Ignore:
Timestamp:
May 15, 2014, 11:54:01 PM (6 years ago)
Author:
julian.reschke@…
Message:

Apply Roy Fielding's feedback to P2 (#553)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p2-semantics.html

    r2667 r2679  
    463463  }
    464464  @bottom-center {
    465        content: "Expires November 13, 2014";
     465       content: "Expires November 17, 2014";
    466466  }
    467467  @bottom-right {
     
    508508      <meta name="dct.creator" content="Reschke, J. F.">
    509509      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p2-semantics-latest">
    510       <meta name="dct.issued" scheme="ISO8601" content="2014-05-12">
     510      <meta name="dct.issued" scheme="ISO8601" content="2014-05-16">
    511511      <meta name="dct.replaces" content="urn:ietf:rfc:2616">
    512512      <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems. This document defines the semantics of HTTP/1.1 messages, as expressed by request methods, request header fields, response status codes, and response header fields, along with the payload of messages (metadata and body content) and mechanisms for content negotiation.">
     
    536536            <tr>
    537537               <td class="left">Intended status: Standards Track</td>
    538                <td class="right">May 12, 2014</td>
     538               <td class="right">May 16, 2014</td>
    539539            </tr>
    540540            <tr>
    541                <td class="left">Expires: November 13, 2014</td>
     541               <td class="left">Expires: November 17, 2014</td>
    542542               <td class="right"></td>
    543543            </tr>
     
    568568            in progress”.
    569569         </p>
    570          <p>This Internet-Draft will expire on November 13, 2014.</p>
     570         <p>This Internet-Draft will expire on November 17, 2014.</p>
    571571      </div>
    572572      <div id="rfc.copyrightnotice">
     
    22472247               <div id="rfc.figure.u.40"></div><pre class="inline"><span id="rfc.iref.g.31"></span><span id="rfc.iref.g.32"></span>  <a href="#header.user-agent" class="smpl">product</a>         = <a href="#imported.abnf" class="smpl">token</a> ["/" <a href="#header.user-agent" class="smpl">product-version</a>]
    22482248  <a href="#header.user-agent" class="smpl">product-version</a> = <a href="#imported.abnf" class="smpl">token</a>
    2249 </pre><p id="rfc.section.5.5.3.p.5">A sender <em class="bcp14">SHOULD</em> limit generated product identifiers to what is necessary to identify the product; a sender <em class="bcp14">MUST NOT</em> generate advertising or other nonessential information within the product identifier. A sender <em class="bcp14">SHOULD NOT</em> generate information in <a href="#header.user-agent" class="smpl">product-version</a> that is not a version identifier (i.e., successive versions of the same product name ought only to differ in the product-version
     2249</pre><p id="rfc.section.5.5.3.p.5">A sender <em class="bcp14">SHOULD</em> limit generated product identifiers to what is necessary to identify the product; a sender <em class="bcp14">MUST NOT</em> generate advertising or other nonessential information within the product identifier. A sender <em class="bcp14">SHOULD NOT</em> generate information in <a href="#header.user-agent" class="smpl">product-version</a> that is not a version identifier (i.e., successive versions of the same product name only to differ only in the product-version
    22502250                  portion of the product identifier).
    22512251               </p>
     
    25242524            <div id="rfc.iref.s.3"></div>
    25252525            <p id="rfc.section.6.2.p.1">The <dfn>1xx (Informational)</dfn> class of status code indicates an interim response for communicating connection status or request progress prior to completing
    2526                the requested action and sending a final response. All 1xx responses consist of only the status-line and optional header fields
    2527                and, thus, are terminated by the empty line at the end of the header section. Since HTTP/1.0 did not define any 1xx status
    2528                codes, a server <em class="bcp14">MUST NOT</em> send a 1xx response to an HTTP/1.0 client.
     2526               the requested action and sending a final response. 1xx responses are terminated by the first empty line after the status-line
     2527               (the empty line signaling the end of the header section). Since HTTP/1.0 did not define any 1xx status codes, a server <em class="bcp14">MUST NOT</em> send a 1xx response to an HTTP/1.0 client.
    25292528            </p>
    25302529            <p id="rfc.section.6.2.p.2">A client <em class="bcp14">MUST</em> be able to parse one or more 1xx responses received prior to a final response, even if the client does not expect one. A user
     
    41324131            <h2 id="rfc.section.9.1"><a href="#rfc.section.9.1">9.1</a>&nbsp;<a href="#attack.pathname">Attacks Based on File and Path Names</a></h2>
    41334132            <p id="rfc.section.9.1.p.1">Origin servers frequently make use of their local file system to manage the mapping from effective request URI to resource
    4134                representations. Implementers need to be aware that most file systems are not designed to protect against malicious file or
    4135                path names and, thus, depend on the origin server to avoid mapping to file names, folders, or directories that have special
    4136                significance to the system.
     4133               representations. Most file systems are not designed to protect against malicious file or path names. Therefore, an origin
     4134               server needs to avoid accessing names that have a special significance to the system when mapping the request target to files,
     4135               folders, or directories.
    41374136            </p>
    41384137            <p id="rfc.section.9.1.p.2">For example, UNIX, Microsoft Windows, and other operating systems use ".." as a path component to indicate a directory level
Note: See TracChangeset for help on using the changeset viewer.