idnits 2.17.1 draft-ietf-httpbis-early-hints-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 11, 2017) is 2480 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- == Unused Reference: 'RFC7230' is defined on line 218, but no explicit reference was found in the text ** Obsolete normative reference: RFC 7230 (Obsoleted by RFC 9110, RFC 9112) ** Obsolete normative reference: RFC 7231 (Obsoleted by RFC 9110) ** Obsolete normative reference: RFC 7540 (Obsoleted by RFC 9113) Summary: 3 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 HTTP Working Group K. Oku 3 Internet-Draft Fastly 4 Intended status: Experimental July 11, 2017 5 Expires: January 12, 2018 7 An HTTP Status Code for Indicating Hints 8 draft-ietf-httpbis-early-hints-04 10 Abstract 12 This memo introduces an informational HTTP status code that can be 13 used to convey hints that help a client make preparations for 14 processing the final response. 16 Note to Readers 18 Discussion of this draft takes place on the HTTP working group 19 mailing list (ietf-http-wg@w3.org), which is archived at 20 https://lists.w3.org/Archives/Public/ietf-http-wg/ . 22 Working Group information can be found at https://httpwg.github.io/ ; 23 source code and issues list for this draft can be found at 24 https://github.com/httpwg/http-extensions/labels/early-hints . 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at http://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on January 12, 2018. 43 Copyright Notice 45 Copyright (c) 2017 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 61 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 3 62 2. 103 Early Hints . . . . . . . . . . . . . . . . . . . . . . . 3 63 3. Security Considerations . . . . . . . . . . . . . . . . . . . 4 64 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 65 5. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 66 5.1. Normative References . . . . . . . . . . . . . . . . . . 5 67 5.2. Informative References . . . . . . . . . . . . . . . . . 5 68 Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . 6 69 A.1. Since draft-ietf-httpbis-early-hints-03 . . . . . . . . . 6 70 A.2. Since draft-ietf-httpbis-early-hints-02 . . . . . . . . . 6 71 A.3. Since draft-ietf-httpbis-early-hints-01 . . . . . . . . . 6 72 A.4. Since draft-ietf-httpbis-early-hints-00 . . . . . . . . . 6 73 Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 6 74 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6 76 1. Introduction 78 It is common for HTTP responses to contain links to external 79 resources that need to be fetched prior to their use; for example, 80 rendering HTML by a Web browser. Having such links available to the 81 client as early as possible helps to minimize perceived latency. 83 The "preload" ([Preload]) link relation can be used to convey such 84 links in the Link header field of an HTTP response. However, it is 85 not always possible for an origin server to generate the header block 86 of a final response immediately after receiving a request. For 87 example, the origin server might delegate a request to an upstream 88 HTTP server running at a distant location, or the status code might 89 depend on the result of a database query. 91 The dilemma here is that even though it is preferable for an origin 92 server to send some header fields as soon as it receives a request, 93 it cannot do so until the status code and the full header fields of 94 the final HTTP response are determined. 96 HTTP/2 ([RFC7540]) server push can be used as a solution to this 97 issue, but has its own limitations. The responses that can be pushed 98 using HTTP/2 are limited to those belonging to the same origin. 99 Also, it is impossible to send only the links using server push. 100 Finally, sending HTTP responses for every resource is an inefficient 101 way of using bandwidth, especially when a caching server exists as an 102 intermediary. 104 This memo defines a status code for sending an informational response 105 ([RFC7231], Section 6.2) that contains header fields that are likely 106 to be included in the final response. A server can send the 107 informational response containing some of the header fields to help 108 the client start making preparations for processing the final 109 response, and then run time-consuming operations to generate the 110 final response. The informational response can also be used by an 111 origin server to trigger HTTP/2 server push at a caching 112 intermediary. 114 1.1. Notational Conventions 116 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 117 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 118 document are to be interpreted as described in [RFC2119]. 120 2. 103 Early Hints 122 The 103 (Early Hints) informational status code indicates to the 123 client that the server is likely to send a final response with the 124 header fields included in the informational response. 126 Typically, a server will include the header fields sent in a 103 127 (Early Hints) response in the final response as well. However, there 128 might be cases when this is not desirable, such as when the server 129 learns that they are not correct before the final response is sent. 131 A client can speculatively evaluate the header fields included in a 132 103 (Early Hints) response while waiting for the final response. For 133 example, a client might recognize a Link header field value 134 containing the relation type "preload" and start fetching the target 135 resource. However, these header fields only provide hints to the 136 client; they do not replace the header fields on the final response. 138 Aside from performance optimizations, such evaluation of the 103 139 (Early Hints) response's header fields MUST NOT affect how the final 140 response is processed. A client MUST NOT interpret the 103 (Early 141 Hints) response header fields as if they applied to the informational 142 response itself (e.g., as metadata about the 103 (Early Hints) 143 response). 145 The following example illustrates a typical message exchange that 146 involves a 103 (Early Hints) response. 148 Client request: 150 GET / HTTP/1.1 151 Host: example.com 153 Server response: 155 HTTP/1.1 103 Early Hints 156 Link: ; rel=preload; as=style 157 Link: ; rel=preload; as=script 159 HTTP/1.1 200 OK 160 Date: Fri, 26 May 2017 10:02:11 GMT 161 Content-Length: 1234 162 Content-Type: text/html; charset=utf-8 163 Link: ; rel=preload; as=style 164 Link: ; rel=preload; as=script 166 167 [... rest of the response body is ommitted from the example ...] 169 As is the case with any informational response, a server might emit 170 more than one 103 (Early Hints) response prior to sending a final 171 response. This can happen for example when a caching intermediary 172 generates a 103 (Early Hints) response based on the header fields of 173 a stale-cached response, then forwards a 103 (Early Hints) response 174 and a final response that were sent from the origin server in 175 response to a revalidation request. 177 3. Security Considerations 179 Some clients might have issues handling 103 (Early Hints), since 180 informational responses are rarely used in reply to requests not 181 including an Expect header field ([RFC7231], Section 5.1.1). 183 In particular, an HTTP/1.1 client that mishandles an informational 184 response as a final response is likely to consider all responses to 185 the succeeding requests sent over the same connection to be part of 186 the final response. Such behavior might constitute a cross-origin 187 information disclosure vulnerability in case the client multiplexes 188 requests to different origins onto a single persistent connection. 190 Therefore, a server might refrain from sending Early Hints over 191 HTTP/1.1 unless the client is known to handle informational responses 192 correctly. 194 HTTP/2 clients are less likely to suffer from incorrect framing since 195 handling of the response header fields does not affect how the end of 196 the response body is determined. 198 4. IANA Considerations 200 The HTTP Status Codes Registry will be updated with the following 201 entry: 203 o Code: 103 205 o Description: Early Hints 207 o Specification: [this document] 209 5. References 211 5.1. Normative References 213 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 214 Requirement Levels", BCP 14, RFC 2119, 215 DOI 10.17487/RFC2119, March 1997, 216 . 218 [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 219 Protocol (HTTP/1.1): Message Syntax and Routing", 220 RFC 7230, DOI 10.17487/RFC7230, June 2014, 221 . 223 [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 224 Protocol (HTTP/1.1): Semantics and Content", RFC 7231, 225 DOI 10.17487/RFC7231, June 2014, 226 . 228 [RFC7540] Belshe, M., Peon, R., and M. Thomson, Ed., "Hypertext 229 Transfer Protocol Version 2 (HTTP/2)", RFC 7540, 230 DOI 10.17487/RFC7540, May 2015, 231 . 233 5.2. Informative References 235 [Preload] Grigorik, I., "Preload", n.d., . 238 Appendix A. Changes 240 A.1. Since draft-ietf-httpbis-early-hints-03 242 o Removed statements that were either redundant or contradictory to 243 RFC7230-7234. 245 o Clarified what the server's expected behavior is. 247 o Explain that a server might want to send more than one 103 248 response. 250 o Editorial Changes. 252 A.2. Since draft-ietf-httpbis-early-hints-02 254 o Editorial changes. 256 o Added an example. 258 A.3. Since draft-ietf-httpbis-early-hints-01 260 o Editorial changes. 262 A.4. Since draft-ietf-httpbis-early-hints-00 264 o Forbid processing the headers of a 103 response as part of the 265 informational response. 267 Appendix B. Acknowledgements 269 Thanks to Tatsuhiro Tsujikawa for coming up with the idea of sending 270 the Link header fields using an informational response. 272 Author's Address 274 Kazuho Oku 275 Fastly 277 Email: kazuhooku@gmail.com