| draft-ietf-httpbis-header-structure-07.txt | draft-ietf-httpbis-header-structure-08.txt | |||
|---|---|---|---|---|
| HTTP M. Nottingham | HTTP M. Nottingham | |||
| Internet-Draft Fastly | Internet-Draft Fastly | |||
| Intended status: Standards Track P-H. Kamp | Intended status: Standards Track P-H. Kamp | |||
| Expires: January 3, 2019 The Varnish Cache Project | Expires: April 26, 2019 The Varnish Cache Project | |||
| July 2, 2018 | October 23, 2018 | |||
| Structured Headers for HTTP | Structured Headers for HTTP | |||
| draft-ietf-httpbis-header-structure-07 | draft-ietf-httpbis-header-structure-08 | |||
| Abstract | Abstract | |||
| This document describes a set of data types and algorithms associated | This document describes a set of data types and algorithms associated | |||
| with them that are intended to make it easier and safer to define and | with them that are intended to make it easier and safer to define and | |||
| handle HTTP header fields. It is intended for use by new | handle HTTP header fields. It is intended for use by new | |||
| specifications of HTTP header fields as well as revisions of existing | specifications of HTTP header fields as well as revisions of existing | |||
| header field specifications when doing so does not cause | header field specifications when doing so does not cause | |||
| interoperability issues. | interoperability issues. | |||
| skipping to change at page 2, line 10 ¶ | skipping to change at page 2, line 10 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on January 3, 2019. | This Internet-Draft will expire on April 26, 2019. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2018 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 32 ¶ | skipping to change at page 2, line 32 ¶ | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 4 | 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 4 | |||
| 2. Defining New Structured Headers . . . . . . . . . . . . . . . 4 | 2. Defining New Structured Headers . . . . . . . . . . . . . . . 4 | |||
| 3. Structured Header Data Types . . . . . . . . . . . . . . . . 6 | 3. Structured Header Data Types . . . . . . . . . . . . . . . . 7 | |||
| 3.1. Dictionaries . . . . . . . . . . . . . . . . . . . . . . 6 | 3.1. Dictionaries . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 3.2. Lists . . . . . . . . . . . . . . . . . . . . . . . . . . 6 | 3.2. Lists . . . . . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 3.3. Parameterised Lists . . . . . . . . . . . . . . . . . . . 7 | 3.3. Parameterised Lists . . . . . . . . . . . . . . . . . . . 8 | |||
| 3.4. Items . . . . . . . . . . . . . . . . . . . . . . . . . . 7 | 3.4. Items . . . . . . . . . . . . . . . . . . . . . . . . . . 8 | |||
| 3.5. Integers . . . . . . . . . . . . . . . . . . . . . . . . 8 | 3.5. Integers . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 3.6. Floats . . . . . . . . . . . . . . . . . . . . . . . . . 8 | 3.6. Floats . . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 3.7. Strings . . . . . . . . . . . . . . . . . . . . . . . . . 8 | 3.7. Strings . . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 3.8. Identifiers . . . . . . . . . . . . . . . . . . . . . . . 9 | 3.8. Identifiers . . . . . . . . . . . . . . . . . . . . . . . 10 | |||
| 3.9. Binary Content . . . . . . . . . . . . . . . . . . . . . 9 | 3.9. Byte Sequences . . . . . . . . . . . . . . . . . . . . . 10 | |||
| 4. Structured Headers in HTTP/1 . . . . . . . . . . . . . . . . 10 | 3.10. Booleans . . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 4.1. Serialising Structured Headers into HTTP/1 . . . . . . . 10 | 4. Structured Headers in HTTP/1 . . . . . . . . . . . . . . . . 11 | |||
| 4.2. Parsing HTTP/1 Header Fields into Structured Headers . . 14 | 4.1. Serialising Structured Headers into HTTP/1 . . . . . . . 11 | |||
| 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22 | 4.2. Parsing HTTP/1 Header Fields into Structured Headers . . 16 | |||
| 6. Security Considerations . . . . . . . . . . . . . . . . . . . 22 | 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 24 | |||
| 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 22 | 6. Security Considerations . . . . . . . . . . . . . . . . . . . 24 | |||
| 7.1. Normative References . . . . . . . . . . . . . . . . . . 22 | 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 25 | |||
| 7.2. Informative References . . . . . . . . . . . . . . . . . 23 | 7.1. Normative References . . . . . . . . . . . . . . . . . . 25 | |||
| 7.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 24 | 7.2. Informative References . . . . . . . . . . . . . . . . . 25 | |||
| Appendix A. Frequently Asked Questions . . . . . . . . . . . . . 24 | 7.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 26 | |||
| A.1. Why not JSON? . . . . . . . . . . . . . . . . . . . . . . 24 | Appendix A. Frequently Asked Questions . . . . . . . . . . . . . 26 | |||
| A.2. Structured Headers don't "fit" my data. . . . . . . . . . 25 | A.1. Why not JSON? . . . . . . . . . . . . . . . . . . . . . . 26 | |||
| Appendix B. Changes . . . . . . . . . . . . . . . . . . . . . . 25 | A.2. Structured Headers don't "fit" my data. . . . . . . . . . 27 | |||
| B.1. Since draft-ietf-httpbis-header-structure-06 . . . . . . 25 | Appendix B. Changes . . . . . . . . . . . . . . . . . . . . . . 28 | |||
| B.2. Since draft-ietf-httpbis-header-structure-05 . . . . . . 25 | B.1. Since draft-ietf-httpbis-header-structure-07 . . . . . . 28 | |||
| B.3. Since draft-ietf-httpbis-header-structure-04 . . . . . . 26 | B.2. Since draft-ietf-httpbis-header-structure-06 . . . . . . 28 | |||
| B.4. Since draft-ietf-httpbis-header-structure-03 . . . . . . 26 | B.3. Since draft-ietf-httpbis-header-structure-05 . . . . . . 28 | |||
| B.5. Since draft-ietf-httpbis-header-structure-02 . . . . . . 26 | B.4. Since draft-ietf-httpbis-header-structure-04 . . . . . . 28 | |||
| B.6. Since draft-ietf-httpbis-header-structure-01 . . . . . . 26 | B.5. Since draft-ietf-httpbis-header-structure-03 . . . . . . 29 | |||
| B.7. Since draft-ietf-httpbis-header-structure-00 . . . . . . 26 | B.6. Since draft-ietf-httpbis-header-structure-02 . . . . . . 29 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 27 | B.7. Since draft-ietf-httpbis-header-structure-01 . . . . . . 29 | |||
| B.8. Since draft-ietf-httpbis-header-structure-00 . . . . . . 29 | ||||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 29 | ||||
| 1. Introduction | 1. Introduction | |||
| Specifying the syntax of new HTTP header fields is an onerous task; | Specifying the syntax of new HTTP header fields is an onerous task; | |||
| even with the guidance in [RFC7231], Section 8.3.1, there are many | even with the guidance in [RFC7231], Section 8.3.1, there are many | |||
| decisions - and pitfalls - for a prospective HTTP header field | decisions - and pitfalls - for a prospective HTTP header field | |||
| author. | author. | |||
| Once a header field is defined, bespoke parsers and serialisers often | Once a header field is defined, bespoke parsers and serialisers often | |||
| need to be written, because each header has slightly different | need to be written, because each header has slightly different | |||
| skipping to change at page 4, line 18 ¶ | skipping to change at page 4, line 18 ¶ | |||
| 1.1. Notational Conventions | 1.1. Notational Conventions | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in BCP | |||
| 14 [RFC2119] [RFC8174] when, and only when, they appear in all | 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| This document uses the Augmented Backus-Naur Form (ABNF) notation of | This document uses the Augmented Backus-Naur Form (ABNF) notation of | |||
| [RFC5234], including the VCHAR, DIGIT, ALPHA and DQUOTE rules from | [RFC5234], including the VCHAR, SP, DIGIT, ALPHA and DQUOTE rules | |||
| that document. It also includes the OWS rule from [RFC7230]. | from that document. It also includes the OWS rule from [RFC7230]. | |||
| This document uses algorithms to specify parsing and serialisation | This document uses algorithms to specify parsing and serialisation | |||
| behaviours, and ABNF to illustrate expected syntax. | behaviours, and ABNF to illustrate expected syntax in HTTP/1-style | |||
| header fields. | ||||
| For parsing, implementations MUST follow the algorithms, but MAY vary | For parsing from HTTP/1 header fields, implementations MUST follow | |||
| in implementation so as the behaviours are indistinguishable from | the algorithms, but MAY vary in implementation so as the behaviours | |||
| specified behaviour. If there is disagreement between the parsing | are indistinguishable from specified behaviour. If there is | |||
| algorithms and ABNF, the specified algorithms take precedence. | disagreement between the parsing algorithms and ABNF, the specified | |||
| algorithms take precedence. In some places, the algorithms are | ||||
| "greedy" with whitespace, but this should not affect conformance. | ||||
| For serialisation, the ABNF illustrates the range of acceptable wire | For serialisation to HTTP/1 header fields, the ABNF illustrates the | |||
| representations with as much fidelity as possible, and the algorithms | range of acceptable wire representations with as much fidelity as | |||
| define the recommended way to produce them. Implementations MAY vary | possible, and the algorithms define the recommended way to produce | |||
| from the specified behaviour so long as the output still matches the | them. Implementations MAY vary from the specified behaviour so long | |||
| ABNF. | as the output still matches the ABNF. | |||
| 2. Defining New Structured Headers | 2. Defining New Structured Headers | |||
| To define a HTTP header as a structured header, its specification | To define a HTTP header as a structured header, its specification | |||
| needs to: | needs to: | |||
| o Reference this specification. Recipients and generators of the | o Reference this specification. Recipients and generators of the | |||
| header need to know that the requirements of this document are in | header need to know that the requirements of this document are in | |||
| effect. | effect. | |||
| skipping to change at page 5, line 8 ¶ | skipping to change at page 5, line 12 ¶ | |||
| semantics. Syntax definitions are encouraged to use the ABNF | semantics. Syntax definitions are encouraged to use the ABNF | |||
| rules beginning with "sh-" defined in this specification. | rules beginning with "sh-" defined in this specification. | |||
| o Specify any additional constraints upon the syntax of the | o Specify any additional constraints upon the syntax of the | |||
| structured used, as well as the consequences when those | structured used, as well as the consequences when those | |||
| constraints are violated. When Structured Headers parsing fails, | constraints are violated. When Structured Headers parsing fails, | |||
| the header is discarded (see Section 4.2); in most situations, | the header is discarded (see Section 4.2); in most situations, | |||
| header-specific constraints should do likewise. | header-specific constraints should do likewise. | |||
| Note that a header field definition cannot relax the requirements of | Note that a header field definition cannot relax the requirements of | |||
| a structure or its processing; they can only add additional | a structure or its processing because doing so would preclude | |||
| constraints, because doing so would preclude handling by generic | handling by generic software; they can only add additional | |||
| software. | constraints. | |||
| For example: | For example: | |||
| # Foo-Example Header | # Foo-Example Header | |||
| The Foo-Example HTTP header field conveys information about how | The Foo-Example HTTP header field conveys information about how | |||
| much Foo the message has. | much Foo the message has. | |||
| Foo-Example is a Structured Header [RFCxxxx]. Its value MUST be a | Foo-Example is a Structured Header [RFCxxxx]. Its value MUST be a | |||
| dictionary ([RFCxxxx], Section Y.Y). Its ABNF is: | dictionary ([RFCxxxx], Section Y.Y). Its ABNF is: | |||
| skipping to change at page 6, line 20 ¶ | skipping to change at page 7, line 13 ¶ | |||
| and/or the size of the entire header block. | and/or the size of the entire header block. | |||
| 3. Structured Header Data Types | 3. Structured Header Data Types | |||
| This section defines the abstract value types that can be composed | This section defines the abstract value types that can be composed | |||
| into Structured Headers. The ABNF provided represents the on-wire | into Structured Headers. The ABNF provided represents the on-wire | |||
| format in HTTP/1. | format in HTTP/1. | |||
| 3.1. Dictionaries | 3.1. Dictionaries | |||
| Dictionaries are unordered maps of key-value pairs, where the keys | Dictionaries are ordered maps of key-value pairs, where the keys are | |||
| are identifiers (Section 3.8) and the values are items (Section 3.4). | identifiers (Section 3.8) and the values are items (Section 3.4). | |||
| There can be one or more members, and keys are required to be unique. | There can be one or more members, and keys are required to be unique. | |||
| The ABNF for dictionaries is: | Implementations MUST provide access to dictionaries both by index and | |||
| by key. Specifications MAY use either means of accessing the | ||||
| members. | ||||
| The ABNF for dictionaries in HTTP/1 headers is: | ||||
| sh-dictionary = dict-member *( OWS "," OWS dict-member ) | sh-dictionary = dict-member *( OWS "," OWS dict-member ) | |||
| dict-member = member-name "=" member-value | dict-member = member-name "=" member-value | |||
| member-name = identifier | member-name = sh-identifier | |||
| member-value = sh-item | member-value = sh-item | |||
| In HTTP/1, keys and values are separated by "=" (without whitespace), | In HTTP/1, keys and values are separated by "=" (without whitespace), | |||
| and key/value pairs are separated by a comma with optional | and key/value pairs are separated by a comma with optional | |||
| whitespace. For example: | whitespace. For example: | |||
| Example-DictHeader: en="Applepie", da=*w4ZibGV0w6ZydGUK=* | Example-DictHeader: en="Applepie", da=*w4ZibGV0w6ZydGU=* | |||
| Typically, a header field specification will define the semantics of | Typically, a header field specification will define the semantics of | |||
| individual keys, as well as whether their presence is required or | individual keys, as well as whether their presence is required or | |||
| optional. Recipients MUST ignore keys that are undefined or unknown, | optional. Recipients MUST ignore keys that are undefined or unknown, | |||
| unless the header field's specification specifically disallows them. | unless the header field's specification specifically disallows them. | |||
| Parsers MUST support dictionaries containing at least 1024 key/value | Parsers MUST support dictionaries containing at least 1024 key/value | |||
| pairs. | pairs. | |||
| 3.2. Lists | 3.2. Lists | |||
| Lists are arrays of items (Section 3.4) with one or more members. | Lists are arrays of items (Section 3.4) with one or more members. | |||
| The ABNF for lists is: | The ABNF for lists in HTTP/1 headers is: | |||
| sh-list = list-member *( OWS "," OWS list-member ) | sh-list = list-member *( OWS "," OWS list-member ) | |||
| list-member = sh-item | list-member = sh-item | |||
| In HTTP/1, each member is separated by a comma and optional | In HTTP/1, each member is separated by a comma and optional | |||
| whitespace. For example, a header field whose value is defined as a | whitespace. For example, a header field whose value is defined as a | |||
| list of strings could look like: | list of strings could look like: | |||
| Example-StrListHeader: "foo", "bar", "It was the best of times." | Example-StrListHeader: "foo", "bar", "It was the best of times." | |||
| Header specifications can constrain the types of individual values if | Header specifications can constrain the types of individual values if | |||
| necessary. | necessary. | |||
| Parsers MUST support lists containing at least 1024 members. | Parsers MUST support lists containing at least 1024 members. | |||
| 3.3. Parameterised Lists | 3.3. Parameterised Lists | |||
| Parameterised Lists are arrays of a parameterised identifiers. | Parameterised Lists are arrays of a parameterised identifiers. | |||
| A parameterised identifier is an identifier (Section 3.8) with an | A parameterised identifier is an identifier (Section 3.8) with an | |||
| optional set of parameters, each parameter having a identifier and an | optional set of parameters, each parameter having an identifier and | |||
| optional value that is an item (Section 3.4). Ordering between | an optional value that is an item (Section 3.4). Ordering between | |||
| parameters is not significant, and duplicate parameters MUST cause | parameters is not significant, and duplicate parameters MUST cause | |||
| parsing to fail. | parsing to fail. | |||
| The ABNF for parameterised lists is: | The ABNF for parameterised lists in HTTP/1 headers is: | |||
| sh-param-list = param-id *( OWS "," OWS param-id ) | sh-param-list = param-id *( OWS "," OWS param-id ) | |||
| param-id = identifier *parameter | param-id = sh-identifier *parameter | |||
| parameter = OWS ";" OWS param-name [ "=" param-value ] | parameter = OWS ";" OWS param-name [ "=" param-value ] | |||
| param-name = identifier | param-name = sh-identifier | |||
| param-value = sh-item | param-value = sh-item | |||
| In HTTP/1, each param-id is separated by a comma and optional | In HTTP/1, each param-id is separated by a comma and optional | |||
| whitespace (as in Lists), and the parameters are separated by | whitespace (as in Lists), and the parameters are separated by | |||
| semicolons. For example: | semicolons. For example: | |||
| Example-ParamListHeader: abc_123;a=1;b=2; cdef_456, ghi;q="9";r=w | Example-ParamListHeader: abc_123;a=1;b=2; cdef_456, ghi;q="9";r="w" | |||
| Parsers MUST support parameterised lists containing at least 1024 | Parsers MUST support parameterised lists containing at least 1024 | |||
| members, and support members with at least 256 parameters. | members, and support members with at least 256 parameters. | |||
| 3.4. Items | 3.4. Items | |||
| An item is can be a integer (Section 3.5), float (Section 3.6), | An item is can be a integer (Section 3.5), float (Section 3.6), | |||
| string (Section 3.7), or binary content (Section 3.9). | string (Section 3.7), identifier (Section 3.8), byte sequence | |||
| (Section 3.9), or Boolean (Section 3.10). | ||||
| The ABNF for items is: | The ABNF for items in HTTP/1 headers is: | |||
| sh-item = sh-integer / sh-float / sh-string / sh-binary | sh-item = sh-integer / sh-float / sh-string / sh-identifier / sh-binary | |||
| / sh-boolean | ||||
| 3.5. Integers | 3.5. Integers | |||
| Integers have a range of -9,223,372,036,854,775,808 to | Integers have a range of -9,223,372,036,854,775,808 to | |||
| 9,223,372,036,854,775,807 inclusive (i.e., a 64-bit signed integer). | 9,223,372,036,854,775,807 inclusive (i.e., a 64-bit signed integer). | |||
| The ABNF for integers is: | The ABNF for integers in HTTP/1 headers is: | |||
| sh-integer = ["-"] 1*19DIGIT | sh-integer = ["-"] 1*19DIGIT | |||
| For example: | For example: | |||
| Example-IntegerHeader: 42 | Example-IntegerHeader: 42 | |||
| 3.6. Floats | 3.6. Floats | |||
| Floats are integers with a fractional part, that can be stored as | Floats are integers with a fractional part, that can be stored as | |||
| IEEE 754 double precision numbers (binary64) ([IEEE754]). | IEEE 754 double precision numbers (binary64) ([IEEE754]). | |||
| The ABNF for floats is: | The ABNF for floats in HTTP/1 headers is: | |||
| sh-float = ["-"] ( | sh-float = ["-"] ( | |||
| DIGIT "." 1*14DIGIT / | DIGIT "." 1*14DIGIT / | |||
| 2DIGIT "." 1*13DIGIT / | 2DIGIT "." 1*13DIGIT / | |||
| 3DIGIT "." 1*12DIGIT / | 3DIGIT "." 1*12DIGIT / | |||
| 4DIGIT "." 1*11DIGIT / | 4DIGIT "." 1*11DIGIT / | |||
| 5DIGIT "." 1*10DIGIT / | 5DIGIT "." 1*10DIGIT / | |||
| 6DIGIT "." 1*9DIGIT / | 6DIGIT "." 1*9DIGIT / | |||
| 7DIGIT "." 1*8DIGIT / | 7DIGIT "." 1*8DIGIT / | |||
| 8DIGIT "." 1*7DIGIT / | 8DIGIT "." 1*7DIGIT / | |||
| skipping to change at page 8, line 52 ¶ | skipping to change at page 9, line 52 ¶ | |||
| like: | like: | |||
| Example-FloatHeader: 4.5 | Example-FloatHeader: 4.5 | |||
| 3.7. Strings | 3.7. Strings | |||
| Strings are zero or more printable ASCII [RFC0020] characters (i.e., | Strings are zero or more printable ASCII [RFC0020] characters (i.e., | |||
| the range 0x20 to 0x7E). Note that this excludes tabs, newlines, | the range 0x20 to 0x7E). Note that this excludes tabs, newlines, | |||
| carriage returns, etc. | carriage returns, etc. | |||
| The ABNF for strings is: | The ABNF for strings in HTTP/1 headers is: | |||
| sh-string = DQUOTE *(chr) DQUOTE | sh-string = DQUOTE *(chr) DQUOTE | |||
| chr = unescaped / escaped | chr = unescaped / escaped | |||
| unescaped = %x20-21 / %x23-5B / %x5D-7E | unescaped = %x20-21 / %x23-5B / %x5D-7E | |||
| escaped = "\" ( DQUOTE / "\" ) | escaped = "\" ( DQUOTE / "\" ) | |||
| In HTTP/1 headers, strings are delimited with double quotes, using a | In HTTP/1 headers, strings are delimited with double quotes, using a | |||
| backslash ("\") to escape double quotes and backslashes. For | backslash ("\") to escape double quotes and backslashes. For | |||
| example: | example: | |||
| skipping to change at page 9, line 25 ¶ | skipping to change at page 10, line 25 ¶ | |||
| Note that strings only use DQUOTE as a delimiter; single quotes do | Note that strings only use DQUOTE as a delimiter; single quotes do | |||
| not delimit strings. Furthermore, only DQUOTE and "\" can be | not delimit strings. Furthermore, only DQUOTE and "\" can be | |||
| escaped; other sequences MUST cause parsing to fail. | escaped; other sequences MUST cause parsing to fail. | |||
| Unicode is not directly supported in this document, because it causes | Unicode is not directly supported in this document, because it causes | |||
| a number of interoperability issues, and - with few exceptions - | a number of interoperability issues, and - with few exceptions - | |||
| header values do not require it. | header values do not require it. | |||
| When it is necessary for a field value to convey non-ASCII string | When it is necessary for a field value to convey non-ASCII string | |||
| content, binary content (Section 3.9) SHOULD be specified, along with | content, a byte sequence (Section 3.9) SHOULD be specified, along | |||
| a character encoding (preferably, UTF-8). | with a character encoding (preferably UTF-8). | |||
| Parsers MUST support strings with at least 1024 characters. | Parsers MUST support strings with at least 1024 characters. | |||
| 3.8. Identifiers | 3.8. Identifiers | |||
| Identifiers are short textual identifiers; their abstract model is | Identifiers are short textual identifiers; their abstract model is | |||
| identical to their expression in the textual HTTP serialisation. | identical to their expression in the textual HTTP serialisation. | |||
| Parsers MUST support identifiers with at least 64 characters. | Parsers MUST support identifiers with at least 64 characters. | |||
| The ABNF for identifiers is: | The ABNF for identifiers in HTTP/1 headers is: | |||
| identifier = lcalpha *( lcalpha / DIGIT / "_" / "-"/ "*" / "/" ) | sh-identifier = lcalpha *( lcalpha / DIGIT / "_" / "-"/ "*" / "/" ) | |||
| lcalpha = %x61-7A ; a-z | lcalpha = %x61-7A ; a-z | |||
| Note that identifiers can only contain lowercase letters. | Note that identifiers can only contain lowercase letters. | |||
| 3.9. Binary Content | 3.9. Byte Sequences | |||
| Arbitrary binary content can be conveyed in Structured Headers. | Byte sequences can be conveyed in Structured Headers. | |||
| The ABNF for binary content is: | The ABNF for a byte sequence in HTTP/1 headers is: | |||
| sh-binary = "*" *(base64) "*" | sh-binary = "*" *(base64) "*" | |||
| base64 = ALPHA / DIGIT / "+" / "/" / "=" | base64 = ALPHA / DIGIT / "+" / "/" / "=" | |||
| In HTTP/1 headers, binary content is delimited with asterisks and | In HTTP/1 headers, a byte sequence is delimited with asterisks and | |||
| encoded using base64 ([RFC4648], Section 4). For example: | encoded using base64 ([RFC4648], Section 4). For example: | |||
| Example-BinaryHdr: *cHJldGVuZCB0aGlzIGlzIGJpbmFyeSBjb250ZW50Lg==* | Example-BinaryHdr: *cHJldGVuZCB0aGlzIGlzIGJpbmFyeSBjb250ZW50Lg==* | |||
| Parsers MUST support binary content with at least 16384 octets after | Parsers MUST support byte sequences with at least 16384 octets after | |||
| decoding. | decoding. | |||
| 3.10. Booleans | ||||
| Boolean values can be conveyed in Structured Headers. | ||||
| The ABNF for a Boolean in HTTP/1 headers is: | ||||
| sh-boolean = "!" boolean | ||||
| boolean = "T" / "F" | ||||
| In HTTP/1 headers, a byte sequence is delimited with a "!" character. | ||||
| For example: | ||||
| Example-BoolHdr: !T | ||||
| 4. Structured Headers in HTTP/1 | 4. Structured Headers in HTTP/1 | |||
| This section defines how to serialise and parse Structured Headers in | This section defines how to serialise and parse Structured Headers in | |||
| HTTP/1 textual header fields, and protocols compatible with them | HTTP/1 textual header fields, and protocols compatible with them | |||
| (e.g., in HTTP/2 [RFC7540] before HPACK [RFC7541] is applied). | (e.g., in HTTP/2 [RFC7540] before HPACK [RFC7541] is applied). | |||
| 4.1. Serialising Structured Headers into HTTP/1 | 4.1. Serialising Structured Headers into HTTP/1 | |||
| Given a structured defined in this specification: | Given a structured defined in this specification: | |||
| skipping to change at page 11, line 10 ¶ | skipping to change at page 12, line 25 ¶ | |||
| 2. Append name to output. | 2. Append name to output. | |||
| 3. Append "=" to output. | 3. Append "=" to output. | |||
| 4. Let value be the result of applying Serialising an Item | 4. Let value be the result of applying Serialising an Item | |||
| Section 4.1.4 to mem's member-value. | Section 4.1.4 to mem's member-value. | |||
| 5. Append value to output. | 5. Append value to output. | |||
| 6. If more members remain in input: | ||||
| 1. Append a COMMA to output. | ||||
| 2. Append a single WS to output. | ||||
| 3. Return output. | 3. Return output. | |||
| 4.1.2. Serialising a List | 4.1.2. Serialising a List | |||
| Given a list as input: | Given a list as input: | |||
| 1. Let output be an empty string. | 1. Let output be an empty string. | |||
| 2. For each member mem of input: | 2. For each member mem of input: | |||
| skipping to change at page 11, line 48 ¶ | skipping to change at page 13, line 20 ¶ | |||
| 2. For each member mem of input: | 2. For each member mem of input: | |||
| 1. Let id be the result of applying Serialising an Identifier | 1. Let id be the result of applying Serialising an Identifier | |||
| Section 4.1.8 to mem's identifier. | Section 4.1.8 to mem's identifier. | |||
| 2. Append id to output. | 2. Append id to output. | |||
| 3. For each parameter in mem's parameters: | 3. For each parameter in mem's parameters: | |||
| 1. Let name be the result of applying Serialising an | 1. Append ";" to output. | |||
| 2. Let name be the result of applying Serialising an | ||||
| Identifier Section 4.1.8 to parameter's param-name. | Identifier Section 4.1.8 to parameter's param-name. | |||
| 2. Append name to output. | 3. Append name to output. | |||
| 3. If parameter has a param-value: | 4. If parameter has a param-value: | |||
| 1. Let value be the result of applying Serialising an | 1. Let value be the result of applying Serialising an | |||
| Item Section 4.1.4 to parameter's param-value. | Item Section 4.1.4 to parameter's param-value. | |||
| 2. Append "=" to output. | 2. Append "=" to output. | |||
| 3. Append value to output. | 3. Append value to output. | |||
| 4. If more members remain in input: | ||||
| 1. Append a COMMA to output. | ||||
| 2. Append a single WS to output. | ||||
| 3. Return output. | 3. Return output. | |||
| 4.1.4. Serialising an Item | 4.1.4. Serialising an Item | |||
| Given an item as input: | Given an item as input: | |||
| 1. If input is a type other than an integer, float, string or binary | 1. If input is a type other than an integer, float, string, | |||
| content, fail serialisation. | identifier, byte sequence, or Boolean, fail serialisation. | |||
| 2. Let output be an empty string. | 2. If input is an integer, return the result of applying Serialising | |||
| an Integer Section 4.1.5 to input. | ||||
| 3. If input is an integer, let value be the result of applying | 3. If input is a float, return the result of applying Serialising a | |||
| Serialising an Integer Section 4.1.5 to input. | Float Section 4.1.6 to input. | |||
| 4. If input is a float, let value be the result of applying | 4. If input is a string, return the result of applying Serialising a | |||
| Serialising a Float Section 4.1.6 to input. | String Section 4.1.7 to input. | |||
| 5. If input is a string, let value be the result of applying | 5. If input is an identifier, return the result of Serialising an | |||
| Serialising a String Section 4.1.7 to input. | Identifier {#ser-identifier}. | |||
| 6. If input is binary content, let value be the result of applying | 6. If input is a Boolean, return the result of applying Serialising | |||
| Serialising Binary Content Section 4.1.9 to input. | a Boolean Section 4.1.10 to input. | |||
| 7. Return output. | 7. Otherwise, return the result of applying Serialising a Byte | |||
| Sequence Section 4.1.9 to input. | ||||
| 4.1.5. Serialising an Integer | 4.1.5. Serialising an Integer | |||
| Given an integer as input: | Given an integer as input: | |||
| 1. If input is not an integer in the range of | 1. If input is not an integer in the range of | |||
| -9,223,372,036,854,775,808 to 9,223,372,036,854,775,807 | -9,223,372,036,854,775,808 to 9,223,372,036,854,775,807 | |||
| inclusive, fail serialisation. | inclusive, fail serialisation. | |||
| 2. Let output be an empty string. | 2. Let output be an empty string. | |||
| skipping to change at page 13, line 33 ¶ | skipping to change at page 15, line 15 ¶ | |||
| 6. Append input's decimal component represented in base 10 using | 6. Append input's decimal component represented in base 10 using | |||
| only decimal digits to output; if it is zero, append "0". | only decimal digits to output; if it is zero, append "0". | |||
| 7. Return output. | 7. Return output. | |||
| 4.1.7. Serialising a String | 4.1.7. Serialising a String | |||
| Given a string as input: | Given a string as input: | |||
| 1. If input is not a sequence of characters, or contains characters | 1. If input is not a sequence of characters, or contains characters | |||
| outside the range allowed by VCHAR, fail serialisation. | outside the range allowed by VCHAR or SP, fail serialisation. | |||
| 2. Let output be an empty string. | 2. Let output be an empty string. | |||
| 3. Append DQUOTE to output. | 3. Append DQUOTE to output. | |||
| 4. For each character char in input: | 4. For each character char in input: | |||
| 1. If char is "\" or DQUOTE: | 1. If char is "\" or DQUOTE: | |||
| 1. Append "\" to output. | 1. Append "\" to output. | |||
| skipping to change at page 14, line 18 ¶ | skipping to change at page 15, line 46 ¶ | |||
| 1. If input is not a sequence of characters, or contains characters | 1. If input is not a sequence of characters, or contains characters | |||
| not allowed in Section 3.8, fail serialisation. | not allowed in Section 3.8, fail serialisation. | |||
| 2. Let output be an empty string. | 2. Let output be an empty string. | |||
| 3. Append input to output, using ASCII encoding [RFC0020]. | 3. Append input to output, using ASCII encoding [RFC0020]. | |||
| 4. Return output. | 4. Return output. | |||
| 4.1.9. Serialising Binary Content | 4.1.9. Serialising a Byte Sequence | |||
| Given binary content as input: | Given a byte sequence as input: | |||
| 1. If input is not a sequence of bytes, fail serialisation. | 1. If input is not a sequence of bytes, fail serialisation. | |||
| 2. Let output be an empty string. | 2. Let output be an empty string. | |||
| 3. Append "*" to output. | 3. Append "*" to output. | |||
| 4. Append the result of base64-encoding input as per [RFC4648], | 4. Append the result of base64-encoding input as per [RFC4648], | |||
| Section 4, taking account of the requirements below. | Section 4, taking account of the requirements below. | |||
| skipping to change at page 14, line 42 ¶ | skipping to change at page 16, line 21 ¶ | |||
| 6. Return output. | 6. Return output. | |||
| The encoded data is required to be padded with "=", as per [RFC4648], | The encoded data is required to be padded with "=", as per [RFC4648], | |||
| Section 3.2. | Section 3.2. | |||
| Likewise, encoded data SHOULD have pad bits set to zero, as per | Likewise, encoded data SHOULD have pad bits set to zero, as per | |||
| [RFC4648], Section 3.5, unless it is not possible to do so due to | [RFC4648], Section 3.5, unless it is not possible to do so due to | |||
| implementation constraints. | implementation constraints. | |||
| 4.1.10. Serialising a Boolean | ||||
| Given a Boolean as input: | ||||
| 1. If input is not a boolean, fail serialisation. | ||||
| 2. Let output be an empty string. | ||||
| 3. Append "!" to output. | ||||
| 4. If input is true, append "T" to output. | ||||
| 5. If input is false, append "F" to output. | ||||
| 6. Return output. | ||||
| 4.2. Parsing HTTP/1 Header Fields into Structured Headers | 4.2. Parsing HTTP/1 Header Fields into Structured Headers | |||
| When a receiving implementation parses textual HTTP header fields | When a receiving implementation parses textual HTTP header fields | |||
| (e.g., in HTTP/1 or HTTP/2) that are known to be Structured Headers, | (e.g., in HTTP/1 or HTTP/2) that are known to be Structured Headers, | |||
| it is important that care be taken, as there are a number of edge | it is important that care be taken, as there are a number of edge | |||
| cases that can cause interoperability or even security problems. | cases that can cause interoperability or even security problems. | |||
| This section specifies the algorithm for doing so. | This section specifies the algorithm for doing so. | |||
| Given an ASCII string input_string that represents the chosen | Given an ASCII string input_string that represents the chosen | |||
| header's field-value, and header_type, one of "dictionary", "list", | header's field-value, and header_type, one of "dictionary", "list", | |||
| skipping to change at page 15, line 33 ¶ | skipping to change at page 17, line 28 ¶ | |||
| 8. Otherwise, return output. | 8. Otherwise, return output. | |||
| When generating input_string, parsers MUST combine all instances of | When generating input_string, parsers MUST combine all instances of | |||
| the target header field into one comma-separated field-value, as per | the target header field into one comma-separated field-value, as per | |||
| [RFC7230], Section 3.2.2; this assures that the header is processed | [RFC7230], Section 3.2.2; this assures that the header is processed | |||
| correctly. | correctly. | |||
| For Lists, Parameterised Lists and Dictionaries, this has the effect | For Lists, Parameterised Lists and Dictionaries, this has the effect | |||
| of correctly concatenating all instances of the header field. | of correctly concatenating all instances of the header field. | |||
| Strings can but SHOULD NOT be split across multiple header instances, | Strings split across multiple header instances will have | |||
| because comma(s) inserted upon combination will become part of the | unpredictable results, because comma(s) and whitespace inserted upon | |||
| string output by the parser. | combination will become part of the string output by the parser. | |||
| Since concatenation might be done by an upstream intermediary, the | ||||
| results are not under the control of the serialiser or the parser. | ||||
| Integers, Floats and Binary Content cannot be split across multiple | Integers, Floats and Byte Sequences cannot be split across multiple | |||
| headers because the inserted commas will cause parsing to fail. | headers because the inserted commas will cause parsing to fail. | |||
| If parsing fails - including when calling another algorithm - the | If parsing fails - including when calling another algorithm - the | |||
| entire header field's value MUST be discarded. This is intentionally | entire header field's value MUST be discarded. This is intentionally | |||
| strict, to improve interoperability and safety, and specifications | strict, to improve interoperability and safety, and specifications | |||
| referencing this document cannot loosen this requirement. | referencing this document cannot loosen this requirement. | |||
| Note that this has the effect of discarding any header field with | Note that this has the effect of discarding any header field with | |||
| non-ASCII characters in input_string. | non-ASCII characters in input_string. | |||
| 4.2.1. Parsing a Dictionary from Text | 4.2.1. Parsing a Dictionary from Text | |||
| Given an ASCII string input_string, return a mapping of (identifier, | Given an ASCII string input_string, return an ordered map of | |||
| item). input_string is modified to remove the parsed value. | (identifier, item). input_string is modified to remove the parsed | |||
| value. | ||||
| 1. Let dictionary be an empty, unordered mapping. | 1. Let dictionary be an empty, ordered map. | |||
| 2. While input_string is not empty: | 2. While input_string is not empty: | |||
| 1. Let this_key be the result of running Parse Identifier from | 1. Let this_key be the result of running Parse Identifier from | |||
| Text (Section 4.2.8) with input_string. | Text (Section 4.2.8) with input_string. | |||
| 2. If dictionary already contains this_key, fail parsing. | 2. If dictionary already contains this_key, fail parsing. | |||
| 3. Consume the first character of input_string; if it is not | 3. Consume the first character of input_string; if it is not | |||
| "=", fail parsing. | "=", fail parsing. | |||
| skipping to change at page 17, line 43 ¶ | skipping to change at page 19, line 40 ¶ | |||
| COMMA, fail parsing. | COMMA, fail parsing. | |||
| 6. Discard any leading OWS from input_string. | 6. Discard any leading OWS from input_string. | |||
| 7. If input_string is empty, fail parsing. | 7. If input_string is empty, fail parsing. | |||
| 3. No structured data has been found; fail parsing. | 3. No structured data has been found; fail parsing. | |||
| 4.2.4. Parsing a Parameterised Identifier from Text | 4.2.4. Parsing a Parameterised Identifier from Text | |||
| Given an ASCII string input_string, return a identifier with an | Given an ASCII string input_string, return an identifier with an | |||
| mapping of parameters. input_string is modified to remove the parsed | unordered map of parameters. input_string is modified to remove the | |||
| value. | parsed value. | |||
| 1. Let primary_identifier be the result of Parsing a Identifier from | 1. Let primary_identifier be the result of Parsing an Identifier | |||
| Text (Section 4.2.8) from input_string. | from Text (Section 4.2.8) from input_string. | |||
| 2. Let parameters be an empty, unordered mapping. | 2. Let parameters be an empty, unordered map. | |||
| 3. In a loop: | 3. In a loop: | |||
| 1. Discard any leading OWS from input_string. | 1. If the first character of input_string is not ";", exit the | |||
| 2. If the first character of input_string is not ";", exit the | ||||
| loop. | loop. | |||
| 3. Consume a ";" character from the beginning of input_string. | 2. Consume a ";" character from the beginning of input_string. | |||
| 4. Discard any leading OWS from input_string. | 3. Discard any leading OWS from input_string. | |||
| 5. let param_name be the result of Parsing a Identifier from | 4. let param_name be the result of Parsing an Identifier from | |||
| Text (Section 4.2.8) from input_string. | Text (Section 4.2.8) from input_string. | |||
| 6. If param_name is already present in parameters, fail parsing. | 5. If param_name is already present in parameters, fail parsing. | |||
| 7. Let param_value be a null value. | 6. Let param_value be a null value. | |||
| 8. If the first character of input_string is "=": | 7. If the first character of input_string is "=": | |||
| 1. Consume the "=" character at the beginning of | 1. Consume the "=" character at the beginning of | |||
| input_string. | input_string. | |||
| 2. Let param_value be the result of Parsing an Item from | 2. Let param_value be the result of Parsing an Item from | |||
| Text (Section 4.2.5) from input_string. | Text (Section 4.2.5) from input_string. | |||
| 9. Insert (param_name, param_value) into parameters. | 8. Insert (param_name, param_value) into parameters. | |||
| 4. Return the tuple (primary_identifier, parameters). | 4. Return the tuple (primary_identifier, parameters). | |||
| 4.2.5. Parsing an Item from Text | 4.2.5. Parsing an Item from Text | |||
| Given an ASCII string input_string, return an item. input_string is | Given an ASCII string input_string, return an item. input_string is | |||
| modified to remove the parsed value. | modified to remove the parsed value. | |||
| 1. Discard any leading OWS from input_string. | 1. Discard any leading OWS from input_string. | |||
| 2. If the first character of input_string is a "-" or a DIGIT, | 2. If the first character of input_string is a "-" or a DIGIT, | |||
| process input_string as a number (Section 4.2.6) and return the | process input_string as a number (Section 4.2.6) and return the | |||
| result. | result. | |||
| 3. If the first character of input_string is a DQUOTE, process | 3. If the first character of input_string is a DQUOTE, process | |||
| input_string as a string (Section 4.2.7) and return the result. | input_string as a string (Section 4.2.7) and return the result. | |||
| 4. If the first character of input_string is "*", process | 4. If the first character of input_string is "*", process | |||
| input_string as binary content (Section 4.2.9) and return the | input_string as a byte sequence (Section 4.2.9) and return the | |||
| result. | result. | |||
| 5. Otherwise, fail parsing. | 5. If the first character of input_string is "!", process | |||
| input_string as a Boolean (Section 4.2.10) and return the result. | ||||
| 6. If the first character of input_string is a lcalpha, process | ||||
| input_string as an identifier (Section 4.2.8) and return the | ||||
| result. | ||||
| 7. Otherwise, fail parsing. | ||||
| 4.2.6. Parsing a Number from Text | 4.2.6. Parsing a Number from Text | |||
| NOTE: This algorithm parses both Integers Section 3.5 and Floats | NOTE: This algorithm parses both Integers Section 3.5 and Floats | |||
| Section 3.6, and returns the corresponding structure. | Section 3.6, and returns the corresponding structure. | |||
| 1. Let type be "integer". | 1. Let type be "integer". | |||
| 2. Let sign be 1. | 2. Let sign be 1. | |||
| skipping to change at page 19, line 34 ¶ | skipping to change at page 21, line 36 ¶ | |||
| 7. While input_string is not empty: | 7. While input_string is not empty: | |||
| 1. Let char be the result of removing the first character of | 1. Let char be the result of removing the first character of | |||
| input_string. | input_string. | |||
| 2. If char is a DIGIT, append it to input_number. | 2. If char is a DIGIT, append it to input_number. | |||
| 3. Else, if type is "integer" and char is ".", append char to | 3. Else, if type is "integer" and char is ".", append char to | |||
| input_number and set type to "float". | input_number and set type to "float". | |||
| 4. Otherwise, fail parsing. | 4. Otherwise, prepend char to input_string, and exit the loop. | |||
| 5. If type is "integer" and input_number contains more than 19 | 5. If type is "integer" and input_number contains more than 19 | |||
| characters, fail parsing. | characters, fail parsing. | |||
| 6. If type is "float" and input_number contains more than 16 | 6. If type is "float" and input_number contains more than 16 | |||
| characters, fail parsing. | characters, fail parsing. | |||
| 8. If type is "integer": | 8. If type is "integer": | |||
| 1. Parse input_number as an integer and let output_number be | 1. Parse input_number as an integer and let output_number be | |||
| the result. | the product of the result and sign. | |||
| 2. If output_number is outside the range defined in | 2. If output_number is outside the range defined in | |||
| Section 3.5, fail parsing. | Section 3.5, fail parsing. | |||
| 9. Otherwise: | 9. Otherwise: | |||
| 1. If the final character of input_number is ".", fail parsing. | 1. If the final character of input_number is ".", fail parsing. | |||
| 2. Parse input_number as a float and let output_number be the | 2. Parse input_number as a float and let output_number be the | |||
| result. | product of the result and sign. | |||
| 10. Return the product of output_number and sign. | 10. Return output_number. | |||
| 4.2.7. Parsing a String from Text | 4.2.7. Parsing a String from Text | |||
| Given an ASCII string input_string, return an unquoted string. | Given an ASCII string input_string, return an unquoted string. | |||
| input_string is modified to remove the parsed value. | input_string is modified to remove the parsed value. | |||
| 1. Let output_string be an empty string. | 1. Let output_string be an empty string. | |||
| 2. If the first character of input_string is not DQUOTE, fail | 2. If the first character of input_string is not DQUOTE, fail | |||
| parsing. | parsing. | |||
| skipping to change at page 20, line 43 ¶ | skipping to change at page 22, line 45 ¶ | |||
| 1. Let next_char be the result of removing the first | 1. Let next_char be the result of removing the first | |||
| character of input_string. | character of input_string. | |||
| 2. If next_char is not DQUOTE or "\", fail parsing. | 2. If next_char is not DQUOTE or "\", fail parsing. | |||
| 3. Append next_char to output_string. | 3. Append next_char to output_string. | |||
| 3. Else, if char is DQUOTE, return output_string. | 3. Else, if char is DQUOTE, return output_string. | |||
| 4. Else, if char is in the range %x00-1f or %x7f (i.e., is not | 4. Else, if char is in the range %x00-1f or %x7f (i.e., is not | |||
| in VCHAR), fail parsing. | in VCHAR or SP), fail parsing. | |||
| 5. Else, append char to output_string. | 5. Else, append char to output_string. | |||
| 5. Otherwise, fail parsing. | 5. Reached the end of input_string without finding a closing DQUOTE; | |||
| fail parsing. | ||||
| 4.2.8. Parsing an Identifier from Text | 4.2.8. Parsing an Identifier from Text | |||
| Given an ASCII string input_string, return a identifier. input_string | Given an ASCII string input_string, return an identifier. | |||
| is modified to remove the parsed value. | input_string is modified to remove the parsed value. | |||
| 1. If the first character of input_string is not lcalpha, fail | 1. If the first character of input_string is not lcalpha, fail | |||
| parsing. | parsing. | |||
| 2. Let output_string be an empty string. | 2. Let output_string be an empty string. | |||
| 3. While input_string is not empty: | 3. While input_string is not empty: | |||
| 1. Let char be the result of removing the first character of | 1. Let char be the result of removing the first character of | |||
| input_string. | input_string. | |||
| skipping to change at page 21, line 30 ¶ | skipping to change at page 23, line 30 ¶ | |||
| 2. If char is not one of lcalpha, DIGIT, "_", "-", "*" or "/": | 2. If char is not one of lcalpha, DIGIT, "_", "-", "*" or "/": | |||
| 1. Prepend char to input_string. | 1. Prepend char to input_string. | |||
| 2. Return output_string. | 2. Return output_string. | |||
| 3. Append char to output_string. | 3. Append char to output_string. | |||
| 4. Return output_string. | 4. Return output_string. | |||
| 4.2.9. Parsing Binary Content from Text | 4.2.9. Parsing a Byte Sequence from Text | |||
| Given an ASCII string input_string, return binary content. | Given an ASCII string input_string, return a byte sequence. | |||
| input_string is modified to remove the parsed value. | input_string is modified to remove the parsed value. | |||
| 1. If the first character of input_string is not "*", fail parsing. | 1. If the first character of input_string is not "*", fail parsing. | |||
| 2. Discard the first character of input_string. | 2. Discard the first character of input_string. | |||
| 3. Let b64_content be the result of removing content of input_string | 3. Let b64_content be the result of removing content of input_string | |||
| up to but not including the first instance of the character "*". | up to but not including the first instance of the character "*". | |||
| If there is not a "*" character before the end of input_string, | If there is not a "*" character before the end of input_string, | |||
| fail parsing. | fail parsing. | |||
| skipping to change at page 22, line 7 ¶ | skipping to change at page 24, line 7 ¶ | |||
| 5. If b64_content contains a character not included in ALPHA, DIGIT, | 5. If b64_content contains a character not included in ALPHA, DIGIT, | |||
| "+", "/" and "=", fail parsing. | "+", "/" and "=", fail parsing. | |||
| 6. Let binary_content be the result of Base 64 Decoding [RFC4648] | 6. Let binary_content be the result of Base 64 Decoding [RFC4648] | |||
| b64_content, synthesising padding if necessary (note the | b64_content, synthesising padding if necessary (note the | |||
| requirements about recipient behaviour below). | requirements about recipient behaviour below). | |||
| 7. Return binary_content. | 7. Return binary_content. | |||
| As per [RFC4648], Section 3.2, it is RECOMMENDED that parsers reject | Because some implementations of base64 do not allow reject of encoded | |||
| encoded data that is not properly padded, although this might not be | data that is not properly "=" padded (see [RFC4648], Section 3.2), | |||
| possible in some base64 implementations. | parsers SHOULD NOT fail when it is not present, unless they cannot be | |||
| configured to do so. | ||||
| Because some implementations of base64 do not allow rejection of | Because some implementations of base64 do not allow rejection of | |||
| encoded data that has non-zero pad bits (see [RFC4648], Section 3.5), | encoded data that has non-zero pad bits (see [RFC4648], Section 3.5), | |||
| parsers SHOULD NOT fail when it is present, unless they cannot be | parsers SHOULD NOT fail when it is present, unless they cannot be | |||
| configured to handle it. | configured to do so. | |||
| This specification does not relax the requirements in [RFC4648], | This specification does not relax the requirements in [RFC4648], | |||
| Section 3.1 and 3.3; therefore, parsers MUST fail on characters | Section 3.1 and 3.3; therefore, parsers MUST fail on characters | |||
| outside the base64 alphabet, and on line feeds in encoded data. | outside the base64 alphabet, and on line feeds in encoded data. | |||
| 4.2.10. Parsing a Boolean from Text | ||||
| Given an ASCII string input_string, return a Boolean. input_string is | ||||
| modified to remove the parsed value. | ||||
| 1. If the first character of input_string is not "!", fail parsing. | ||||
| 2. Discard the first character of input_string. | ||||
| 3. If the first character of input_string case-sensitively matches | ||||
| "T", discard the first character, and return true. | ||||
| 4. If the first character of input_string case-sensitively matches | ||||
| "F", discard the first character, and return false. | ||||
| 5. No value has matched; fail parsing. | ||||
| 5. IANA Considerations | 5. IANA Considerations | |||
| This draft has no actions for IANA. | This draft has no actions for IANA. | |||
| 6. Security Considerations | 6. Security Considerations | |||
| The size of most types defined by Structured Headers is not limited; | The size of most types defined by Structured Headers is not limited; | |||
| as a result, extremely large header fields could be an attack vector | as a result, extremely large header fields could be an attack vector | |||
| (e.g., for resource consumption). Most HTTP implementations limit | (e.g., for resource consumption). Most HTTP implementations limit | |||
| the sizes of size of individual header fields as well as the overall | the sizes of size of individual header fields as well as the overall | |||
| header block size to mitigate such attacks. | header block size to mitigate such attacks. | |||
| It is possible for parties with the ability to inject new HTTP header | It is possible for parties with the ability to inject new HTTP header | |||
| fields to change the meaning of a Structured Headers. In some | fields to change the meaning of a Structured Header. In some | |||
| circumstances, this will cause parsing to fail, but it is not | circumstances, this will cause parsing to fail, but it is not | |||
| possible to reliably fail in all such circumstances. | possible to reliably fail in all such circumstances. | |||
| 7. References | 7. References | |||
| 7.1. Normative References | 7.1. Normative References | |||
| [RFC0020] Cerf, V., "ASCII format for network interchange", STD 80, | [RFC0020] Cerf, V., "ASCII format for network interchange", STD 80, | |||
| RFC 20, DOI 10.17487/RFC0020, October 1969, | RFC 20, DOI 10.17487/RFC0020, October 1969, | |||
| <https://www.rfc-editor.org/info/rfc20>. | <https://www.rfc-editor.org/info/rfc20>. | |||
| skipping to change at page 25, line 38 ¶ | skipping to change at page 28, line 9 ¶ | |||
| describe what a processor's behaviour should be when one of the | describe what a processor's behaviour should be when one of the | |||
| headers is missing. | headers is missing. | |||
| If you need to fit arbitrarily complex data into a header, Structured | If you need to fit arbitrarily complex data into a header, Structured | |||
| Headers is probably a poor fit for your use case. | Headers is probably a poor fit for your use case. | |||
| Appendix B. Changes | Appendix B. Changes | |||
| _RFC Editor: Please remove this section before publication._ | _RFC Editor: Please remove this section before publication._ | |||
| B.1. Since draft-ietf-httpbis-header-structure-06 | B.1. Since draft-ietf-httpbis-header-structure-07 | |||
| o Make Dictionaries ordered mappings (#659). | ||||
| o Changed "binary content" to "byte sequence" to align with Infra | ||||
| specification (#671). | ||||
| o Changed "mapping" to "map" for #671. | ||||
| o Don't fail if byte sequences aren't "=" padded (#658). | ||||
| o Add Booleans (#683). | ||||
| o Allow identifiers in items again (#629). | ||||
| o Disallowed whitespace before items (#703). | ||||
| o Explain the consequences of splitting a string across multiple | ||||
| headers (#686). | ||||
| B.2. Since draft-ietf-httpbis-header-structure-06 | ||||
| o Add a FAQ. | o Add a FAQ. | |||
| o Allow non-zero pad bits. | o Allow non-zero pad bits. | |||
| o Explicitly check for integers that violate constraints. | o Explicitly check for integers that violate constraints. | |||
| B.2. Since draft-ietf-httpbis-header-structure-05 | B.3. Since draft-ietf-httpbis-header-structure-05 | |||
| o Reorganise specification to separate parsing out. | o Reorganise specification to separate parsing out. | |||
| o Allow referencing specs to use ABNF. | o Allow referencing specs to use ABNF. | |||
| o Define serialisation algorithms. | o Define serialisation algorithms. | |||
| o Refine relationship between ABNF, parsing and serialisation | o Refine relationship between ABNF, parsing and serialisation | |||
| algorithms. | algorithms. | |||
| B.3. Since draft-ietf-httpbis-header-structure-04 | B.4. Since draft-ietf-httpbis-header-structure-04 | |||
| o Remove identifiers from item. | o Remove identifiers from item. | |||
| o Remove most limits on sizes. | o Remove most limits on sizes. | |||
| o Refine number parsing. | o Refine number parsing. | |||
| B.4. Since draft-ietf-httpbis-header-structure-03 | B.5. Since draft-ietf-httpbis-header-structure-03 | |||
| o Strengthen language around failure handling. | o Strengthen language around failure handling. | |||
| B.5. Since draft-ietf-httpbis-header-structure-02 | B.6. Since draft-ietf-httpbis-header-structure-02 | |||
| o Split Numbers into Integers and Floats. | o Split Numbers into Integers and Floats. | |||
| o Define number parsing. | o Define number parsing. | |||
| o Tighten up binary parsing and give it an explicit end delimiter. | o Tighten up binary parsing and give it an explicit end delimiter. | |||
| o Clarify that mappings are unordered. | o Clarify that mappings are unordered. | |||
| o Allow zero-length strings. | o Allow zero-length strings. | |||
| o Improve string parsing algorithm. | o Improve string parsing algorithm. | |||
| o Improve limits in algorithms. | o Improve limits in algorithms. | |||
| o Require parsers to combine header fields before processing. | o Require parsers to combine header fields before processing. | |||
| o Throw an error on trailing garbage. | o Throw an error on trailing garbage. | |||
| B.6. Since draft-ietf-httpbis-header-structure-01 | B.7. Since draft-ietf-httpbis-header-structure-01 | |||
| o Replaced with draft-nottingham-structured-headers. | o Replaced with draft-nottingham-structured-headers. | |||
| B.7. Since draft-ietf-httpbis-header-structure-00 | B.8. Since draft-ietf-httpbis-header-structure-00 | |||
| o Added signed 64bit integer type. | o Added signed 64bit integer type. | |||
| o Drop UTF8, and settle on BCP137 ::EmbeddedUnicodeChar for h1- | o Drop UTF8, and settle on BCP137 ::EmbeddedUnicodeChar for h1- | |||
| unicode-string. | unicode-string. | |||
| o Change h1_blob delimiter to ":" since "'" is valid t_char | o Change h1_blob delimiter to ":" since "'" is valid t_char | |||
| Authors' Addresses | Authors' Addresses | |||
| End of changes. 87 change blocks. | ||||
| 143 lines changed or deleted | 247 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||