Changeset 211
- Timestamp:
- 14/02/08 11:18:11 (14 years ago)
- Location:
- draft-ietf-httpbis/latest
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/outlineALL.html
r210 r211 325 325 <li class="tocline0">2. <a href="p3-payload.html#notation">Notational Conventions and Generic Grammar</a></li> 326 326 <li class="tocline0">3. <a href="p3-payload.html#protocol.parameters">Protocol Parameters</a><ul class="toc"> 327 <li class="tocline1">3.1 <a href="p3-payload.html#character.sets">Character Sets</a></li> 327 <li class="tocline1">3.1 <a href="p3-payload.html#character.sets">Character Sets</a><ul class="toc"> 328 <li class="tocline1">3.1.1 <a href="p3-payload.html#missing.charset">Missing Charset</a></li> 329 </ul> 330 </li> 328 331 <li class="tocline1">3.2 <a href="p3-payload.html#content.codings">Content Codings</a></li> 329 332 <li class="tocline1">3.3 <a href="p3-payload.html#media.types">Media Types</a><ul class="toc"> -
draft-ietf-httpbis/latest/p3-payload.html
r209 r211 486 486 <li class="tocline0">2. <a href="#notation">Notational Conventions and Generic Grammar</a></li> 487 487 <li class="tocline0">3. <a href="#protocol.parameters">Protocol Parameters</a><ul class="toc"> 488 <li class="tocline1">3.1 <a href="#character.sets">Character Sets</a></li> 488 <li class="tocline1">3.1 <a href="#character.sets">Character Sets</a><ul class="toc"> 489 <li class="tocline1">3.1.1 <a href="#missing.charset">Missing Charset</a></li> 490 </ul> 491 </li> 489 492 <li class="tocline1">3.2 <a href="#content.codings">Content Codings</a></li> 490 493 <li class="tocline1">3.3 <a href="#media.types">Media Types</a><ul class="toc"> … … 629 632 <p id="rfc.section.3.1.p.8">Implementors should be aware of IETF character set requirements <a href="#RFC3629" id="rfc.xref.RFC3629.1"><cite title="UTF-8, a transformation format of ISO 10646">[RFC3629]</cite></a> <a href="#RFC2277" id="rfc.xref.RFC2277.1"><cite title="IETF Policy on Character Sets and Languages">[RFC2277]</cite></a>. 630 633 </p> 634 <h3 id="rfc.section.3.1.1"><a href="#rfc.section.3.1.1">3.1.1</a> <a id="missing.charset" href="#missing.charset">Missing Charset</a></h3> 635 <p id="rfc.section.3.1.1.p.1">Some HTTP/1.0 software has interpreted a Content-Type header without charset parameter incorrectly to mean "recipient should 636 guess." Senders wishing to defeat this behavior <em class="bcp14">MAY</em> include a charset parameter even when the charset is ISO-8859-1 (<a href="#ISO-8859-1" id="rfc.xref.ISO-8859-1.1"><cite title="Information technology -- 8-bit single-byte coded graphic character sets -- Part 1: Latin alphabet No. 1">[ISO-8859-1]</cite></a>) and <em class="bcp14">SHOULD</em> do so when it is known that it will not confuse the recipient. 637 </p> 638 <p id="rfc.section.3.1.1.p.2">Unfortunately, some older HTTP/1.0 clients did not deal properly with an explicit charset parameter. HTTP/1.1 recipients <em class="bcp14">MUST</em> respect the charset label provided by the sender; and those user agents that have a provision to "guess" a charset <em class="bcp14">MUST</em> use the charset from the content-type field if they support that charset, rather than the recipient's preference, when initially 639 displaying a document. See <a href="#canonicalization.and.text.defaults" title="Canonicalization and Text Defaults">Section 3.3.1</a>. 640 </p> 631 641 <h2 id="rfc.section.3.2"><a href="#rfc.section.3.2">3.2</a> <a id="content.codings" href="#content.codings">Content Codings</a></h2> 632 642 <p id="rfc.section.3.2.p.1">Content coding values indicate an encoding transformation that has been or can be applied to an entity. Content codings are … … 711 721 <p id="rfc.section.3.3.1.p.3">If an entity-body is encoded with a content-coding, the underlying data <em class="bcp14">MUST</em> be in a form defined above prior to being encoded. 712 722 </p> 713 <p id="rfc.section.3.3.1.p.4">HTTP/1.1 recipients <em class="bcp14">MUST</em> respect the charset label provided by the sender; and those user agents that have a provision to "guess" a charset <em class="bcp14">MUST</em> use the charset from the content-type field if they support that charset, rather than the recipient's preference, when initially 714 displaying a document. 723 <p id="rfc.section.3.3.1.p.4">The "charset" parameter is used with some media types to define the character set (<a href="#character.sets" title="Character Sets">Section 3.1</a>) of the data. When no explicit charset parameter is provided by the sender, media subtypes of the "text" type are defined 724 to have a default charset value of "ISO-8859-1" when received via HTTP. Data in character sets other than "ISO-8859-1" or 725 its subsets <em class="bcp14">MUST</em> be labeled with an appropriate charset value. See <a href="#missing.charset" title="Missing Charset">Section 3.1.1</a> for compatibility problems. 715 726 </p> 716 727 <h3 id="rfc.section.3.3.2"><a href="#rfc.section.3.3.2">3.3.2</a> <a id="multipart.types" href="#multipart.types">Multipart Types</a></h3> … … 1192 1203 as described by this document. The discussion does not include definitive solutions to the problems revealed, though it does 1193 1204 make some suggestions for reducing security risks. 1194 </p>1195 <p id="rfc.section.8.p.2"> <span class="comment">[sec.charset.sniffing: Point out the risks related to character set sniffing, in particular for UTF-7. See <<a href="http://tools.ietf.org/wg/httpbis/trac/ticket/20#comment:4">http://tools.ietf.org/wg/httpbis/trac/ticket/20#comment:4</a>>.]</span>1196 1205 </p> 1197 1206 <h2 id="rfc.section.8.1"><a href="#rfc.section.8.1">8.1</a> <a id="privacy.issues.connected.to.accept.headers" href="#privacy.issues.connected.to.accept.headers">Privacy Issues Connected to Accept Headers</a></h2> … … 1491 1500 <p id="rfc.section.C.2.p.1">Clarify contexts that charset is used in. (<a href="#character.sets" title="Character Sets">Section 3.1</a>) 1492 1501 </p> 1493 <p id="rfc.section.C.2.p.2">Remove character set defaulting for text media types. (<a href="#canonicalization.and.text.defaults" title="Canonicalization and Text Defaults">Section 3.3.1</a>) 1494 </p> 1495 <p id="rfc.section.C.2.p.3">Remove reference to non-existant identity transfer-coding value tokens. (<a href="#no.content-transfer-encoding" title="No Content-Transfer-Encoding">Appendix A.4</a>) 1502 <p id="rfc.section.C.2.p.2">Remove reference to non-existant identity transfer-coding value tokens. (<a href="#no.content-transfer-encoding" title="No Content-Transfer-Encoding">Appendix A.4</a>) 1496 1503 </p> 1497 1504 <h1 id="rfc.section.D"><a href="#rfc.section.D">D.</a> Change Log (to be removed by RFC Editor before publication) … … 1530 1537 <h2 id="rfc.section.D.3"><a href="#rfc.section.D.3">D.3</a> Since draft-ietf-httpbis-p3-payload-01 1531 1538 </h2> 1532 <p id="rfc.section.D.3.p.1">Ongoing work on text media type charset defaults (<<a href="http://www3.tools.ietf.org/wg/httpbis/trac/ticket/20">http://www3.tools.ietf.org/wg/httpbis/trac/ticket/20</a>>): 1533 </p> 1534 <ul> 1535 <li>Remove the ISO-8859-1 default.</li> 1536 </ul> 1537 <p id="rfc.section.D.3.p.2">Ongoing work on ABNF conversion (<<a href="http://www3.tools.ietf.org/wg/httpbis/trac/ticket/36">http://www3.tools.ietf.org/wg/httpbis/trac/ticket/36</a>>): 1539 <p id="rfc.section.D.3.p.1">Ongoing work on ABNF conversion (<<a href="http://www3.tools.ietf.org/wg/httpbis/trac/ticket/36">http://www3.tools.ietf.org/wg/httpbis/trac/ticket/36</a>>): 1538 1540 </p> 1539 1541 <ul> … … 1668 1670 <li class="indline0"><a id="rfc.index.I" href="#rfc.index.I"><b>I</b></a><ul class="ind"> 1669 1671 <li class="indline1">identity <a class="iref" href="#rfc.iref.i.1">3.2</a></li> 1670 <li class="indline1"><em>ISO-8859-1</em> <a class="iref" href="# ISO-8859-1"><b>10.1</b></a></li>1672 <li class="indline1"><em>ISO-8859-1</em> <a class="iref" href="#rfc.xref.ISO-8859-1.1">3.1.1</a>, <a class="iref" href="#ISO-8859-1"><b>10.1</b></a></li> 1671 1673 </ul> 1672 1674 </li> -
draft-ietf-httpbis/latest/p3-payload.xml
r209 r211 348 348 <xref target="RFC2277"/>. 349 349 </t> 350 351 <section title="Missing Charset" anchor="missing.charset"> 352 <t> 353 Some HTTP/1.0 software has interpreted a Content-Type header without 354 charset parameter incorrectly to mean "recipient should guess." 355 Senders wishing to defeat this behavior &MAY; include a charset 356 parameter even when the charset is ISO-8859-1 (<xref target="ISO-8859-1"/>) and &SHOULD; do so when 357 it is known that it will not confuse the recipient. 358 </t> 359 <t> 360 Unfortunately, some older HTTP/1.0 clients did not deal properly with 361 an explicit charset parameter. HTTP/1.1 recipients &MUST; respect the 362 charset label provided by the sender; and those user agents that have 363 a provision to "guess" a charset &MUST; use the charset from the 364 content-type field if they support that charset, rather than the 365 recipient's preference, when initially displaying a document. See 366 <xref target="canonicalization.and.text.defaults"/>. 367 </t> 368 </section> 350 369 </section> 351 370 … … 495 514 </t> 496 515 <t> 497 HTTP/1.1 recipients &MUST; respect the charset label provided by the 498 sender; and those user agents that have a provision to "guess" a charset 499 &MUST; use the charset from the content-type field if they support that 500 charset, rather than the recipient's preference, when initially displaying 501 a document. 516 The "charset" parameter is used with some media types to define the 517 character set (<xref target="character.sets"/>) of the data. When no explicit charset 518 parameter is provided by the sender, media subtypes of the "text" 519 type are defined to have a default charset value of "ISO-8859-1" when 520 received via HTTP. Data in character sets other than "ISO-8859-1" or 521 its subsets &MUST; be labeled with an appropriate charset value. See 522 <xref target="missing.charset"/> for compatibility problems. 502 523 </t> 503 524 </section> … … 1433 1454 some suggestions for reducing security risks. 1434 1455 </t> 1435 <t>1436 <cref anchor="sec.charset.sniffing">1437 Point out the risks related to character set sniffing, in particular for1438 UTF-7. See <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/20#comment:4"/>.1439 </cref>1440 </t>1441 1456 1442 1457 <section title="Privacy Issues Connected to Accept Headers" anchor="privacy.issues.connected.to.accept.headers"> … … 2352 2367 Clarify contexts that charset is used in. 2353 2368 (<xref target="character.sets"/>) 2354 </t>2355 <t>2356 Remove character set defaulting for text media types.2357 (<xref target="canonicalization.and.text.defaults"/>)2358 2369 </t> 2359 2370 <t> … … 2430 2441 <section title="Since draft-ietf-httpbis-p3-payload-01"> 2431 2442 <t> 2432 Ongoing work on text media type charset defaults (<eref target="http://www3.tools.ietf.org/wg/httpbis/trac/ticket/20"/>):2433 <list style="symbols">2434 <t>2435 Remove the ISO-8859-1 default.2436 </t>2437 </list>2438 </t>2439 <t>2440 2443 Ongoing work on ABNF conversion (<eref target="http://www3.tools.ietf.org/wg/httpbis/trac/ticket/36"/>): 2441 2444 <list style="symbols">
Note: See TracChangeset
for help on using the changeset viewer.