idnits 2.17.1
draft-ietf-webdav-redirectref-protocol-06.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
** Looks like you're using RFC 2026 boilerplate. This must be updated to
follow RFC 3978/3979, as updated by RFC 4748.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
== No 'Intended status' indicated for this document; assuming Proposed
Standard
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
** The abstract seems to contain references ([2], [1]), which it shouldn't.
Please replace those with straight textual mentions of the documents in
question.
== There are 6 instances of lines with non-RFC2606-compliant FQDNs in the
document.
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the RFC 3978 Section 5.4 Copyright Line does not
match the current year
-- The document seems to lack a disclaimer for pre-RFC5378 work, but may
have content which was first submitted before 10 November 2008. If you
have contacted all the original authors and they are all willing to grant
the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
this comment. If not, you may need to add the pre-RFC5378 disclaimer.
(See the Legal Provisions document at
https://trustee.ietf.org/license-info for more information.)
-- The document date (October 20, 2003) is 7491 days in the past. Is this
intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
== Missing Reference: 'WebDAV' is mentioned on line 1801, but not defined
** Obsolete normative reference: RFC 2396 (Obsoleted by RFC 3986)
** Obsolete normative reference: RFC 2518 (Obsoleted by RFC 4918)
** Obsolete normative reference: RFC 2616 (Obsoleted by RFC 7230, RFC 7231,
RFC 7232, RFC 7233, RFC 7234, RFC 7235)
-- Possible downref: Non-RFC (?) normative reference: ref. 'XML'
-- Possible downref: Non-RFC (?) normative reference: ref. '1'
-- Possible downref: Non-RFC (?) normative reference: ref. '2'
-- Possible downref: Non-RFC (?) normative reference: ref. '3'
-- Possible downref: Non-RFC (?) normative reference: ref. '4'
-- Possible downref: Non-RFC (?) normative reference: ref. '5'
-- Possible downref: Non-RFC (?) normative reference: ref. '6'
-- Possible downref: Non-RFC (?) normative reference: ref. '7'
-- Possible downref: Non-RFC (?) normative reference: ref. '8'
-- Possible downref: Non-RFC (?) normative reference: ref. '9'
-- Possible downref: Non-RFC (?) normative reference: ref. '10'
-- Possible downref: Non-RFC (?) normative reference: ref. '11'
-- Possible downref: Non-RFC (?) normative reference: ref. '12'
-- Possible downref: Non-RFC (?) normative reference: ref. '13'
-- Possible downref: Non-RFC (?) normative reference: ref. '14'
-- Possible downref: Non-RFC (?) normative reference: ref. '15'
-- Possible downref: Non-RFC (?) normative reference: ref. '16'
-- Possible downref: Non-RFC (?) normative reference: ref. '17'
-- Possible downref: Non-RFC (?) normative reference: ref. '18'
-- Possible downref: Non-RFC (?) normative reference: ref. '19'
-- Possible downref: Non-RFC (?) normative reference: ref. '20'
-- Possible downref: Non-RFC (?) normative reference: ref. '21'
-- Possible downref: Non-RFC (?) normative reference: ref. '22'
-- Possible downref: Non-RFC (?) normative reference: ref. '23'
-- Possible downref: Non-RFC (?) normative reference: ref. '24'
-- Possible downref: Non-RFC (?) normative reference: ref. '25'
-- Possible downref: Non-RFC (?) normative reference: ref. '26'
-- Possible downref: Non-RFC (?) normative reference: ref. '27'
-- Possible downref: Non-RFC (?) normative reference: ref. '28'
-- Possible downref: Non-RFC (?) normative reference: ref. '29'
-- Possible downref: Non-RFC (?) normative reference: ref. '30'
Summary: 5 errors (**), 0 flaws (~~), 4 warnings (==), 33 comments (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 WEBDAV Working Group J. Whitehead
3 Internet-Draft U.C. Santa Cruz
4 Expires: April 19, 2004 G. Clemm
5 IBM
6 J. Reschke, Ed.
7 greenbytes
8 October 20, 2003
10 WebDAV Redirect Reference Resources
11 draft-ietf-webdav-redirectref-protocol-06
13 Status of this Memo
15 This document is an Internet-Draft and is in full conformance with
16 all provisions of Section 10 of RFC2026.
18 Internet-Drafts are working documents of the Internet Engineering
19 Task Force (IETF), its areas, and its working groups. Note that other
20 groups may also distribute working documents as Internet-Drafts.
22 Internet-Drafts are draft documents valid for a maximum of six months
23 and may be updated, replaced, or obsoleted by other documents at any
24 time. It is inappropriate to use Internet-Drafts as reference
25 material or to cite them other than as "work in progress."
27 The list of current Internet-Drafts can be accessed at http://
28 www.ietf.org/ietf/1id-abstracts.txt.
30 The list of Internet-Draft Shadow Directories can be accessed at
31 http://www.ietf.org/shadow.html.
33 This Internet-Draft will expire on April 19, 2004.
35 Copyright Notice
37 Copyright (C) The Internet Society (2003). All Rights Reserved.
39 Abstract
41 This specification defines redirect reference resources. A redirect
42 reference resource is a resource whose default response is an HTTP/
43 1.1 302 (Found) status code, redirecting the client to a different
44 resource, the target resource. A redirect reference makes it
45 possible to access the target resource indirectly, through any URI
46 mapped to the redirect reference resource. There are no integrity
47 guarantees associated with redirect reference resources.
49 Distribution of this document is unlimited. Please send comments to
50 the Distributed Authoring and Versioning (WebDAV) working group at
51 w3c-dist-auth@w3.org [1], which may be joined by sending a message
52 with subject "subscribe" to w3c-dist-auth-request@w3.org [2].
54 Discussions of the WEBDAV working group are archived at URL: http://
55 lists.w3.org/Archives/Public/w3c-dist-auth/.
57 Table of Contents
59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 5
60 2. Notational Conventions . . . . . . . . . . . . . . . . . . . 7
61 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 8
62 4. Overview of Redirect Reference Resources . . . . . . . . . . 9
63 5. Creating a Redirect Reference Resource . . . . . . . . . . . 10
64 5.1 MKRESOURCE . . . . . . . . . . . . . . . . . . . . . . . . . 10
65 5.2 Example: Creating a Redirect Reference Resource with
66 MKRESOURCE . . . . . . . . . . . . . . . . . . . . . . . . . 11
67 6. Operations on Redirect Reference Resources . . . . . . . . . 13
68 7. Operations on Collections That Contain Redirect Reference
69 Resources . . . . . . . . . . . . . . . . . . . . . . . . . 14
70 7.1 MOVE and DELETE on Collections That Contain Redirect
71 References . . . . . . . . . . . . . . . . . . . . . . . . . 14
72 7.2 LOCK on a Collection That Contains Redirect References . . . 14
73 7.3 Example: PROPFIND on a Collection with Redirect Reference
74 Resources . . . . . . . . . . . . . . . . . . . . . . . . . 15
75 7.4 Example: PROPFIND with Apply-To-Redirect-Ref on a
76 Collection with Redirect Reference Resources . . . . . . . . 16
77 7.5 Example: COPY on a Collection That Contains a Redirect
78 Reference Resource . . . . . . . . . . . . . . . . . . . . . 18
79 7.6 Example: LOCK on a Collection That Contains a Redirect
80 Reference Resource . . . . . . . . . . . . . . . . . . . . . 19
81 8. Operations on Targets of Redirect Reference Resources . . . 22
82 9. Relative URIs in DAV:reftarget . . . . . . . . . . . . . . . 23
83 9.1 Example: Resolving a Relative URI in a Multi-Status
84 Response . . . . . . . . . . . . . . . . . . . . . . . . . . 23
85 10. Redirect References to Collections . . . . . . . . . . . . . 25
86 11. Headers . . . . . . . . . . . . . . . . . . . . . . . . . . 27
87 11.1 Redirect-Ref Response Header . . . . . . . . . . . . . . . . 27
88 11.2 Apply-To-Redirect-Ref Request Header . . . . . . . . . . . . 27
89 12. Properties . . . . . . . . . . . . . . . . . . . . . . . . . 28
90 12.1 reftarget Property . . . . . . . . . . . . . . . . . . . . . 28
91 12.2 location Pseudo-Property . . . . . . . . . . . . . . . . . . 28
92 13. XML Elements . . . . . . . . . . . . . . . . . . . . . . . . 29
93 13.1 redirectref XML Element . . . . . . . . . . . . . . . . . . 29
94 14. Extensions to the DAV:response XML Element for
95 Multi-Status Responses . . . . . . . . . . . . . . . . . . . 30
96 15. Capability Discovery . . . . . . . . . . . . . . . . . . . . 31
97 15.1 Example: Discovery of Support for Redirect Reference
98 Resources . . . . . . . . . . . . . . . . . . . . . . . . . 31
99 16. Security Considerations . . . . . . . . . . . . . . . . . . 32
100 16.1 Privacy Concerns . . . . . . . . . . . . . . . . . . . . . . 32
101 16.2 Redirect Loops . . . . . . . . . . . . . . . . . . . . . . . 32
102 16.3 Redirect Reference Resources and Denial of Service . . . . . 32
103 16.4 Revealing Private Locations . . . . . . . . . . . . . . . . 32
104 17. Internationalization Considerations . . . . . . . . . . . . 34
105 18. IANA Considerations . . . . . . . . . . . . . . . . . . . . 35
106 19. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 36
107 20. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 37
108 Normative References . . . . . . . . . . . . . . . . . . . . 38
109 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 38
110 A. Changes to the WebDAV Document Type Definition . . . . . . . 40
111 B. Change Log (to be removed by RFC Editor before
112 publication) . . . . . . . . . . . . . . . . . . . . . . . . 41
113 B.1 Since draft-ietf-webdav-redirectref-protocol-02 . . . . . . 41
114 B.2 Since draft-ietf-webdav-redirectref-protocol-03 . . . . . . 41
115 B.3 Since draft-ietf-webdav-redirectref-protocol-04 . . . . . . 41
116 B.4 Since draft-ietf-webdav-redirectref-protocol-05 . . . . . . 41
117 C. Resolved issues (to be removed by RFC Editor before
118 publication) . . . . . . . . . . . . . . . . . . . . . . . . 42
119 C.1 lc-60-ex . . . . . . . . . . . . . . . . . . . . . . . . . . 42
120 C.2 lc-06-reftarget-relative . . . . . . . . . . . . . . . . . . 42
121 C.3 lc-71-relative . . . . . . . . . . . . . . . . . . . . . . . 42
122 C.4 9-MKRESOURCE-vs-relative-URI . . . . . . . . . . . . . . . . 43
123 C.5 lc-72-trailingslash . . . . . . . . . . . . . . . . . . . . 43
124 C.6 lc-50-blindredirect . . . . . . . . . . . . . . . . . . . . 43
125 C.7 lc-74-terminology . . . . . . . . . . . . . . . . . . . . . 44
126 C.8 11.2-apply-to-redirect-ref-syntax . . . . . . . . . . . . . 44
127 C.9 15.1-options-response . . . . . . . . . . . . . . . . . . . 44
128 C.10 lc-79-accesscontrol . . . . . . . . . . . . . . . . . . . . 44
129 D. Open issues (to be removed by RFC Editor before
130 publication) . . . . . . . . . . . . . . . . . . . . . . . . 46
131 D.1 lc-85-301 . . . . . . . . . . . . . . . . . . . . . . . . . 46
132 D.2 lc-38-not-hierarchical . . . . . . . . . . . . . . . . . . . 46
133 D.3 lc-36-server . . . . . . . . . . . . . . . . . . . . . . . . 46
134 D.4 lc-33-forwarding . . . . . . . . . . . . . . . . . . . . . . 47
135 D.5 lc-37-integrity . . . . . . . . . . . . . . . . . . . . . . 47
136 D.6 3-terminology-redirectref . . . . . . . . . . . . . . . . . 47
137 D.7 lc-19-direct-ref . . . . . . . . . . . . . . . . . . . . . . 47
138 D.8 lc-41-no-webdav . . . . . . . . . . . . . . . . . . . . . . 48
139 D.9 lc-58-update . . . . . . . . . . . . . . . . . . . . . . . . 48
140 D.10 lc-24-properties . . . . . . . . . . . . . . . . . . . . . . 48
141 D.11 rfc2606-compliance . . . . . . . . . . . . . . . . . . . . . 49
142 D.12 lc-48-s6 . . . . . . . . . . . . . . . . . . . . . . . . . . 49
143 D.13 lc-28-lang . . . . . . . . . . . . . . . . . . . . . . . . . 49
144 D.14 lc-29-lang . . . . . . . . . . . . . . . . . . . . . . . . . 49
145 D.15 lc-44-pseudo . . . . . . . . . . . . . . . . . . . . . . . . 50
146 D.16 lc-61-pseudo . . . . . . . . . . . . . . . . . . . . . . . . 50
147 D.17 lc-62-oldclient . . . . . . . . . . . . . . . . . . . . . . 50
148 D.18 lc-63-move . . . . . . . . . . . . . . . . . . . . . . . . . 51
149 D.19 lc-57-noautoupdate . . . . . . . . . . . . . . . . . . . . . 51
150 D.20 lc-53-s10 . . . . . . . . . . . . . . . . . . . . . . . . . 51
151 D.21 12.1-property-name . . . . . . . . . . . . . . . . . . . . . 52
152 D.22 lc-76-location . . . . . . . . . . . . . . . . . . . . . . . 52
153 D.23 lc-80-i18n . . . . . . . . . . . . . . . . . . . . . . . . . 52
154 D.24 lc-55-iana . . . . . . . . . . . . . . . . . . . . . . . . . 52
155 Intellectual Property and Copyright Statements . . . . . . . 53
157 1. Introduction
159 This is one of a pair of specifications that extend the WebDAV
160 Distributed Authoring Protocol to enable clients to create new access
161 paths to existing resources. This capability is useful for several
162 reasons:
164 URIs of WebDAV-compliant resources are hierarchical and correspond to
165 a hierarchy of collections in resource space. The WebDAV Distributed
166 Authoring Protocol makes it possible to organize these resources into
167 hierarchies, placing them into groupings, known as collections, which
168 are more easily browsed and manipulated than a single flat
169 collection. However, hierarchies require categorization decisions
170 that locate resources at a single location in the hierarchy, a
171 drawback when a resource has multiple valid categories. For example,
172 in a hierarchy of vehicle descriptions containing collections for
173 cars and boats, a description of a combination car/boat vehicle could
174 belong in either collection. Ideally, the description should be
175 accessible from both. Allowing clients to create new URIs that access
176 the existing resource lets them put that resource into multiple
177 collections.
179 Hierarchies also make resource sharing more difficult, since
180 resources that have utility across many collections are still forced
181 into a single collection. For example, the mathematics department at
182 one university might create a collection of information on fractals
183 that contains bindings to some local resources, but also provides
184 access to some resources at other universities. For many reasons, it
185 may be undesirable to make physical copies of the shared resources on
186 the local server: to conserve disk space, to respect copyright
187 constraints, or to make any changes in the shared resources visible
188 automatically. Being able to create new access paths to existing
189 resources in other collections or even on other servers is useful for
190 this sort of case.
192 The redirect reference resources defined here provide a mechanism for
193 creating alternative access paths to existing resources. A redirect
194 reference resource is a resource in one collection whose purpose is
195 to forward requests to another resource (its target), possibly in a
196 different collection. In this way, it allows clients to submit
197 requests to the target resource from another collection. It
198 redirects most requests to the target resource using the HTTP 302
199 (Found) status code, thereby providing a form of mediated access to
200 the target resource.
202 A redirect reference is a resource with properties but no body of its
203 own. Properties of a redirect reference resource can contain such
204 information as who created the reference, when, and why. Since
205 redirect reference resources are implemented using HTTP 302
206 responses, it generally takes two round trips to submit a request to
207 the intended resource. Servers are not required to enforce the
208 integrity of redirect references. Redirect references work equally
209 well for local resources and for resources that reside on a different
210 server from the reference.
212 The remainder of this document is structured as follows: Section 3
213 defines terms that will be used throughout the specification.
214 Section 4 provides an overview of redirect reference resources.
215 Section 5 discusses how to create a redirect reference resource.
216 Section 6 defines the semantics of existing methods when applied to
217 redirect reference resources, and Section 7 discusses their semantics
218 when applied to collections that contain redirect reference
219 resources. Sections 8 through 10 discuss several other issues raised
220 by the existence of redirect reference resources. Sections 11
221 through 14 define the new headers, properties, and XML elements
222 required to support redirect reference resources. Section 15
223 discusses capability discovery. Sections 16 through 18 present the
224 security, internationalization, and IANA concerns raised by this
225 specification. The remaining sections provide a variety of supporting
226 information.
228 2. Notational Conventions
230 Since this document describes a set of extensions to the WebDAV
231 Distributed Authoring Protocol [RFC2518], itself an extension to the
232 HTTP/1.1 protocol, the augmented BNF used here to describe protocol
233 elements is exactly the same as described in Section 2.1 of
234 [RFC2616]. Since this augmented BNF uses the basic production rules
235 provided in Section 2.2 of [RFC2616], these rules apply to this
236 document as well.
238 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
239 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
240 document are to be interpreted as described in [RFC2119].
242 3. Terminology
244 The terminology used here follows and extends that in the WebDAV
245 Distributed Authoring Protocol specification [RFC2518]. Definitions
246 of the terms resource, Uniform Resource Identifier (URI), and Uniform
247 Resource Locator (URL) are provided in [RFC2396].
249 Redirect Reference Resource
251 A resource created to redirect all requests made to it, using 302
252 (Found), to a defined target resource.
254 Non-Reference Resource
256 A resource that is not a reference to another resource.
258 Target Resource
260 The resource to which requests are forwarded by a reference
261 resource. A target resource can be anything that can be identified
262 by an absolute URI (see [RFC2396], "absoluteURI").
264 4. Overview of Redirect Reference Resources
266 For all operations submitted to a redirect reference resource, the
267 default response is a 302 (Found), accompanied by the Redirect-Ref
268 header (defined in Section 11.1 below) and the Location header set to
269 the URI of the target resource. With this information, the client
270 can resubmit the request to the URI of the target resource.
272 A redirect reference resource never automatically forwards requests
273 to its target resource. Redirect resources bring the same benefits as
274 links in HTML documents. They can be created and maintained without
275 the involvement or even knowledge of their target resource. This
276 reduces the cost of linking between resources."
278 If the client is aware that it is operating on a redirect reference
279 resource, it can resolve the reference by retrieving the reference
280 resource's DAV:reftarget property (defined in Section 12.1 below),
281 whose value contains the URI of the target resource. It can then
282 submit requests to the target resource.
284 A redirect reference resource is a new type of resource. To
285 distinguish redirect reference resources from non-reference
286 resources, a new value of the DAV:resourcetype property (defined in
287 [RFC2518]), DAV:redirectref, is defined in Section 13.1 below.
289 Since a redirect reference resource is a resource, methods can be
290 applied to the reference resource as well as to its target resource.
291 The Apply-To-Redirect-Ref request header (defined in Section 11.2
292 below) is provided so that referencing-aware clients can control
293 whether an operation is applied to the redirect reference resource or
294 to its target resource. The Apply-To-Redirect-Ref header can be used
295 with most requests to redirect reference resources. This header is
296 particularly useful with PROPFIND, to retrieve the reference
297 resource's own properties.
299 5. Creating a Redirect Reference Resource
301 The new MKRESOURCE method is used to create new redirect reference
302 resources. In order to create a redirect reference resource using
303 MKRESOURCE, the values of two properties must be set in the body of
304 the MKRESOURCE request. The value of DAV:resourcetype MUST be set to
305 DAV:redirectref, a new value of DAV:resourcetype defined in Section
306 13.1. The value of DAV:reftarget MUST be set to the URI of the target
307 resource.
309 Used in this way, the MKRESOURCE method creates a redirect reference
310 resource whose target is identified by the DAV:reftarget property.
312 5.1 MKRESOURCE
314 The MKRESOURCE method requests the creation of a redirect reference
315 resource and initialization of its properties in one atomic
316 operation.
318 Preconditions:
320 A resource MUST NOT exist at the Request-URI.
322 Request Marshalling:
324 The location of the new resource to be created is specified by the
325 Request-URI.
327 The request body of the MKRESOURCE method MUST consist of the
328 DAV:propertyupdate XML element defined in Section 12.13 of
329 [RFC2518], specifying a DAV:resourcetype of "DAV:redirectref".
331 Postconditions:
333 If the response status code is 201, a new resource exists at the
334 Request-URI.
336 The properties of the new resource are as specified by the
337 DAV:propertyupdate request body, using PROPPATCH semantics.
339 If the response status code is not 201, then a new resource is not
340 created at the Request-URI, and any existing resource at the
341 Request-URI is unaffected.
343 Response Marshalling:
345 Responses from a MKRESOURCE request MUST NOT be cached, as
346 MKRESOURCE has non-idempotent semantics.
348 The following status codes can be expected in responses to
349 MKRESOURCE:
351 201 (Created): The new resource was successfully created.
353 403 (Forbidden): The server does not allow the creation of the
354 requested resource type at the requested location, or the parent
355 collection of the Request-URI exists but cannot accept members.
357 409 (Conflict): A resource cannot be created at the Request-URI
358 because the parent collection for the resource does not exist, or
359 because there is already a resource at that request-URL.
361 423 (Locked): The Request-URI is locked, and the lock token was
362 not passed with the request.
364 507 (Insufficient Storage): The server does not have sufficient
365 space to record the state of the resource.
367 5.2 Example: Creating a Redirect Reference Resource with MKRESOURCE
369 >> Request:
371 MKRESOURCE /~whitehead/dav/spec08.ref HTTP/1.1
372 Host: www.ics.uci.edu
373 Content-Type: text/xml; charset="utf-8"
374 Content-Length: xxx
376
377
378
379
380
381
382 /i-d/draft-webdav-protocol-08.txt
383
384
385
386
388 >> Response:
390 HTTP/1.1 201 Created
392 This request resulted in the creation of a new redirect reference
393 resource at www.ics.uci.edu/~whitehead/dav/spec08.ref, which points
394 to the resource identified by the DAV:reftarget property. In this
395 example, the target resource is identified by the URI http://
396 www.ics.uci.edu/i-d/draft-webdav-protocol-08.txt. The redirect
397 reference resource's DAV:resourcetype property is set to
398 DAV:redirectref.
400 6. Operations on Redirect Reference Resources
402 Although non-referencing-aware clients cannot create reference
403 resources, they should be able to submit requests through the
404 reference resources created by reference-aware WebDAV clients. They
405 should be able to follow any references to their targets. To make
406 this possible, a server that receives any request made via a redirect
407 reference resource MUST return a 302 (Found) status code, unless the
408 request includes an Apply-To-Redirect-Ref header specifying "T". The
409 client and server MUST follow [RFC2616] Section 10.3.3 "302 Found",
410 but with these additional rules:
412 o The Location response header MUST contain an absolute URI that
413 identifies the target of the reference resource.
415 o The response MUST include the Redirect-Ref header. This header
416 allows reference-aware WebDAV clients to recognize the resource as
417 a reference resource and understand the reason for the
418 redirection.
420 A reference-aware WebDAV client can act on this response in one of
421 two ways. It can, like a non-referencing client, resubmit the
422 request to the URI in the Location header in order to operate on the
423 target resource. Alternatively, it can resubmit the request to the
424 URI of the redirect reference resource with the
425 "Apply-To-Redirect-Ref: T" header in order to operate on the
426 reference resource itself. In this case, the request MUST be applied
427 to the reference resource itself, and a 302 response MUST NOT be
428 returned.
430 A reference-aware client may know before submitting its request that
431 the Request-URI identifies a redirect reference resource. In this
432 case, if the client wants to apply the method to the reference
433 resource, it can save the round trip caused by the 302 response by
434 using an Apply-To-Redirect-Ref header in its initial request to the
435 URI.
437 As redirect references do not have bodies, GET and PUT requests with
438 "Apply-To-Redirect-Ref: T" MUST fail with status 403 (forbidden).
440 7. Operations on Collections That Contain Redirect Reference Resources
442 Consistent with the rules in Section 6, the response for each
443 redirect reference encountered while processing a collection MUST be
444 a 302 (Found) unless a "Apply-To-Redirect-Ref: T" header is included
445 with the request. The overall response will therefore be a 207
446 (Multi-Status). Since a Location header and Redirect-Ref header
447 cannot be returned for each redirect reference encountered, the same
448 information is provided using properties in the response elements for
449 those resources. The DAV:location pseudo-property and the
450 DAV:resourcetype property MUST be included with the 302 status code.
451 This necessitates an extension to the syntax of the DAV:response
452 element that was defined in [RFC2518]. The extension is defined in
453 Section 14 below.
455 It is recommended that future editors of [RFC2518] define the
456 DAV:location pseudo-property in [RFC2518], so that non-referencing
457 clients will also be able to use the response to operate on the
458 target resource. (This will also enable clients to operate on
459 traditional HTTP/1.1 302 responses in Multi-Status responses.) Until
460 then, non-referencing clients will not be able to process 302
461 responses from redirect reference resources encountered while
462 processing a collection.
464 The Apply-To-Redirect-Ref header (defined in Section 11.2) MAY be
465 used with any request on a collection. If present, it will be
466 applied to all redirect reference resources encountered while
467 processing the collection.
469 7.1 MOVE and DELETE on Collections That Contain Redirect References
471 DELETE removes the binding that corresponds to the Request-URI. MOVE
472 removes that binding and creates a new binding to the same resource.
473 In cases where DELETE and MOVE are applied to a collection, these
474 operations affect all the descendents of the collection, but they do
475 so indirectly. There is no need to visit each descendent in order to
476 process the request. Consequently, even if there are redirect
477 reference resources in a tree that is being deleted or moved, there
478 will be no 302 responses from the redirect reference resources.
480 7.2 LOCK on a Collection That Contains Redirect References
482 LOCK poses special problems because it is atomic. An attempt to lock
483 (with Depth: infinity) a collection that contains redirect references
484 will always fail. The Multi-Status response will contain a 302
485 response for each redirect reference.
487 Reference-aware clients can lock the collection by using
488 Apply-To-Redirect-Ref, and, if desired, lock the targets of the
489 redirect references individually.
491 Non-referencing clients must resort to locking each resource
492 individually.
494 7.3 Example: PROPFIND on a Collection with Redirect Reference Resources
496 Suppose a PROPFIND request with Depth: infinity is submitted to the
497 following collection, with the members shown here:
499 http://www.svr.com/MyCollection/
500 (non-reference resource) diary.html
501 (redirect reference resource) nunavut
503 >> Request:
505 PROPFIND /MyCollection/ HTTP/1.1
506 Host: www.svr.com
507 Depth: infinity
508 Content-Type: text/xml
509 Content-Length: xxxx
511
512
513
514
515
516
517
519 >> Response:
521 HTTP/1.1 207 Multi-Status
522 Content-Type: text/xml
523 Content-Length: xxxx
525
526
527
528 http://www.svr.com/MyCollection/
529
530
531
532 diary, interests, hobbies
533
534 HTTP/1.1 200 OK
535
537
538
539 http://www.svr.com/MyCollection/diary.html
540
541
542
543 diary, travel, family, history
544
545 HTTP/1.1 200 OK
546
547
548
549 http://www.svr.com/MyCollection/nunavut
550 HTTP/1.1 302 Found
551
552
553 http://www.inac.gc.ca/art/inuit/
554
555
556
557
558
560 In this example the Depth header is set to infinity, and the
561 Apply-To-Redirect-Ref header is not used. The collection contains
562 one URI that identifies a redirect reference resource. The response
563 element for the redirect reference resource has a status of 302
564 (Found), and includes a DAV:prop element with the DAV:location
565 pseudo-property and the DAV:resourcetype property to allow clients to
566 retrieve the properties of its target resource. (The response
567 element for the redirect reference resource does not include the
568 requested properties. The client can submit another PROPFIND request
569 to the URI in the DAV:location pseudo-property to retrieve those
570 properties.)
572 7.4 Example: PROPFIND with Apply-To-Redirect-Ref on a Collection with
573 Redirect Reference Resources
575 Suppose a PROPFIND request with "Apply-To-Redirect-Ref: T" and Depth:
576 infinity is submitted to the following collection, with the members
577 shown here:
579 /MyCollection/
580 (non-reference resource) diary.html
581 (redirect reference resource) nunavut
583 >> Request:
585 PROPFIND /MyCollection/ HTTP/1.1
586 Host: example.com
587 Depth: infinity
588 Apply-To-Redirect-Ref: T
589 Content-Type: text/xml
590 Content-Length: xxxx
592
593
594
595
596
597
598
600 >> Response:
602 HTTP/1.1 207 Multi-Status
603 Content-Type: text/xml
604 Content-Length: xxxx
606
607
608
609 /MyCollection/
610
611
612
613
614 HTTP/1.1 200 OK
615
616
617
618 HTTP/1.1 404 Not Found
619
620
621
622 /MyCollection/diary.html
623
624
625
626
627 HTTP/1.1 200 OK
628
629
630
631 HTTP/1.1 404 Not Found
632
633
634
635 /MyCollection/nunavut
636
637
638
639
640 http://www.inac.gc.ca/art/inuit/
641
642
643 HTTP/1.1 200 OK
644
645
646
648 Since the "Apply-To-Redirect-Ref: T" header is present, the response
649 shows the properties of the redirect reference resource in the
650 collection rather than reporting a 302 status.
652 7.5 Example: COPY on a Collection That Contains a Redirect Reference
653 Resource
655 Suppose a COPY request is submitted to the following collection, with
656 the members shown:
658 /MyCollection/
659 (non-reference resource) diary.html
660 (redirect reference resource) nunavut with target
661 /Someplace/nunavut.map
663 >> Request:
665 COPY /MyCollection/ HTTP/1.1
666 Host: www.svr.com
667 Depth: infinity
668 Destination: http://www.svr.com/OtherCollection/
669 >> Response:
671 HTTP/1.1 207 Multi-Status
672 Content-Type: text/xml; charset="utf-8"
673 Content-Length: xxx
675
676
677
678 http://www.svr.com/MyCollection/nunavut
679 HTTP/1.1 302 Found
680
681
682 http://www.svr.com//Someplace/nunavut.map
683
684
685
686
687
689 In this case, since /MyCollection/nunavut is a redirect reference
690 resource, the COPY operation was only a partial success. The
691 redirect reference resource was not copied, but a 302 response was
692 returned for it. So the resulting collection is as follows:
694 /OtherCollection/
695 (non-reference resource) diary.html
697 7.6 Example: LOCK on a Collection That Contains a Redirect Reference
698 Resource
700 Suppose a LOCK request is submitted to the following collection, with
701 the members shown:
703 /MyCollection/
704 (non-reference resource) diary.html
705 (redirect reference resource) nunavut
707 >> Request:
709 LOCK /MyCollection/ HTTP/1.1
710 Host: www.svr.com
711 Content-Type: text/xml
712 Content-Length: nnnn
713 Authorizaton: Digest username="jas",
714 realm=jas@webdav.sb.aol.com, nonce=". . . ",
715 uri="/MyCollection/tuva",
716 response=". . . ", opaque=". . . "
718
719
720
721
722
723 http://www.svr.com/~jas/contact.html
724
725
726 >> Response:
728 HTTP/1.1 207 Multi-Status
729 Content-Type: text/xml
730 Content-Length: nnnn
732
733
734
735 http://www.svr.com/MyCollection/
736
737
738 HTTP/1.1 424 Failed Dependency
739
740
741
742 http://www.svr.com/MyCollection/diary.html
743 HTTP/1.1 424 Failed Dependency
744
745
746 http://www.svr.com/MyCollection/nunavut
747 HTTP/1.1 302 Found
748
749
750 http://www.inac.gc.ca/art/inuit/
751
752
753
754
755
757 The server returns a 302 response code for the redirect reference
758 resource in the collection. Consequently, neither the collection nor
759 any of the resources identified by its internal member URIs were
760 locked. A referencing-aware client can submit a separate LOCK request
761 to the URI in the DAV:location pseudo-property returned for the
762 redirect reference resource, and can resubmit the LOCK request with
763 the Apply-To-Redirect-Ref header to the collection. At that point
764 both the reference resource and its target resource will be locked
765 (as well as the collection and all the resources identified by its
766 other members).
768 8. Operations on Targets of Redirect Reference Resources
770 Operations on targets of redirect reference resources have no effect
771 on the reference resource.
773 9. Relative URIs in DAV:reftarget
775 The URI in the href in a DAV:reftarget property MAY be a relative
776 URI. In this case, the base URI to be used for resolving the relative
777 URI to absolute form is the URI used in the HTTP message to identify
778 the redirect reference resource to which the DAV:reftarget property
779 belongs.
781 When DAV:reftarget appears in the context of a Multi-Status response,
782 it is in a DAV:response element that contains a single DAV:href
783 element. The value of this DAV:href element serves as the base URI
784 for resolving a relative URI in DAV:reftarget. The value of DAV:href
785 may itself be relative, in which case it must be resolved first in
786 order to serve as the base URI for the relative URI in DAV:reftarget.
787 If the DAV:href element is relative, its base URI is constructed from
788 the scheme component "http", the value of the Host header in the
789 request, and the request-URI.
791 9.1 Example: Resolving a Relative URI in a Multi-Status Response
793 >> Request:
795 PROPFIND /geog/ HTTP/1.1
796 Host: example.com
797 Apply-To-Redirect-Ref: T
798 Depth: 1
799 Content-Type: text/xml
800 Content-Length: nnn
802
803
804
805
806
807
808
809 >> Response:
811 HTTP/1.1 207 Multi-Status
812 Content-Type: text/xml
813 Content-Length: nnn
815
816
817
818 /geog/
819
820
821
822
823 HTTP/1.1 200 OK
824
825
826
827 HTTP/1.1 404 Not Found
828
829
830
831 /geog/stats.html
832
833
834
835
836 statistics/population/1997.html
837
838
839 HTTP/1.1 200 OK
840
841
842
844 In this example, the relative URI statistics/population/1997.html is
845 returned as the value of reftarget for the reference resource
846 identified by href /geog/stats.html. The href is itself a relative
847 URI, which resolves to http://example.com/geog/stats.html. This is
848 the base URI for resolving the relative URI in reftarget. The
849 absolute URI of reftarget is http://example.com/geog/statistics/
850 population/1997.html.
852 10. Redirect References to Collections
854 In a Request-URI /segment1/segment2/segment3, any of the three
855 segments may identify a redirect reference resource. (See [RFC2396],
856 Section 3.3, for definitions of "path" and "segment".) If any
857 segment in a Request- URI identifies a redirect reference resource,
858 the response is a 302. The value of the Location header in the 302
859 response is as follows:
861 The leftmost path segment of the request-URI that identifies a
862 redirect reference resource, together with all path segments and
863 separators to the left of it, is replaced by the value of the
864 redirect reference resource's DAV:reftarget property (resolved to an
865 absolute URI). The remainder of the request-URI is concatenated to
866 this path.
868 Note: If the DAV:reftarget property ends with a "/" and the remainder
869 of the Request-URI is non-empty (and therefore must begin with a "/
870 "), the final "/" in the DAV:reftarget property is dropped before the
871 remainder of the Request-URI is appended.
873 Consider Request-URI /x/y/z.html. Suppose that /x/ is a redirect
874 reference resource whose target resource is collection /a/, which
875 contains redirect reference resource y whose target resource is
876 collection /b/, which contains redirect reference resource z.html
877 whose target resource is /c/d.html.
879 /x/y/z.html
880 |
881 | /x -> /a
882 |
883 v
884 /a/y/z.html
885 |
886 | /a/y -> /b
887 |
888 v
889 /b/z.html
890 |
891 | /b/z.html -> /c/d.html
892 |
893 v
894 /c/d.html
896 In this case the client must follow up three separate 302 responses
897 before finally reaching the target resource. The server responds to
898 the initial request with a 302 with Location: /a/y/z.html, and the
899 client resubmits the request to /a/y/z.html. The server responds to
900 this request with a 302 with Location: /b/z.html, and the client
901 resubmits the request to /b/z.html. The server responds to this
902 request with a 302 with Location: /c/d.html, and the client resubmits
903 the request to /c/d.html. This final request succeeds.
905 11. Headers
907 11.1 Redirect-Ref Response Header
909 Redirect-Ref = "Redirect-Ref:" (absoluteURI | relativeURI)
910 ; see sections 3 and 5 of [RFC2396]
912 The Redirect-Ref header is used in all 302 responses from redirect
913 reference resources. The value is the (possibly relative) URI of the
914 link target as specified during redirect reference resource creation.
916 11.2 Apply-To-Redirect-Ref Request Header
918 Apply-To-Redirect-Ref = "Apply-To-Redirect-Ref" ":" ("T" | "F")
920 The optional Apply-To-Redirect-Ref header can be used on any request
921 to a redirect reference resource. When it is present and set to "T",
922 the request MUST be applied to the reference resource itself, and a
923 302 response MUST NOT be returned.
925 If the Apply-To-Redirect-Ref header is used on a request to any other
926 sort of resource besides a redirect reference resource, the server
927 MUST ignore it.
929 12. Properties
931 12.1 reftarget Property
933 Name: reftarget
935 Namespace: DAV:
937 Purpose: A property of redirect reference resources that provides an
938 efficient way for clients to discover the URI of the target
939 resource. This is a read-only property after its initial
940 creation. Its value can only be set in a MKRESOURCE request.
942 Value: href containing the URI of the target resource. This value
943 MAY be a relative URI. The reftarget property can occur in the
944 entity bodies of MKRESOURCE requests and of responses to PROPFIND
945 requests.
947
949 12.2 location Pseudo-Property
951 Name: location
953 Namespace: DAV:
955 Purpose: For use with 302 (Found) response codes in Multi-Status
956 responses. It contains the absolute URI of the temporary location
957 of the resource. In the context of redirect reference resources,
958 this value is the absolute URI of the target resource. It is
959 analogous to the Location header in HTTP 302 responses defined in
960 [RFC2616] Section 10.3.3 "302 Found." Including the location
961 pseudo-property in a Multi-Status response requires an extension
962 to the syntax of the DAV:response element defined in [RFC2518],
963 which is defined in Section 14 below. This pseudo-property is not
964 expected to be stored on the reference resource. It is modeled as
965 a property only so that it can be returned inside a DAV:prop
966 element in a Multi-Status response.
968 Value: href containing the absolute URI of the target resource.
970
972 13. XML Elements
974 13.1 redirectref XML Element
976 Name: redirectref
978 Namespace: DAV:
980 Purpose: Used as the value of the DAV:resourcetype property to
981 specify that the resource type is a redirect reference resource.
983
985 14. Extensions to the DAV:response XML Element for Multi-Status
986 Responses
988 As described in Section 7, the DAV:location pseudo-property and the
989 DAV:resourcetype property may be returned in the DAV:response element
990 of a 207 Multi-Status response, to allow clients to resubmit their
991 requests to the target resource of a redirect reference resource.
993 Whenever these properties are included in a Multi-Status response,
994 they are placed in a DAV:prop element associated with the href to
995 which they apply. This structure provides a framework for future
996 extensions by other standards that may need to include additional
997 properties in their responses.
999 Consequently, the definition of the DAV:response XML element changes
1000 to the following:
1002
1005 15. Capability Discovery
1007 Sections 9.1 and 15 of [RFC2518] describe the use of compliance
1008 classes with the DAV header in responses to OPTIONS, to indicate
1009 which parts of the WebDAV Distributed Authoring protocols the
1010 resource supports. This specification defines an OPTIONAL extension
1011 to [RFC2518]. It defines a new compliance class, called
1012 redirectrefs, for use with the DAV header in responses to OPTIONS
1013 requests. If a resource does support redirect references, its
1014 response to an OPTIONS request may indicate that it does, by listing
1015 the new redirectrefs compliance class in the DAV header and by
1016 listing the MKRESOURCE method as one it supports.
1018 When responding to an OPTIONS request, any type of resource can
1019 include redirectrefs in the value of the DAV header. Doing so
1020 indicates that the server permits a redirect reference resource at
1021 the request URI.
1023 15.1 Example: Discovery of Support for Redirect Reference Resources
1025 >> Request:
1027 OPTIONS /somecollection/someresource HTTP/1.1
1028 Host: example.org
1030 >> Response:
1032 HTTP/1.1 200 OK
1033 Allow: OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, COPY, MOVE
1034 Allow: MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, MKRESOURCE
1035 DAV: 1, 2, redirectrefs
1037 The DAV header in the response indicates that the resource /
1038 somecollection/someresource is level 1 and level 2 compliant, as
1039 defined in [RFC2518]. In addition, /somecollection/someresource
1040 supports redirect reference resources. The Allow header indicates
1041 that MKRESOURCE requests can be submitted to /somecollection/
1042 someresource.
1044 16. Security Considerations
1046 This section is provided to make applications that implement this
1047 protocol aware of the security implications of this protocol.
1049 All of the security considerations of HTTP/1.1 and the WebDAV
1050 Distributed Authoring Protocol specification also apply to this
1051 protocol specification. In addition, redirect reference resources
1052 introduce several new security concerns and increase the risk of some
1053 existing threats. These issues are detailed below.
1055 16.1 Privacy Concerns
1057 By creating redirect reference resources on a trusted server, it is
1058 possible for a hostile agent to induce users to send private
1059 information to a target on a different server. This risk is
1060 mitigated somewhat, since clients are required to notify the user of
1061 the redirection for any request other than GET or HEAD. (See
1062 [RFC2616], Section 10.3.3 302 Found.)
1064 16.2 Redirect Loops
1066 Although redirect loops were already possible in HTTP 1.1, the
1067 introduction of the MKRESOURCE method creates a new avenue for
1068 clients to create loops accidentally or maliciously. If the
1069 reference resource and its target are on the same server, the server
1070 may be able to detect MKRESOURCE requests that would create loops.
1071 See also [RFC2616], Section 10.3 "Redirection 3xx."
1073 16.3 Redirect Reference Resources and Denial of Service
1075 Denial of service attacks were already possible by posting URLs that
1076 were intended for limited use at heavily used Web sites. The
1077 introduction of MKRESOURCE creates a new avenue for similar denial of
1078 service attacks. Clients can now create redirect reference resources
1079 at heavily used sites to target locations that were not designed for
1080 heavy usage.
1082 16.4 Revealing Private Locations
1084 There are several ways that redirect reference resources may reveal
1085 information about collection structures. First, the DAV:reftarget
1086 property of every redirect reference resource contains the URI of the
1087 target resource. Anyone who has access to the reference resource can
1088 discover the collection path that leads to the target resource. The
1089 owner of the target resource may have wanted to limit knowledge of
1090 this collection structure.
1092 Sufficiently powerful access control mechanisms can control this risk
1093 to some extent. Property-level access control could prevent users
1094 from examining the DAV:reftarget property. (The Location header
1095 returned in responses to requests on redirect reference resources
1096 reveals the same information, however.)
1098 This risk is no greater than the similar risk posed by HTML links.
1100 17. Internationalization Considerations
1102 This specification follows the practices of [RFC2518] in encoding all
1103 human-readable content using XML [XML] and in the treatment of names.
1104 Consequently, this specification complies with the IETF Character Set
1105 Policy [RFC2277].
1107 WebDAV applications MUST support the character set tagging, character
1108 set encoding, and the language tagging functionality of the XML
1109 specification. This constraint ensures that the human-readable
1110 content of this specification complies with [RFC2277].
1112 As in [RFC2518], names in this specification fall into three
1113 categories: names of protocol elements such as methods and headers,
1114 names of XML elements, and names of properties. Naming of protocol
1115 elements follows the precedent of HTTP, using English names encoded
1116 in USASCII for methods and headers. The names of XML elements used
1117 in this specification are English names encoded in UTF-8.
1119 For error reporting, [RFC2518] follows the convention of HTTP/1.1
1120 status codes, including with each status code a short, English
1121 description of the code (e.g., 423 Locked). Internationalized
1122 applications will ignore this message, and display an appropriate
1123 message in the user's language and character set.
1125 This specification introduces no new strings that are displayed to
1126 users as part of normal, error-free operation of the protocol.
1128 For rationales for these decisions and advice for application
1129 implementors, see [RFC2518].
1131 18. IANA Considerations
1133 All IANA considerations mentioned in [RFC2518] also apply to this
1134 document.
1136 19. Contributors
1138 Many thanks to Jason Crawford, Jim Davis, Chuck Fay and Judith Slein
1139 who can take credit for big parts of the original design of this
1140 specification.
1142 20. Acknowledgements
1144 This document has benefited from thoughtful discussion by Jim Amsden,
1145 Peter Carlson, Steve Carter, Tyson Chihaya, Ken Coar, Ellis Cohen,
1146 Bruce Cragun, Spencer Dawkins, Mark Day, Rajiv Dulepet, David Durand,
1147 Roy Fielding, Yaron Goland, Fred Hitt, Alex Hopmann, James Hunt,
1148 Marcus Jager, Chris Kaler, Manoj Kasichainula, Rohit Khare, Daniel
1149 LaLiberte, Steve Martin, Larry Masinter, Jeff McAffer, Joe Orton,
1150 Surendra Koduru Reddy, Juergen Reuter, Max Rible, Sam Ruby, Bradley
1151 Sergeant, Nick Shelness, John Stracke, John Tigue, John Turner, Kevin
1152 Wiggen, and others.
1154 Normative References
1156 [RFC2277] Alvestrand, H., "IETF Policy on Character Sets and
1157 Languages", BCP 18, RFC 2277, January 1998.
1159 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
1160 Requirement Levels", BCP 14, RFC 2119, March 1997.
1162 [RFC2396] Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform
1163 Resource Identifiers (URI): Generic Syntax", RFC 2396,
1164 August 1998.
1166 [RFC2518] Goland, Y., Whitehead, E., Faizi, A., Carter, S. and D.
1167 Jensen, "HTTP Extensions for Distributed Authoring --
1168 WEBDAV", RFC 2518, February 1999.
1170 [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
1171 Masinter, L., Leach, P. and T. Berners-Lee, "Hypertext
1172 Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
1174 [XML] Bray, T., Paoli, J., Sperberg-McQueen, C. and E. Maler,
1175 "Extensible Markup Language (XML) 1.0 (2nd ed)", W3C
1176 REC-xml, October 2000, .
1179 [1]
1181 [2]
1183 [3]
1186 [4]
1189 [5]
1192 [6]
1195 [7]
1198 [8]
1201 [9]
1204 [10]
1207 [11]
1210 [12]
1213 [13]
1216 [14]
1219 [15]
1222 [16]
1225 [17]
1228 [18]
1231 [19]
1234 [20]
1237 [21]
1240 [22]
1243 [23]
1246 [24]
1249 [25]
1252 [26]
1255 [27]
1258 [28]
1261 [29]
1264 [30]
1267 Authors' Addresses
1269 Jim Whitehead
1270 UC Santa Cruz, Dept. of Computer Science
1271 1156 High Street
1272 Santa Cruz, CA 95064
1273 US
1275 EMail: ejw@cse.ucsc.edu
1277 Geoff Clemm
1278 IBM
1279 20 Maguire Road
1280 Lexington, MA 02421
1281 US
1283 EMail: geoffrey.clemm@us.ibm.com
1285 Julian F. Reschke (editor)
1286 greenbytes GmbH
1287 Salzmannstrasse 152
1288 Muenster, NW 48159
1289 Germany
1291 Phone: +49 251 2807760
1292 Fax: +49 251 2807761
1293 EMail: julian.reschke@greenbytes.de
1294 URI: http://greenbytes.de/tech/webdav/
1296 Appendix A. Changes to the WebDAV Document Type Definition
1298
1299
1300 Property Elements from Section 12 -->
1301
1302
1303
1304
1307 Appendix B. Change Log (to be removed by RFC Editor before publication)
1309 B.1 Since draft-ietf-webdav-redirectref-protocol-02
1311 Julian Reschke takes editorial role (added to authors list). Cleanup
1312 XML indentation. Start adding all unresolved last call issues. Update
1313 some author's contact information. Update references, split into
1314 "normative" and "informational". Remove non-RFC2616 headers
1315 ("Public") from examples. Fixed width problems in artwork. Start
1316 resolving editorial issues.
1318 B.2 Since draft-ietf-webdav-redirectref-protocol-03
1320 Added Joe Orton and Juergen Reuter to Acknowledgements section. Close
1321 more editorial issues. Remove dependencies on BIND spec.
1323 B.3 Since draft-ietf-webdav-redirectref-protocol-04
1325 More editorial fixes. Clarify that MKRESOURCE can only be used to
1326 create redirect references (switch to new method in a future draft).
1327 Clarify that redirect references do not have bodies.
1329 B.4 Since draft-ietf-webdav-redirectref-protocol-05
1331 Close (accept) issue "lc-79-accesscontrol". Add issue
1332 "rfc2606-compliance". Close issues "lc-50-blindredirect",
1333 "lc-71-relative", "lc-74-terminology". Update contact info for Geoff
1334 Clemm. Moved some of the original authors names to new Contributors
1335 section. Add and close issue "9-MKRESOURCE-vs-relative-URI". Close
1336 issue "lc-72-trailingslash". Close issue "lc-60-ex". Update issue
1337 "lc-85-301" with proposal. Close issue "lc-06-reftarget-relative"
1338 (9-MKRESOURCE-vs-relative-URI was a duplicate of this one). Also
1339 remove section 9.1 (example for MKRESOURCE vs relative URIs). Add
1340 and resolve issue "11.2-apply-to-redirect-ref-syntax" (header now has
1341 values "T" and "F"). Also some cleanup for "rfc2606-compliance".
1342 Typo fixes. Add and resolve "15.1-options-response".
1344 Appendix C. Resolved issues (to be removed by RFC Editor before
1345 publication)
1347 Issues that were either rejected or resolved in this version of this
1348 document.
1350 C.1 lc-60-ex
1352 Type: change
1354 [3]
1356 reuterj@ira.uka.de (2000-02-14): Section 7, para 3: Make it clear
1357 that these are just examples of client behavior, and are not meant to
1358 limit the client's behavior to these options.
1360 Resolution (2003-10-13): Agreed to delete this paragraph. Continue
1361 discussion of what information should be returned with 302 in
1362 multistatus. Just location? Also redirectref? Update: ret gid of
1363 pseudo-property and special response format, define new response
1364 element instead. See ossue lc-61-pseudo.
1366 C.2 lc-06-reftarget-relative
1368 Type: change
1370 [4]
1372 joe@orton.demon.co.uk (2000-01-29): Why does the spec talk about
1373 relative URIs in DAV:reftarget in MKRESOURCE requests? Is the server
1374 required to resolve the relative URI and store it as absolute? Is the
1375 server required to keep DAV:reftarget pointing to the target resource
1376 as the reference / target move, or is DAV:reftarget a dead property?
1378 Resolution (2003-10-13): DAV:reftarget is readonly and present only
1379 on redirect references that are also WebDAV resources. Add a method
1380 for setting the target. Change definition of Redirect-Ref header so
1381 that it has the target as its value (comes back on all 302
1382 responses). Server MUST store the target exactly as it is set. It
1383 MUST NOT resolve relatives to absolutes and MUST NOT update if target
1384 resource moves. See also issue 17, 43, 50, 57
1386 C.3 lc-71-relative
1388 Type: change
1390 [5]
1391 reuterj@ira.uka.de (2000-02-14): Section 9: Base URI should be the
1392 Request-URI or href minus its final segment.
1394 Resolution (2003-10-08): Original WG comment: Fix this. However, this
1395 is just a misunderstanding. The process of resolving a relative URI
1396 against a hierarchical base URI already involves removal of the last
1397 path segment, so the draft is correct here.
1399 C.4 9-MKRESOURCE-vs-relative-URI
1401 Type: change
1403 julian.reschke@greenbytes.de (2003-10-08): Do not say anything about
1404 MKRESOURCE vs relative URIs. The server is supposed to store the
1405 relative URI, thus the issue of resolving the URI does only apply
1406 upon retrieval, not creation.
1408 C.5 lc-72-trailingslash
1410 Type: change
1412 [6]
1414 reuterj@ira.uka.de (2000-02-14): Section 10: Forbid DAV:reftarget
1415 from ending in "/"
1417 julian.reschke@greenbytes.de (): (last call WG response): Make the
1418 note warn about the possibility of two slashes in a row, recommend
1419 against ending target with a slash, since that could result in two
1420 slashes in a row.
1422 Resolution (2003-10-09): It seems that the rule in the 3rd paragraph
1423 already explains how to deal with this situation. No change.
1425 C.6 lc-50-blindredirect
1427 Type: change
1429 [7]
1431 yarong@Exchange.Microsoft.com (2000-02-11): Replace current language
1432 explaining the purpose of the Redirect-Ref header with language that
1433 simply states that it marks blind 302 responses from redirect
1434 resources. (Section 6.3, 11.1)
1436 Resolution (2003-10-02): Section 6.3 was removed in response to issue
1437 48. In 11.1, change the definition of the Redirect-Ref header to have
1438 the value of the target (relative URI) as its value. Then we don't
1439 need a method for retrieving the target's relative URI. Presence of
1440 the Redirect-Ref header lets the client know that the resource
1441 accepts Apply-To-RR header and the new method for updating target.
1442 Reject Yaron's suggested language, but make the above changes.
1444 C.7 lc-74-terminology
1446 Type: change
1448 [8]
1450 reuterj@ira.uka.de (2000-02-14): "plain HTTP/1.1 redirect" - find
1451 some good name for this an use it consistently
1453 Resolution (2003-10-02): Remove the whole sentence.
1455 C.8 11.2-apply-to-redirect-ref-syntax
1457 Type: change
1459 julian.reschke@greenbytes.de (2003-10-17): Many toolkits have
1460 problems sending empty HTTP headers (optimizing them away).
1462 Resolution (2003-10-17): Define values "T" and "F" (similar to WevDAV
1463 Overwrite header). This will also allow clients to express that they
1464 are aware of redirect extensions without also having to apply the
1465 request to the reference resource.
1467 C.9 15.1-options-response
1469 Type: change
1471 julian.reschke@greenbytes.de (2003-10-20): Fix OPTIONS response
1472 ("Public" header mentioned, "Allow" header value line break). Remove
1473 irrelevant response headers.
1475 Resolution (2003-10-20): Fix.
1477 C.10 lc-79-accesscontrol
1479 Type: change
1481 [9]
1483 reuterj@ira.uka.de (2000-02-22): Section 16.4: "In some environments,
1484 the owner of a resource might be able to use access control to
1485 prevent others from creating references to that resource." That would
1486 not be consistent with the concept of redirect references as weak
1487 links (e.g. think of moving a resource to a different locationo that
1488 is already the target of some redirection reference.
1490 Resolution (2003-10-02): Remove the statement.
1492 Appendix D. Open issues (to be removed by RFC Editor before publication)
1494 D.1 lc-85-301
1496 Type: change
1498 ejw@cse.ucsc.edu (2000-01-03): Support creation of other than 302
1499 redirects, especially 301.
1501 julian.reschke@greenbytes.de (2003-10-13): HTTP seems to distinguish
1502 the following use cases: (a) permanent redirect (301), (b) temporary
1503 redirect (302 or 307), (c) redirect to a GET location after POST
1504 (303) and (d) agent-driven negotiation (300). Among these, (a) and
1505 (b) seem to be well understood, so we should support both. (c)
1506 doesn't seem to be applicable. (d) may become interesting when user
1507 agents start supporting it, so the spec should be flexible enough to
1508 support a feature extension for that. For now I propose that the
1509 client is able to specify the redirection type as a resource type,
1510 such as "DAV:permanent-redirect-reference" and
1511 "DAV:temporary-redirect-reference". This spec would only define the
1512 behaviour for these two resource types and would allow future
1513 extensions using new resource types and suggested response codes.
1515 D.2 lc-38-not-hierarchical
1517 Type: change
1519 [10]
1521 yarong@Exchange.Microsoft.com (2000-02-11): Not Hierarchical: The
1522 first sentence of the second paragraph of the introduction of the
1523 redirect spec asserts that the URIs of WebDAV compliant resources
1524 match to collections. The WebDAV standard makes no such requirement.
1525 I therefore move that this sentence be stricken.
1527 Resolution: State the more general HTTP rationale first (alternative
1528 names for the same resource), then introduce the collection hierarchy
1529 rationale, which applies only if you are in a WebDAV-compliant space.
1531 D.3 lc-36-server
1533 Type: change
1535 [11]
1537 yarong@Exchange.Microsoft.com (2000-02-11): Servers: Replace "server"
1538 with "unrelated system" throughout.
1540 Resolution: Try replacing "server" with "host" in some contexts,
1541 rephrasing in passive voice in others. See also issue 40.
1543 D.4 lc-33-forwarding
1545 Type: change
1547 [12]
1549 yarong@Exchange.Microsoft.com (2000-02-11): Forwarding: Replace
1550 "forward" with "redirect" throughout.
1552 Resolution: Use "redirect" for the behavior redirect resources do
1553 exhibit. Use "forward" for the contrasting behavior (passing a method
1554 on to the target with no client action needed). Define these two
1555 terms. See also issue 40.
1557 D.5 lc-37-integrity
1559 Type: change
1561 [13]
1563 yarong@Exchange.Microsoft.com (2000-02-11): Integrity: Intro, para 7
1564 "Servers are not required to enforce the integrity of redirect
1565 references." Integrity is not defined. Replace with something
1566 clearer.
1568 Resolution: Rewrite to say that the server MUST NOT update the target
1569 See also issue 6.
1571 D.6 3-terminology-redirectref
1573 Type: change
1575 [14]
1577 julian.reschke@greenbytes.de (2003-07-27): Consider global rename of
1578 "redirect reference resource" to "redirect resource".
1580 D.7 lc-19-direct-ref
1582 Type: change
1584 [15]
1586 reuterj@ira.uka.de (2000-02-07): Section 4, para 5 and Section 6,
1587 para 3 discussions of the Apply-to-Redirect-Ref header make it sound
1588 as if we are specifying direct reference behavior.
1590 Resolution: Change these passages so that the contrast is between
1591 applying the method to the redirect reference and responding with a
1592 302.
1594 D.8 lc-41-no-webdav
1596 Type: change
1598 [16]
1600 yarong@Exchange.Microsoft.com (2000-02-11): Make redirect references
1601 independent of the rest of WebDAV. The creation method for redirect
1602 references shouldn't require an XML request body.
1604 Resolution: We will make redirect references independent of the rest
1605 of WebDAV. MKREF will not have an XML request body.
1607 D.9 lc-58-update
1609 Type: change
1611 [17]
1613 yarong@Exchange.Microsoft.com (2000-02-11): There needs to be a way
1614 to update the target of a redirect reference.
1616 Resolution: Agreed. See also issues 6, 43.
1618 D.10 lc-24-properties
1620 Type: change
1622 [18]
1624 reuterj@ira.uka.de (2000-02-07): Section 5.1: Replace the sentence
1625 "The properties of the new resource are as specified by the
1626 DAV:propertyupdate request body, using PROPPATCH semantics" with the
1627 following: "The MKRESOURCE request MAY contain a DAV:propertyupdate
1628 request body to initialize resource properties. Herein, the semantics
1629 is the same as when sending a MKRESOURCE request without a request
1630 body, followed by a PROPPATCH with the DAV:propertyupdate request
1631 body."
1633 Resolution: No longer relevant once we switch to MKREF with no
1634 request body.
1636 D.11 rfc2606-compliance
1638 Type: editor
1640 julian.reschke@greenbytes.de (2003-10-02): Ensure that examples use
1641 only sample domains as per RFC2606.
1643 D.12 lc-48-s6
1645 Type: change
1647 [19]
1649 yarong@Exchange.Microsoft.com (2000-02-11): Replace all of section 6
1650 with just this: A redirect resource, upon receiving a request without
1651 an Apply-To-Redirect-Ref header, MUST respond with a 302 (Found)
1652 response. The 302 (Found) response MUST include a location header
1653 identifying the target and a Redirect-Ref header. If a redirect
1654 resource receives a request with an Apply-To-Redirect-Ref header then
1655 the redirect reference resource MUST apply the method to itself
1656 rather than blindly returning a 302 (Found) response.
1658 Resolution: Keep a summary along the lines of Yaron's proposal (don't
1659 use the word "blindly"). Keep the bullets detailing the headers to be
1660 returned. Delete the rest, including the examples. See also issue 28,
1661 29, 30, 31, 32.
1663 D.13 lc-28-lang
1665 Type: edit
1667 [20]
1669 reuterj@ira.uka.de (2000-02-07): Section 6: Get rid of the sentence
1670 "A reference-aware WebDAV client can act on this response in one of
1671 two ways." A client can act on the response in any way it wants.
1673 Resolution: Agreed. See also issue 48.
1675 D.14 lc-29-lang
1677 Type: edit
1679 [21]
1681 reuterj@ira.uka.de (2000-02-07): Section 6, para 4: Obvious, doesn't
1682 need to be stated. Maybe note in an example.
1684 Resolution: Agreed. See also issue 48.
1686 D.15 lc-44-pseudo
1688 Type: change
1690 [22]
1692 yarong@Exchange.Microsoft.com (2000-02-11): Instead of adding an
1693 optional prop XML element to the response element in 207 responses,
1694 define a new location XML element and a new refresource XML element.
1696 Resolution: Agree to define new XML elements that are not
1697 pseudo-properties. Disagreement about whether refresource is needed.
1698 See issue 61.
1700 D.16 lc-61-pseudo
1702 Type: change
1704 [23]
1706 reuterj@ira.uka.de (2000-02-14): Section 7: It doesn't make sense to
1707 ask future editors of RFC 2518 to define DAV:location with the
1708 semantics it has here. RFC 2518 should provide the information in the
1709 Location header somehow in multistatus responses, but not by using
1710 properties.
1712 Resolution: Define an XML element for location that is not a
1713 pseudo-property. We'll keep the recommendation that RFC 2518 add this
1714 for 302 responses. See also issue 44.
1716 D.17 lc-62-oldclient
1718 Type: change
1720 [24]
1722 reuterj@ira.uka.de (2000-02-14): Section 7: It's too strong to claim
1723 that non-referencing clients can't process 302 responses occurring in
1724 Multi-Status responses. They just have an extra round trip for each
1725 302.
1727 Resolution: Remove last sentence of the paragraph that recommends
1728 changes to RFC 2518.
1730 D.18 lc-63-move
1732 Type: change
1734 [25]
1736 reuterj@ira.uka.de (2000-02-14): Section 7.1: Is MOVE atomic from the
1737 perspective of a client? Agrees that there should be no 302s for
1738 member redirect references, but finds the rationale dubious.
1740 Resolution: Remove 7.1. Reword 7.2 to avoid concerns with "poses
1741 special problems" and "due to atomicity".
1743 D.19 lc-57-noautoupdate
1745 Type: change
1747 [26]
1749 yarong@Exchange.Microsoft.com (2000-02-11): Add language to forbid
1750 servers from automatically updating redirect resources when their
1751 targets move.
1753 Resolution: Agreed. See also issue 6.
1755 D.20 lc-53-s10
1757 Type: change
1759 [27]
1761 yarong@Exchange.Microsoft.com (2000-02-11): The behavior described in
1762 this section would have a very serious impact on the efficiency of
1763 mapping Request-URIs to resources in HTTP request processing. Also
1764 specify another type of redirect resource that does not behave as in
1765 section 10, but instead would "expose the behavior we see today in
1766 various HTTP servers that allow their users to create 300 resources."
1767 Be sure we know what behavior will be if the redirect location is not
1768 an HTTP URL, but, say ftp.
1770 Resolution: We won't define 2 sorts of redirect references here.
1771 Servers SHOULD respond with 302 as described here, but if they can't
1772 do that, respond with 404 Not Found. (It's hard to modularize the
1773 behavior specified - it impacts processing Not Found cases of all
1774 methods, so you can't just add it to an HTTP server in a redirect ref
1775 module.)
1777 D.21 12.1-property-name
1779 Type: change
1781 julian.reschke@greenbytes.de (2003-10-06): Sync names for
1782 DAV:reftarget property and "Redirect-Ref" response headers.
1784 D.22 lc-76-location
1786 Type: change
1788 [28]
1790 reuterj@ira.uka.de (2000-02-22): 12.2: Make DAV:location a real
1791 (live) property, get rid of the DAV:reftarget property
1793 D.23 lc-80-i18n
1795 Type: change
1797 [29]
1799 reuterj@ira.uka.de (2000-02-22): Section 17: Could get rid of a lot
1800 of this section, since this protocol extends WebDAV. Just reference
1801 [WebDAV].
1803 julian.reschke@greenbytes.de (2003-10-02): True, but I note that
1804 other specs have re-stated these considerations as well. Opinions?
1806 D.24 lc-55-iana
1808 Type: change
1810 [30]
1812 yarong@Exchange.Microsoft.com (2000-02-11): Expand the IANA section
1813 to list all methods, headers, XML elements, MIME types, URL schemes,
1814 etc., defined by the spec.
1816 Resolution: Agreed.
1818 Intellectual Property Statement
1820 The IETF takes no position regarding the validity or scope of any
1821 intellectual property or other rights that might be claimed to
1822 pertain to the implementation or use of the technology described in
1823 this document or the extent to which any license under such rights
1824 might or might not be available; neither does it represent that it
1825 has made any effort to identify any such rights. Information on the
1826 IETF's procedures with respect to rights in standards-track and
1827 standards-related documentation can be found in BCP-11. Copies of
1828 claims of rights made available for publication and any assurances of
1829 licenses to be made available, or the result of an attempt made to
1830 obtain a general license or permission for the use of such
1831 proprietary rights by implementors or users of this specification can
1832 be obtained from the IETF Secretariat.
1834 The IETF invites any interested party to bring to its attention any
1835 copyrights, patents or patent applications, or other proprietary
1836 rights which may cover technology that may be required to practice
1837 this standard. Please address the information to the IETF Executive
1838 Director.
1840 Full Copyright Statement
1842 Copyright (C) The Internet Society (2003). All Rights Reserved.
1844 This document and translations of it may be copied and furnished to
1845 others, and derivative works that comment on or otherwise explain it
1846 or assist in its implementation may be prepared, copied, published
1847 and distributed, in whole or in part, without restriction of any
1848 kind, provided that the above copyright notice and this paragraph are
1849 included on all such copies and derivative works. However, this
1850 document itself may not be modified in any way, such as by removing
1851 the copyright notice or references to the Internet Society or other
1852 Internet organizations, except as needed for the purpose of
1853 developing Internet standards in which case the procedures for
1854 copyrights defined in the Internet Standards process must be
1855 followed, or as required to translate it into languages other than
1856 English.
1858 The limited permissions granted above are perpetual and will not be
1859 revoked by the Internet Society or its successors or assignees.
1861 This document and the information contained herein is provided on an
1862 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
1863 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
1864 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
1865 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
1866 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
1868 Acknowledgment
1870 Funding for the RFC Editor function is currently provided by the
1871 Internet Society.