Ignore:
Timestamp:
Jun 20, 2008, 9:48:20 AM (11 years ago)
Author:
julian.reschke@…
Message:

Resolve #121: RFC 2183 replaced RFC 1806, only cite the newer one (closes #121).

File:
1 edited

Legend:

Unmodified
Added
Removed

  • draft-ietf-httpbis/latest/p3-payload.html

    r268 r269  
    474474         <tr>
    475475            <td class="header left"></td>
    476             <td class="header right">June 19, 2008</td>
     476            <td class="header right">June 20, 2008</td>
    477477         </tr>
    478478      </table>
     
    13501350      </p>
    13511351      <h2 id="rfc.section.8.2"><a href="#rfc.section.8.2">8.2</a>&nbsp;<a id="content-disposition.issues" href="#content-disposition.issues">Content-Disposition Issues</a></h2>
    1352       <p id="rfc.section.8.2.p.1"> <a href="#RFC1806" id="rfc.xref.RFC1806.1"><cite title="Communicating Presentation Information in Internet Messages: The Content-Disposition Header">[RFC1806]</cite></a>, from which the often implemented Content-Disposition (see <a href="#content-disposition" id="rfc.xref.content-disposition.2" title="Content-Disposition">Appendix&nbsp;B.1</a>) header in HTTP is derived, has a number of very serious security considerations. Content-Disposition is not part of the
    1353          HTTP standard, but since it is widely implemented, we are documenting its use and risks for implementors. See <a href="#RFC2183" id="rfc.xref.RFC2183.1"><cite title="Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field">[RFC2183]</cite></a> (which updates <a href="#RFC1806" id="rfc.xref.RFC1806.2"><cite title="Communicating Presentation Information in Internet Messages: The Content-Disposition Header">[RFC1806]</cite></a>) for details.
     1352      <p id="rfc.section.8.2.p.1"> <a href="#RFC2183" id="rfc.xref.RFC2183.1"><cite title="Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field">[RFC2183]</cite></a>, from which the often implemented Content-Disposition (see <a href="#content-disposition" id="rfc.xref.content-disposition.2" title="Content-Disposition">Appendix&nbsp;B.1</a>) header in HTTP is derived, has a number of very serious security considerations. Content-Disposition is not part of the
     1353         HTTP standard, but since it is widely implemented, we are documenting its use and risks for implementors. See <a href="http://tools.ietf.org/html/rfc2183#section-5">Section 5</a> of <a href="#RFC2183" id="rfc.xref.RFC2183.2"><cite title="Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field">[RFC2183]</cite></a> for details.
    13541354      </p>
    13551355      <h1 id="rfc.section.9"><a href="#rfc.section.9">9.</a>&nbsp;<a id="ack" href="#ack">Acknowledgments</a></h1>
     
    14371437      <h2 id="rfc.references.2"><a href="#rfc.section.10.2" id="rfc.section.10.2">10.2</a> Informative References
    14381438      </h2>
    1439       <table summary="Informative References">                           
    1440          <tr>
    1441             <td class="reference"><b id="RFC1806">[RFC1806]</b></td>
    1442             <td class="top"><a title="New Century Systems">Troost, R.</a> and <a title="QUALCOMM Incorporated">S. Dorner</a>, “<a href="http://tools.ietf.org/html/rfc1806">Communicating Presentation Information in Internet Messages: The Content-Disposition Header</a>”, RFC&nbsp;1806, June&nbsp;1995.
    1443             </td>
    1444          </tr>
     1439      <table summary="Informative References">                         
    14451440         <tr>
    14461441            <td class="reference"><b id="RFC1945">[RFC1945]</b></td>
     
    15921587      <p id="rfc.section.B.1.p.1">The Content-Disposition response-header field has been proposed as a means for the origin server to suggest a default filename
    15931588         if the user requests that the content is saved to a file. This usage is derived from the definition of Content-Disposition
    1594          in <a href="#RFC1806" id="rfc.xref.RFC1806.3"><cite title="Communicating Presentation Information in Internet Messages: The Content-Disposition Header">[RFC1806]</cite></a>.
     1589         in <a href="#RFC2183" id="rfc.xref.RFC2183.3"><cite title="Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field">[RFC2183]</cite></a>.
    15951590      </p>
    15961591      <div id="rfc.figure.u.40"></div><pre class="inline"><span id="rfc.iref.g.33"></span><span id="rfc.iref.g.34"></span><span id="rfc.iref.g.35"></span><span id="rfc.iref.g.36"></span><span id="rfc.iref.g.37"></span><span id="rfc.iref.g.38"></span>  <a href="#content-disposition" class="smpl">content-disposition</a> = "Content-Disposition" ":"
     
    16881683      </ul>
    16891684      <h2 id="rfc.section.D.5"><a href="#rfc.section.D.5">D.5</a>&nbsp;<a id="changes.since.03" href="#changes.since.03">Since draft-ietf-httpbis-p3-payload-03</a></h2>
     1685      <p id="rfc.section.D.5.p.1">Closed issues: </p>
     1686      <ul>
     1687         <li> &lt;<a href="http://www3.tools.ietf.org/wg/httpbis/trac/ticket/121">http://www3.tools.ietf.org/wg/httpbis/trac/ticket/121</a>&gt;: "RFC 1806 has been replaced by RFC2183"
     1688         </li>
     1689      </ul>
    16901690      <h1><a id="rfc.copyright" href="#rfc.copyright">Full Copyright Statement</a></h1>
    16911691      <p>This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the
     
    18561856            <li class="indline0"><a id="rfc.index.R" href="#rfc.index.R"><b>R</b></a><ul class="ind">
    18571857                  <li class="indline1"><em>RFC1766</em>&nbsp;&nbsp;<a class="iref" href="#rfc.xref.RFC1766.1">3.5</a>, <a class="iref" href="#RFC1766"><b>10.1</b></a></li>
    1858                   <li class="indline1"><em>RFC1806</em>&nbsp;&nbsp;<a class="iref" href="#rfc.xref.RFC1806.1">8.2</a>, <a class="iref" href="#rfc.xref.RFC1806.2">8.2</a>, <a class="iref" href="#RFC1806"><b>10.2</b></a>, <a class="iref" href="#rfc.xref.RFC1806.3">B.1</a></li>
    18591858                  <li class="indline1"><em>RFC1864</em>&nbsp;&nbsp;<a class="iref" href="#rfc.xref.RFC1864.1">6.8</a>, <a class="iref" href="#rfc.xref.RFC1864.2">6.8</a>, <a class="iref" href="#RFC1864"><b>10.1</b></a></li>
    18601859                  <li class="indline1"><em>RFC1945</em>&nbsp;&nbsp;<a class="iref" href="#RFC1945"><b>10.2</b></a>, <a class="iref" href="#rfc.xref.RFC1945.1">B</a></li>
     
    18771876                  <li class="indline1"><em>RFC2076</em>&nbsp;&nbsp;<a class="iref" href="#RFC2076"><b>10.2</b></a>, <a class="iref" href="#rfc.xref.RFC2076.1">B</a></li>
    18781877                  <li class="indline1"><em>RFC2119</em>&nbsp;&nbsp;<a class="iref" href="#rfc.xref.RFC2119.1">1.1</a>, <a class="iref" href="#RFC2119"><b>10.1</b></a></li>
    1879                   <li class="indline1"><em>RFC2183</em>&nbsp;&nbsp;<a class="iref" href="#rfc.xref.RFC2183.1">8.2</a>, <a class="iref" href="#RFC2183"><b>10.2</b></a></li>
     1878                  <li class="indline1"><em>RFC2183</em>&nbsp;&nbsp;<a class="iref" href="#rfc.xref.RFC2183.1">8.2</a>, <a class="iref" href="#rfc.xref.RFC2183.2">8.2</a>, <a class="iref" href="#RFC2183"><b>10.2</b></a>, <a class="iref" href="#rfc.xref.RFC2183.3">B.1</a><ul class="ind">
     1879                        <li class="indline1"><em>Section 5</em>&nbsp;&nbsp;<a class="iref" href="#rfc.xref.RFC2183.2">8.2</a></li>
     1880                     </ul>
     1881                  </li>
    18801882                  <li class="indline1"><em>RFC2277</em>&nbsp;&nbsp;<a class="iref" href="#rfc.xref.RFC2277.1">3.1</a>, <a class="iref" href="#RFC2277"><b>10.2</b></a></li>
    18811883                  <li class="indline1"><em>RFC2388</em>&nbsp;&nbsp;<a class="iref" href="#rfc.xref.RFC2388.1">3.3.2</a>, <a class="iref" href="#RFC2388"><b>10.2</b></a></li>
Note: See TracChangeset for help on using the changeset viewer.