-ietf-httpbis/latest/p5-range.xml
r2052 r2053 296 296 </t> 297 297 <t> 298 When this status code is sent fora byte-range request, the298 When this status code is sent in response to a byte-range request, the 299 299 response &SHOULD; include a <x:ref>Content-Range</x:ref> header field 300 300 specifying the current length of the representation (see <xref target="header.content-range"/>). 301 This response &MUST-NOT; use the multipart/byteranges content-type.301 This response &MUST-NOT; use the multipart/byteranges media type. 302 302 </t> 303 303 <figure> … … 1307 1307 </t> 1308 1308 <t> 1309 Servers are given more leeway in what they send to a range request,1310 in order to mitigate malicious (or just greedy) clients.1309 Servers are given more leeway in how they respond to a range request, 1310 in order to mitigate abuse by malicious (or just greedy) clients. 1311 1311 </t> 1312 1312 <t> -
draft-ietf-httpbis/latest/p6-cache.html
r2052 r2053 452 452 } 453 453 @bottom-center { 454 content: "Expires June 1 8, 2013";454 content: "Expires June 19, 2013"; 455 455 } 456 456 @bottom-right { … … 498 498 <meta name="dct.creator" content="Reschke, J. F."> 499 499 <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p6-cache-latest"> 500 <meta name="dct.issued" scheme="ISO8601" content="2012-12-1 5">500 <meta name="dct.issued" scheme="ISO8601" content="2012-12-16"> 501 501 <meta name="dct.replaces" content="urn:ietf:rfc:2616"> 502 502 <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypertext information systems. This document defines requirements on HTTP caches and the associated header fields that control cache behavior or indicate cacheable response messages."> … … 524 524 </tr> 525 525 <tr> 526 <td class="left">Expires: June 1 8, 2013</td>526 <td class="left">Expires: June 19, 2013</td> 527 527 <td class="right">J. Reschke, Editor</td> 528 528 </tr> … … 533 533 <tr> 534 534 <td class="left"></td> 535 <td class="right">December 1 5, 2012</td>535 <td class="right">December 16, 2012</td> 536 536 </tr> 537 537 </tbody> … … 559 559 in progress”. 560 560 </p> 561 <p>This Internet-Draft will expire on June 1 8, 2013.</p>561 <p>This Internet-Draft will expire on June 19, 2013.</p> 562 562 <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1> 563 563 <p>Copyright © 2012 IETF Trust and the persons identified as the document authors. All rights reserved.</p> … … 727 727 </p> 728 728 <ul class="empty"> 729 <li>The time at which the origin server intends that a representation no longer be sentby a cache without further validation.</li>729 <li>The time at which the origin server intends that a representation no longer be used by a cache without further validation.</li> 730 730 </ul> 731 731 <p id="rfc.section.1.2.p.7"> <span id="rfc.iref.h.1"></span> <dfn>heuristic expiration time</dfn> -
draft-ietf-httpbis/latest/p6-cache.xml
r2052 r2053 211 211 <list> 212 212 <t>The time at which the origin server intends that a representation 213 no longer be sentby a cache without further validation.</t>213 no longer be used by a cache without further validation.</t> 214 214 </list> 215 215 </t>
Note: See TracChangeset
for help on using the changeset viewer.