Ignore:
Timestamp:
23/01/14 08:51:09 (6 years ago)
Author:
fielding@…
Message:

(editorial) Use more specific headers in security section for clarity and put related sections next to each other; see #520 and #549

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p2-semantics.html

    r2566 r2567  
    448448  }
    449449  @bottom-center {
    450        content: "Expires July 26, 2014";
     450       content: "Expires July 27, 2014";
    451451  }
    452452  @bottom-right {
     
    493493      <meta name="dct.creator" content="Reschke, J. F.">
    494494      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p2-semantics-latest">
    495       <meta name="dct.issued" scheme="ISO8601" content="2014-01-22">
     495      <meta name="dct.issued" scheme="ISO8601" content="2014-01-23">
    496496      <meta name="dct.replaces" content="urn:ietf:rfc:2616">
    497497      <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems. This document defines the semantics of HTTP/1.1 messages, as expressed by request methods, request header fields, response status codes, and response header fields, along with the payload of messages (metadata and body content) and mechanisms for content negotiation.">
     
    521521            <tr>
    522522               <td class="left">Intended status: Standards Track</td>
    523                <td class="right">January 22, 2014</td>
     523               <td class="right">January 23, 2014</td>
    524524            </tr>
    525525            <tr>
    526                <td class="left">Expires: July 26, 2014</td>
     526               <td class="left">Expires: July 27, 2014</td>
    527527               <td class="right"></td>
    528528            </tr>
     
    553553            in progress”.
    554554         </p>
    555          <p>This Internet-Draft will expire on July 26, 2014.</p>
     555         <p>This Internet-Draft will expire on July 27, 2014.</p>
    556556      </div>
    557557      <div id="rfc.copyrightnotice">
     
    765765               <li><a href="#rfc.section.9.1">9.1</a>&nbsp;&nbsp;&nbsp;<a href="#attack.pathname">Attacks Based On File and Path Names</a></li>
    766766               <li><a href="#rfc.section.9.2">9.2</a>&nbsp;&nbsp;&nbsp;<a href="#attack.injection">Attacks Based On Command, Code, or Query Injection</a></li>
    767                <li><a href="#rfc.section.9.3">9.3</a>&nbsp;&nbsp;&nbsp;<a href="#personal.information">Personal Information</a></li>
    768                <li><a href="#rfc.section.9.4">9.4</a>&nbsp;&nbsp;&nbsp;<a href="#sensitive.information.in.uris">Sensitive Information in URIs</a></li>
    769                <li><a href="#rfc.section.9.5">9.5</a>&nbsp;&nbsp;&nbsp;<a href="#sensitive.information.in.product">Product Information</a></li>
    770                <li><a href="#rfc.section.9.6">9.6</a>&nbsp;&nbsp;&nbsp;<a href="#fragment.leakage">Fragment after Redirects</a></li>
     767               <li><a href="#rfc.section.9.3">9.3</a>&nbsp;&nbsp;&nbsp;<a href="#personal.information">Disclosure of Personal Information</a></li>
     768               <li><a href="#rfc.section.9.4">9.4</a>&nbsp;&nbsp;&nbsp;<a href="#sensitive.information.in.uris">Disclosure of Sensitive Information in URIs</a></li>
     769               <li><a href="#rfc.section.9.5">9.5</a>&nbsp;&nbsp;&nbsp;<a href="#fragment.disclosure">Disclosure of Fragment after Redirects</a></li>
     770               <li><a href="#rfc.section.9.6">9.6</a>&nbsp;&nbsp;&nbsp;<a href="#disclosure.product.information">Disclosure of Product Information</a></li>
    771771               <li><a href="#rfc.section.9.7">9.7</a>&nbsp;&nbsp;&nbsp;<a href="#fingerprinting">Browser Fingerprinting</a></li>
    772772            </ul>
     
    22402240                  is a privacy concern if the referring resource's identifier reveals personal information (such as an account name) or a resource
    22412241                  that is supposed to be confidential (such as behind a firewall or internal to a secured service). Most general-purpose user
    2242                   agents do not send the Referer header field when the referring resource is a local "file" or "data" URI. A user agent <em class="bcp14">MUST NOT</em> send a <a href="#header.referer" class="smpl">Referer</a> header field in an unsecured HTTP request if the referring page was received with a secure protocol. See <a href="#sensitive.information.in.uris" title="Sensitive Information in URIs">Section&nbsp;9.4</a> for additional security considerations.
     2242                  agents do not send the Referer header field when the referring resource is a local "file" or "data" URI. A user agent <em class="bcp14">MUST NOT</em> send a <a href="#header.referer" class="smpl">Referer</a> header field in an unsecured HTTP request if the referring page was received with a secure protocol. See <a href="#sensitive.information.in.uris" title="Disclosure of Sensitive Information in URIs">Section&nbsp;9.4</a> for additional security considerations.
    22432243               </p>
    22442244               <p id="rfc.section.5.5.2.p.8">Some intermediaries have been known to indiscriminately remove Referer header fields from outgoing requests. This has the
     
    41654165         <div id="attack.injection">
    41664166            <h2 id="rfc.section.9.2"><a href="#rfc.section.9.2">9.2</a>&nbsp;<a href="#attack.injection">Attacks Based On Command, Code, or Query Injection</a></h2>
    4167             <p id="rfc.section.9.2.p.1">Origin servers often use parameters within an effective request URI as a means of identifying system services, selecting database
    4168                entries, or choosing a data source. However, data received in a request cannot be trusted. An attacker could construct any
    4169                of the request data elements (method, request-target, header fields, or body) to contain data that might be misinterpreted
    4170                as a command, code, or query when passed through a command invocation, language interpreter, or database interface.
    4171             </p>
    4172             <p id="rfc.section.9.2.p.2">For example, SQL injection is a common attack wherein additional query language is inserted within a part of the URI. If that
    4173                same part is directly used by the resource implementation within a SELECT statement, the query language will be interpreted
    4174                as a database command instead of a simple string value. This type of implementation vulnerability is extremely common, in
    4175                spite of being easy to prevent.
     4167            <p id="rfc.section.9.2.p.1">Origin servers often use parameters within the URI as a means of identifying system services, selecting database entries,
     4168               or choosing a data source. However, data received in a request cannot be trusted. An attacker could construct any of the request
     4169               data elements (method, request-target, header fields, or body) to contain data that might be misinterpreted as a command,
     4170               code, or query when passed through a command invocation, language interpreter, or database interface.
     4171            </p>
     4172            <p id="rfc.section.9.2.p.2">For example, SQL injection is a common attack wherein additional query language is inserted within some part of the request-target
     4173               or header fields (e.g., <a href="p1-messaging.html#header.host" class="smpl">Host</a>, <a href="#header.referer" class="smpl">Referer</a>, etc.). If the received data is used directly within a SELECT statement, the query language might be interpreted as a database
     4174               command instead of a simple string value. This type of implementation vulnerability is extremely common, in spite of being
     4175               easy to prevent.
    41764176            </p>
    41774177            <p id="rfc.section.9.2.p.3">In general, resource implementations ought to avoid use of request data in contexts that are processed or interpreted as instructions.
     
    41854185         </div>
    41864186         <div id="personal.information">
    4187             <h2 id="rfc.section.9.3"><a href="#rfc.section.9.3">9.3</a>&nbsp;<a href="#personal.information">Personal Information</a></h2>
     4187            <h2 id="rfc.section.9.3"><a href="#rfc.section.9.3">9.3</a>&nbsp;<a href="#personal.information">Disclosure of Personal Information</a></h2>
    41884188            <p id="rfc.section.9.3.p.1">Clients are often privy to large amounts of personal information, including both information provided by the user to interact
    41894189               with resources (e.g., the user's name, location, mail address, passwords, encryption keys, etc.) and information about the
     
    41934193         </div>
    41944194         <div id="sensitive.information.in.uris">
    4195             <h2 id="rfc.section.9.4"><a href="#rfc.section.9.4">9.4</a>&nbsp;<a href="#sensitive.information.in.uris">Sensitive Information in URIs</a></h2>
     4195            <h2 id="rfc.section.9.4"><a href="#rfc.section.9.4">9.4</a>&nbsp;<a href="#sensitive.information.in.uris">Disclosure of Sensitive Information in URIs</a></h2>
    41964196            <p id="rfc.section.9.4.p.1">URIs are intended to be shared, not secured, even when they identify secure resources. URIs are often shown on displays, added
    41974197               to templates when a page is printed, and stored in a variety of unprotected bookmark lists. It is therefore unwise to include
     
    42074207            </p>
    42084208         </div>
    4209          <div id="sensitive.information.in.product">
    4210             <h2 id="rfc.section.9.5"><a href="#rfc.section.9.5">9.5</a>&nbsp;<a href="#sensitive.information.in.product">Product Information</a></h2>
    4211             <p id="rfc.section.9.5.p.1">The <a href="#header.user-agent" class="smpl">User-Agent</a> (<a href="#header.user-agent" id="rfc.xref.header.user-agent.4" title="User-Agent">Section&nbsp;5.5.3</a>), <a href="p1-messaging.html#header.via" class="smpl">Via</a> (<a href="p1-messaging.html#header.via" title="Via">Section 5.7.1</a> of <a href="#Part1" id="rfc.xref.Part1.43"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>), and <a href="#header.server" class="smpl">Server</a> (<a href="#header.server" id="rfc.xref.header.server.3" title="Server">Section&nbsp;7.4.2</a>) header fields often reveal information about the respective sender's software systems. In theory, this can make it easier
     4209         <div id="fragment.disclosure">
     4210            <h2 id="rfc.section.9.5"><a href="#rfc.section.9.5">9.5</a>&nbsp;<a href="#fragment.disclosure">Disclosure of Fragment after Redirects</a></h2>
     4211            <p id="rfc.section.9.5.p.1">Although fragment identifiers used within URI references are not sent in requests, implementers ought to be aware that they
     4212               will be visible to the user agent and any extensions or scripts running as a result of the response. In particular, when a
     4213               redirect occurs and the original request's fragment identifier is inherited by the new reference in <a href="#header.location" class="smpl">Location</a> (<a href="#header.location" id="rfc.xref.header.location.5" title="Location">Section&nbsp;7.1.2</a>), this might have the effect of disclosing one site's fragment to another site. If the first site uses personal information
     4214               in fragments, it ought to ensure that redirects to other sites include a (possibly empty) fragment component in order to block
     4215               that inheritance.
     4216            </p>
     4217         </div>
     4218         <div id="disclosure.product.information">
     4219            <h2 id="rfc.section.9.6"><a href="#rfc.section.9.6">9.6</a>&nbsp;<a href="#disclosure.product.information">Disclosure of Product Information</a></h2>
     4220            <p id="rfc.section.9.6.p.1">The <a href="#header.user-agent" class="smpl">User-Agent</a> (<a href="#header.user-agent" id="rfc.xref.header.user-agent.4" title="User-Agent">Section&nbsp;5.5.3</a>), <a href="p1-messaging.html#header.via" class="smpl">Via</a> (<a href="p1-messaging.html#header.via" title="Via">Section 5.7.1</a> of <a href="#Part1" id="rfc.xref.Part1.43"><cite title="Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing">[Part1]</cite></a>), and <a href="#header.server" class="smpl">Server</a> (<a href="#header.server" id="rfc.xref.header.server.3" title="Server">Section&nbsp;7.4.2</a>) header fields often reveal information about the respective sender's software systems. In theory, this can make it easier
    42124221               for an attacker to exploit known security holes; in practice, attackers tend to try all potential holes regardless of the
    42134222               apparent software versions being used.
    42144223            </p>
    4215             <p id="rfc.section.9.5.p.2">Proxies that serve as a portal through a network firewall ought to take special precautions regarding the transfer of header
     4224            <p id="rfc.section.9.6.p.2">Proxies that serve as a portal through a network firewall ought to take special precautions regarding the transfer of header
    42164225               information that might identify hosts behind the firewall. The <a href="p1-messaging.html#header.via" class="smpl">Via</a> header field allows intermediaries to replace sensitive machine names with pseudonyms.
    4217             </p>
    4218          </div>
    4219          <div id="fragment.leakage">
    4220             <h2 id="rfc.section.9.6"><a href="#rfc.section.9.6">9.6</a>&nbsp;<a href="#fragment.leakage">Fragment after Redirects</a></h2>
    4221             <p id="rfc.section.9.6.p.1">Although fragment identifiers used within URI references are not sent in requests, implementers ought to be aware that they
    4222                will be visible to the user agent and any extensions or scripts running as a result of the response. In particular, when a
    4223                redirect occurs and the original request's fragment identifier is inherited by the new reference in <a href="#header.location" class="smpl">Location</a> (<a href="#header.location" id="rfc.xref.header.location.5" title="Location">Section&nbsp;7.1.2</a>), this might have the effect of leaking one site's fragment to another site. If the first site uses personal information
    4224                in fragments, it ought to ensure that redirects to other sites include a (possibly empty) fragment component in order to block
    4225                that inheritance.
    42264226            </p>
    42274227         </div>
     
    43524352         <tr>
    43534353            <td class="reference"><b id="OWASP">[OWASP]</b></td>
    4354             <td class="top">“<a href="https://www.owasp.org/">A Guide to Building Secure Web Applications and Web Services</a>”, The Open Web Application Security Project (OWASP)&nbsp;2.0.1, July&nbsp;2005, &lt;<a href="https://www.owasp.org/">https://www.owasp.org/</a>&gt;.
     4354            <td class="top">van der Stock, A., Ed., “<a href="https://www.owasp.org/">A Guide to Building Secure Web Applications and Web Services</a>”, The Open Web Application Security Project (OWASP)&nbsp;2.0.1, July&nbsp;2005, &lt;<a href="https://www.owasp.org/">https://www.owasp.org/</a>&gt;.
    43554355            </td>
    43564356         </tr>
     
    49774977            </li>
    49784978            <li><a id="rfc.index.L" href="#rfc.index.L"><b>L</b></a><ul>
    4979                   <li>Location header field&nbsp;&nbsp;<a href="#rfc.xref.header.location.1">4.3.3</a>, <a href="#rfc.xref.header.location.2">6.4</a>, <a href="#rfc.xref.header.location.3">7.1</a>, <a href="#rfc.iref.l.1"><b>7.1.2</b></a>, <a href="#rfc.xref.header.location.4">8.3.2</a>, <a href="#rfc.xref.header.location.5">9.6</a>, <a href="#rfc.xref.header.location.6">B</a></li>
     4979                  <li>Location header field&nbsp;&nbsp;<a href="#rfc.xref.header.location.1">4.3.3</a>, <a href="#rfc.xref.header.location.2">6.4</a>, <a href="#rfc.xref.header.location.3">7.1</a>, <a href="#rfc.iref.l.1"><b>7.1.2</b></a>, <a href="#rfc.xref.header.location.4">8.3.2</a>, <a href="#rfc.xref.header.location.5">9.5</a>, <a href="#rfc.xref.header.location.6">B</a></li>
    49804980               </ul>
    49814981            </li>
     
    49914991            </li>
    49924992            <li><a id="rfc.index.P" href="#rfc.index.P"><b>P</b></a><ul>
    4993                   <li><em>Part1</em>&nbsp;&nbsp;<a href="#rfc.xref.Part1.1">1</a>, <a href="#rfc.xref.Part1.2">1.1</a>, <a href="#rfc.xref.Part1.3">1.2</a>, <a href="#rfc.xref.Part1.4">2</a>, <a href="#rfc.xref.Part1.5">2</a>, <a href="#rfc.xref.Part1.6">2</a>, <a href="#rfc.xref.Part1.7">3.1.2.1</a>, <a href="#rfc.xref.Part1.8">3.1.2.1</a>, <a href="#rfc.xref.Part1.9">3.1.2.1</a>, <a href="#rfc.xref.Part1.10">3.1.2.2</a>, <a href="#rfc.xref.Part1.11">3.1.4.1</a>, <a href="#rfc.xref.Part1.12">3.1.4.2</a>, <a href="#rfc.xref.Part1.13">3.3</a>, <a href="#rfc.xref.Part1.14">3.3</a>, <a href="#rfc.xref.Part1.15">4.3.6</a>, <a href="#rfc.xref.Part1.16">4.3.7</a>, <a href="#rfc.xref.Part1.17">4.3.8</a>, <a href="#rfc.xref.Part1.18">4.3.8</a>, <a href="#rfc.xref.Part1.19">5.1</a>, <a href="#rfc.xref.Part1.20">5.1</a>, <a href="#rfc.xref.Part1.21">5.1.1</a>, <a href="#rfc.xref.Part1.22">5.5.3</a>, <a href="#rfc.xref.Part1.23">6.2.2</a>, <a href="#rfc.xref.Part1.24">6.3.4</a>, <a href="#rfc.xref.Part1.25">6.5.7</a>, <a href="#rfc.xref.Part1.26">6.5.10</a>, <a href="#rfc.xref.Part1.27">6.5.12</a>, <a href="#rfc.xref.Part1.28">6.5.15</a>, <a href="#rfc.xref.Part1.29">6.6.6</a>, <a href="#rfc.xref.Part1.30">7.4.2</a>, <a href="#rfc.xref.Part1.31">8.1.2</a>, <a href="#rfc.xref.Part1.32">8.3.1</a>, <a href="#rfc.xref.Part1.33">8.3.1</a>, <a href="#rfc.xref.Part1.34">8.3.1</a>, <a href="#rfc.xref.Part1.35">8.3.1</a>, <a href="#rfc.xref.Part1.36">8.3.1</a>, <a href="#rfc.xref.Part1.37">8.3.1</a>, <a href="#rfc.xref.Part1.38">8.3.1</a>, <a href="#rfc.xref.Part1.39">8.4</a>, <a href="#rfc.xref.Part1.40">8.4.1</a>, <a href="#rfc.xref.Part1.41">8.4.1</a>, <a href="#rfc.xref.Part1.42">9</a>, <a href="#rfc.xref.Part1.43">9.5</a>, <a href="#rfc.xref.Part1.44">10</a>, <a href="#Part1"><b>11.1</b></a>, <a href="#rfc.xref.Part1.45">B</a>, <a href="#rfc.xref.Part1.46">C</a>, <a href="#rfc.xref.Part1.47">C</a>, <a href="#rfc.xref.Part1.48">C</a>, <a href="#rfc.xref.Part1.49">C</a>, <a href="#rfc.xref.Part1.50">C</a>, <a href="#rfc.xref.Part1.51">C</a>, <a href="#rfc.xref.Part1.52">C</a>, <a href="#rfc.xref.Part1.53">C</a>, <a href="#rfc.xref.Part1.54">C</a>, <a href="#rfc.xref.Part1.55">C</a>, <a href="#rfc.xref.Part1.56">C</a>, <a href="#rfc.xref.Part1.57">D</a><ul>
     4993                  <li><em>Part1</em>&nbsp;&nbsp;<a href="#rfc.xref.Part1.1">1</a>, <a href="#rfc.xref.Part1.2">1.1</a>, <a href="#rfc.xref.Part1.3">1.2</a>, <a href="#rfc.xref.Part1.4">2</a>, <a href="#rfc.xref.Part1.5">2</a>, <a href="#rfc.xref.Part1.6">2</a>, <a href="#rfc.xref.Part1.7">3.1.2.1</a>, <a href="#rfc.xref.Part1.8">3.1.2.1</a>, <a href="#rfc.xref.Part1.9">3.1.2.1</a>, <a href="#rfc.xref.Part1.10">3.1.2.2</a>, <a href="#rfc.xref.Part1.11">3.1.4.1</a>, <a href="#rfc.xref.Part1.12">3.1.4.2</a>, <a href="#rfc.xref.Part1.13">3.3</a>, <a href="#rfc.xref.Part1.14">3.3</a>, <a href="#rfc.xref.Part1.15">4.3.6</a>, <a href="#rfc.xref.Part1.16">4.3.7</a>, <a href="#rfc.xref.Part1.17">4.3.8</a>, <a href="#rfc.xref.Part1.18">4.3.8</a>, <a href="#rfc.xref.Part1.19">5.1</a>, <a href="#rfc.xref.Part1.20">5.1</a>, <a href="#rfc.xref.Part1.21">5.1.1</a>, <a href="#rfc.xref.Part1.22">5.5.3</a>, <a href="#rfc.xref.Part1.23">6.2.2</a>, <a href="#rfc.xref.Part1.24">6.3.4</a>, <a href="#rfc.xref.Part1.25">6.5.7</a>, <a href="#rfc.xref.Part1.26">6.5.10</a>, <a href="#rfc.xref.Part1.27">6.5.12</a>, <a href="#rfc.xref.Part1.28">6.5.15</a>, <a href="#rfc.xref.Part1.29">6.6.6</a>, <a href="#rfc.xref.Part1.30">7.4.2</a>, <a href="#rfc.xref.Part1.31">8.1.2</a>, <a href="#rfc.xref.Part1.32">8.3.1</a>, <a href="#rfc.xref.Part1.33">8.3.1</a>, <a href="#rfc.xref.Part1.34">8.3.1</a>, <a href="#rfc.xref.Part1.35">8.3.1</a>, <a href="#rfc.xref.Part1.36">8.3.1</a>, <a href="#rfc.xref.Part1.37">8.3.1</a>, <a href="#rfc.xref.Part1.38">8.3.1</a>, <a href="#rfc.xref.Part1.39">8.4</a>, <a href="#rfc.xref.Part1.40">8.4.1</a>, <a href="#rfc.xref.Part1.41">8.4.1</a>, <a href="#rfc.xref.Part1.42">9</a>, <a href="#rfc.xref.Part1.43">9.6</a>, <a href="#rfc.xref.Part1.44">10</a>, <a href="#Part1"><b>11.1</b></a>, <a href="#rfc.xref.Part1.45">B</a>, <a href="#rfc.xref.Part1.46">C</a>, <a href="#rfc.xref.Part1.47">C</a>, <a href="#rfc.xref.Part1.48">C</a>, <a href="#rfc.xref.Part1.49">C</a>, <a href="#rfc.xref.Part1.50">C</a>, <a href="#rfc.xref.Part1.51">C</a>, <a href="#rfc.xref.Part1.52">C</a>, <a href="#rfc.xref.Part1.53">C</a>, <a href="#rfc.xref.Part1.54">C</a>, <a href="#rfc.xref.Part1.55">C</a>, <a href="#rfc.xref.Part1.56">C</a>, <a href="#rfc.xref.Part1.57">D</a><ul>
    49944994                        <li><em>Section 1.2</em>&nbsp;&nbsp;<a href="#rfc.xref.Part1.57">D</a></li>
    49954995                        <li><em>Section 2.5</em>&nbsp;&nbsp;<a href="#rfc.xref.Part1.2">1.1</a></li>
     
    50135013                        <li><em>Section 5.4</em>&nbsp;&nbsp;<a href="#rfc.xref.Part1.19">5.1</a></li>
    50145014                        <li><em>Section 5.5</em>&nbsp;&nbsp;<a href="#rfc.xref.Part1.6">2</a>, <a href="#rfc.xref.Part1.11">3.1.4.1</a>, <a href="#rfc.xref.Part1.12">3.1.4.2</a></li>
    5015                         <li><em>Section 5.7.1</em>&nbsp;&nbsp;<a href="#rfc.xref.Part1.18">4.3.8</a>, <a href="#rfc.xref.Part1.43">9.5</a></li>
     5015                        <li><em>Section 5.7.1</em>&nbsp;&nbsp;<a href="#rfc.xref.Part1.18">4.3.8</a>, <a href="#rfc.xref.Part1.43">9.6</a></li>
    50165016                        <li><em>Section 5.7.2</em>&nbsp;&nbsp;<a href="#rfc.xref.Part1.24">6.3.4</a></li>
    50175017                        <li><em>Section 6.1</em>&nbsp;&nbsp;<a href="#rfc.xref.Part1.25">6.5.7</a>, <a href="#rfc.xref.Part1.37">8.3.1</a></li>
     
    51595159                  <li>safe&nbsp;&nbsp;<a href="#rfc.iref.s.2"><b>4.2.1</b></a></li>
    51605160                  <li>selected representation&nbsp;&nbsp;<a href="#rfc.iref.s.1"><b>3</b></a>, <a href="#rfc.iref.s.8">7.2</a></li>
    5161                   <li>Server header field&nbsp;&nbsp;<a href="#rfc.xref.header.server.1">7.4</a>, <a href="#rfc.iref.s.9"><b>7.4.2</b></a>, <a href="#rfc.xref.header.server.2">8.3.2</a>, <a href="#rfc.xref.header.server.3">9.5</a></li>
     5161                  <li>Server header field&nbsp;&nbsp;<a href="#rfc.xref.header.server.1">7.4</a>, <a href="#rfc.iref.s.9"><b>7.4.2</b></a>, <a href="#rfc.xref.header.server.2">8.3.2</a>, <a href="#rfc.xref.header.server.3">9.6</a></li>
    51625162                  <li>Status Codes Classes&nbsp;&nbsp;
    51635163                     <ul>
     
    51775177            </li>
    51785178            <li><a id="rfc.index.U" href="#rfc.index.U"><b>U</b></a><ul>
    5179                   <li>User-Agent header field&nbsp;&nbsp;<a href="#rfc.xref.header.user-agent.1">5.5</a>, <a href="#rfc.iref.u.1"><b>5.5.3</b></a>, <a href="#rfc.xref.header.user-agent.2">7.4.2</a>, <a href="#rfc.xref.header.user-agent.3">8.3.2</a>, <a href="#rfc.xref.header.user-agent.4">9.5</a></li>
     5179                  <li>User-Agent header field&nbsp;&nbsp;<a href="#rfc.xref.header.user-agent.1">5.5</a>, <a href="#rfc.iref.u.1"><b>5.5.3</b></a>, <a href="#rfc.xref.header.user-agent.2">7.4.2</a>, <a href="#rfc.xref.header.user-agent.3">8.3.2</a>, <a href="#rfc.xref.header.user-agent.4">9.6</a></li>
    51805180               </ul>
    51815181            </li>
Note: See TracChangeset for help on using the changeset viewer.