Ignore:
Timestamp:
Sep 3, 2010, 7:48:02 AM (9 years ago)
Author:
julian.reschke@…
Message:

Remove Content-Disposition (now draft-ietf-httpbis-content-disp) (see #123)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest/p3-payload.xml

    r981 r987  
    304304
    305305<section title="Core Rules" anchor="core.rules">
    306   <x:anchor-alias value="quoted-string"/>
    307306  <x:anchor-alias value="token"/>
    308307  <x:anchor-alias value="word"/>
     
    312311</t>
    313312<figure><artwork type="abnf2616">
    314   <x:ref>quoted-string</x:ref>  = &lt;quoted-string, defined in &basic-rules;&gt;
    315313  <x:ref>token</x:ref>          = &lt;token, defined in &basic-rules;&gt;
    316314  <x:ref>word</x:ref>           = &lt;word, defined in &basic-rules;&gt;
     
    16381636   <c>
    16391637      <xref target="header.accept-language"/>
    1640    </c>
    1641    <c>Content-Disposition</c>
    1642    <c>http</c>
    1643    <c>standard</c>
    1644    <c>
    1645       <xref target="content-disposition"/>
    16461638   </c>
    16471639   <c>Content-Encoding</c>
     
    17771769</section>
    17781770
    1779 <section title="Content-Disposition Issues" anchor="content-disposition.issues">
    1780 <t>
    1781    <xref target="RFC2183"/>, from which the often implemented Content-Disposition
    1782    (see <xref target="content-disposition"/>) header in HTTP is derived, has a number of very
    1783    serious security considerations. Content-Disposition is not part of
    1784    the HTTP standard, but since it is widely implemented, we are
    1785    documenting its use and risks for implementors. See <xref target="RFC2183" x:fmt="of" x:sec="5"/>
    1786    for details.
    1787 </t>
    1788 </section>
    1789 
    17901771</section>
    17911772
     
    23042285</reference>
    23052286
    2306 <reference anchor="RFC2183">
    2307   <front>
    2308     <title abbrev="Content-Disposition">Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field</title>
    2309     <author initials="R." surname="Troost" fullname="Rens Troost">
    2310       <organization>New Century Systems</organization>
    2311       <address><email>rens@century.com</email></address>
    2312     </author>
    2313     <author initials="S." surname="Dorner" fullname="Steve Dorner">
    2314       <organization>QUALCOMM Incorporated</organization>
    2315       <address><email>sdorner@qualcomm.com</email></address>
    2316     </author>
    2317     <author initials="K." surname="Moore" fullname="Keith Moore">
    2318       <organization>Department of Computer Science</organization>
    2319       <address><email>moore@cs.utk.edu</email></address>
    2320     </author>
    2321     <date month="August" year="1997"/>
    2322   </front>
    2323   <seriesInfo name="RFC" value="2183"/>
    2324 </reference>
    2325 
    23262287<reference anchor="RFC2277">
    23272288  <front>
     
    26892650   from SMTP and MIME are also often implemented (see <xref target="RFC2076"/>).
    26902651</t>
    2691 
    2692 <section title="Content-Disposition" anchor="content-disposition">
    2693 <iref item="Headers" subitem="Content-Disposition" primary="true" x:for-anchor=""/>
    2694 <iref item="Content-Disposition header" primary="true" x:for-anchor=""/>
    2695   <x:anchor-alias value="content-disposition"/>
    2696   <x:anchor-alias value="content-disposition-v"/>
    2697   <x:anchor-alias value="disposition-type"/>
    2698   <x:anchor-alias value="disposition-parm"/>
    2699   <x:anchor-alias value="disp-extension-parm"/>
    2700   <x:anchor-alias value="disp-extension-token"/>
    2701   <x:anchor-alias value="filename-parm"/>
    2702 <t>
    2703    The "Content-Disposition" response-header field has been proposed as a
    2704    means for the origin server to suggest a default filename if the user
    2705    requests that the content is saved to a file. This usage is derived
    2706    from the definition of Content-Disposition in <xref target="RFC2183"/>.
    2707 </t>
    2708 <figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="content-disposition"/><iref primary="true" item="Grammar" subitem="content-disposition-v"/><iref primary="true" item="Grammar" subitem="disposition-type"/><iref primary="true" item="Grammar" subitem="disposition-parm"/><iref primary="true" item="Grammar" subitem="filename-parm"/><iref primary="true" item="Grammar" subitem="disp-extension-token"/><iref primary="true" item="Grammar" subitem="disp-extension-parm"/>
    2709   <x:ref>content-disposition</x:ref> = "Content-Disposition" ":" <x:ref>OWS</x:ref>
    2710                         <x:ref>content-disposition-v</x:ref>
    2711   <x:ref>content-disposition-v</x:ref> = <x:ref>disposition-type</x:ref>
    2712                           *( <x:ref>OWS</x:ref> ";" <x:ref>OWS</x:ref> <x:ref>disposition-parm</x:ref> )
    2713   <x:ref>disposition-type</x:ref> = "attachment" / <x:ref>disp-extension-token</x:ref>
    2714   <x:ref>disposition-parm</x:ref> = <x:ref>filename-parm</x:ref> / <x:ref>disp-extension-parm</x:ref>
    2715   <x:ref>filename-parm</x:ref> = "filename" "=" <x:ref>quoted-string</x:ref>
    2716   <x:ref>disp-extension-token</x:ref> = <x:ref>token</x:ref>
    2717   <x:ref>disp-extension-parm</x:ref> = <x:ref>token</x:ref> "=" <x:ref>word</x:ref>
    2718 </artwork></figure>
    2719 <t>
    2720    An example is
    2721 </t>
    2722 <figure><artwork type="example">
    2723   Content-Disposition: attachment; filename="fname.ext"
    2724 </artwork></figure>
    2725 <t>
    2726    The receiving user agent &SHOULD-NOT;  respect any directory path
    2727    information present in the filename-parm parameter, which is the only
    2728    parameter believed to apply to HTTP implementations at this time. The
    2729    filename &SHOULD; be treated as a terminal component only.
    2730 </t>
    2731 <t>
    2732    If this header is used in a response with the application/octet-stream
    2733    content-type, the implied suggestion is that the user agent
    2734    should not display the response, but directly enter a "save response
    2735    as..." dialog.
    2736 </t>
    2737 <t>
    2738    See <xref target="content-disposition.issues"/> for Content-Disposition security issues.
    2739 </t>
    2740 </section>
    27412652</section>
    27422653
     
    28102721<x:ref>codings</x:ref> = ( content-coding / "*" )
    28112722<x:ref>content-coding</x:ref> = token
    2812 <x:ref>content-disposition</x:ref> = "Content-Disposition:" OWS
    2813  content-disposition-v
    2814 <x:ref>content-disposition-v</x:ref> = disposition-type *( OWS ";" OWS
    2815  disposition-parm )
    2816 
    2817 <x:ref>disp-extension-parm</x:ref> = token "=" word
    2818 <x:ref>disp-extension-token</x:ref> = token
    2819 <x:ref>disposition-parm</x:ref> = filename-parm / disp-extension-parm
    2820 <x:ref>disposition-type</x:ref> = "attachment" / disp-extension-token
    2821 
    2822 <x:ref>filename-parm</x:ref> = "filename=" quoted-string
    28232723
    28242724<x:ref>language-range</x:ref> = &lt;language-range, defined in [RFC4647], Section 2.1&gt;
     
    28322732<x:ref>partial-URI</x:ref> = &lt;partial-URI, defined in [Part1], Section 2.6&gt;
    28332733
    2834 <x:ref>quoted-string</x:ref> = &lt;quoted-string, defined in [Part1], Section 1.2.2&gt;
    28352734<x:ref>qvalue</x:ref> = &lt;qvalue, defined in [Part1], Section 6.4&gt;
    28362735
     
    28602759; Last-Modified defined but not used
    28612760; MIME-Version defined but not used
    2862 ; content-disposition defined but not used
    28632761</artwork></figure></section>
    28642762<?ENDINC p3-payload.abnf-appendix ?>
     
    32163114<section title="Since draft-ietf-httpbis-p3-payload-11" anchor="changes.since.11">
    32173115<t>
    3218   None yet.
     3116  Closed issues:
     3117  <list style="symbols">
     3118    <t>
     3119      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/123"/>:
     3120      "Factor out Content-Disposition"
     3121    </t>
     3122  </list>
    32193123</t>
    32203124</section>
Note: See TracChangeset for help on using the changeset viewer.