Opened 7 years ago

Closed 7 years ago

Last modified 6 years ago

#418 closed design (fixed)

No-Transform

Reported by: mnot@… Owned by: draft-ietf-httpbis-p1-messaging@…
Priority: normal Milestone: 22
Component: p1-messaging Severity: In WG Last Call
Keywords: Cc:

Description

p1 says:

A proxy must not modify or add any of the following fields in a message that contains the no-transform cache-control directive:

  • Content-Encoding (Section 3.1.2.2 of [Part2])
  • Content-Range (Section 5.2 of [Part5])
  • Content-Type (Section 3.1.1.5 of [Part2])

A transforming proxy may modify or add these fields to a message that does not include no-transform, but if it does so, it must add a Warning 214 (Transformation applied) if one does not already appear in the message (see Section 7.5 of [Part6]).

p6 says:

7.2.2.9 no-transform

The "no-transform" response directive indicates that an intermediary (regardless of whether it implements a cache) must not change the Content-Encoding, Content-Range orContent-Type response header fields, nor the response representation.

2616 was a bit more wordy:

14.9.5 No-Transform Directive

no-transform

Implementors of intermediate caches (proxies) have found it useful to convert the media type of certain entity bodies. A non- transparent proxy might, for example, convert between image formats in order to save cache space or to reduce the amount of traffic on a slow link.

Serious operational problems occur, however, when these transformations are applied to entity bodies intended for certain kinds of applications. For example, applications for medical imaging, scientific data analysis and those using end-to-end authentication, all depend on receiving an entity body that is bit for bit identical to the original entity-body.

Therefore, if a message includes the no-transform directive, an intermediate cache or proxy MUST NOT change those headers that are listed in section 13.5.2 as being subject to the no-transform directive. This implies that the cache or proxy MUST NOT change any aspect of the entity-body that is specified by these headers, including the value of the entity-body itself.

(the text currently in p1 closely corresponds to that in 2616's 13.5.2).

The issue here is that the intent in 2616 is clear -- the body shouldn't be modified if no-transform is present -- but since we split it up, a reader of p1 doesn't have any indication of this unless they chase up in p6 (note there isn't any reference, beyond the unrelated one to the Warning header).

I'd suggest we need p1 to explicitly say the body can't be changed, as p6 does.

While we're at it, changing "A proxy must not modify or add any of the following fields..." to "A proxy (transparent or non-transparent) must not modify or add any of the following fields " would make what's going on a lot clearer.

Change History (5)

comment:1 Changed 7 years ago by fielding@…

From [2041]:

remove irrelevant details from transforming proxy requirements now obsolete due to introduction of payload terminology; addresses #418

comment:2 Changed 7 years ago by fielding@…

  • Milestone changed from unassigned to 22
  • Resolution set to incorporated
  • Status changed from new to closed

comment:3 Changed 7 years ago by mnot@…

  • Resolution incorporated deleted
  • Status changed from closed to reopened

comment:4 Changed 7 years ago by mnot@…

  • Resolution set to fixed
  • Status changed from reopened to closed

comment:5 Changed 6 years ago by fielding@…

From [2613]:

Correct a mistake in [2041] regarding the general requirement on a proxy not transforming header fields (was a SHOULD in RFC2616, not a MUST); see #552 and #418

Note: See TracTickets for help on using tickets.