Web Distributed Authoring and Versioning (WebDAV) Redirect Reference ResourcesUC Santa Cruz, Dept. of Computer Science1156 High StreetSanta CruzCA95064USejw@cse.ucsc.eduIBM20 Maguire RoadLexingtonMA02421USgeoffrey.clemm@us.ibm.comgreenbytes GmbHSalzmannstrasse 152MuensterNW48159Germany+49 251 2807760+49 251 2807761julian.reschke@greenbytes.dehttp://greenbytes.de/tech/webdav/WEBDAV Working Group
Expand "WebDAV" in document title.
Done (no change tracking).
There are (at least) two major design goals, but unfortunately both are
in direct contradiction:
#1: Maximum consistency with HTTP/1.1 (RFC2616). This means that any
request that addresses a redirect reference resource MUST result in a
3xx status code (obviously the whole point is that GET MUST result in a
redirection, and if it does, it's hard to say why other methods such as
PUT or DELETE should behave differently). Therefore, the redirect
reference protocol introduces a new request header
("Apply-To-Redirect-Ref") through which a client can indicate that the
request indeed should be applied to the redirect reference resource itself.
#2: Maximum usability with existing clients. For instance, the Microsoft
Webfolder client will not be able to DELETE a redirect reference
resource unless the server deviates from #1.
Right now I'm not sure about the best way to resolve this. Currently the
spec chooses #1 (back when this decision was made, there was probably
the assumption that existing clients would quickly be updated --
something that probably isn't true today).
However this may result in implementers either just ignoring these
rules, or adding special workarounds based on "User Agent" detection.
Support creation of other than 302 redirects, especially 301.
HTTP seems to distinguish the following use cases: (a) permanent
redirect (301), (b) temporary redirect (302 or 307), (c) redirect to a GET
location after POST (303) and (d) agent-driven negotiation (300).
Among these, (a) and (b) seem to be well understood, so we should
support both. (c) doesn't seem to be applicable. (d) may become interesting
when user agents start supporting it, so the spec should be flexible
enough to support a feature extension for that. For now I propose
that the client is able to specify the redirection type as a resource type,
such as "DAV:permanent-redirect-reference" and "DAV:temporary-redirect-reference".
This spec would only define the behaviour for these two resource types
and would allow future extensions using new resource types and suggested
response codes.
Support creation of both permanent (301, optional) and temporary (302, required) redirects.
Keep protocol extensible for other types. Make lifetime visible as protected property.
This specification defines redirect reference resources. A
redirect reference resource is a resource whose default response is an
HTTP/1.1 302 (Found) status code3xx (Redirection) status code (see , Section 10.3), redirecting the client to a different
resource, the target resource. A redirect reference makes it possible
to access the target resource indirectly, through any URI mapped to the
redirect reference resource. There are no integrity guarantees
associated with redirect reference resources.
Distribution of this document is unlimited. Please send comments to the
Distributed Authoring and Versioning (WebDAV) working group at w3c-dist-auth@w3.org, which may be joined by sending a message with subject
"subscribe" to w3c-dist-auth-request@w3.org.
Discussions of the WEBDAV working group are archived at URL:
http://lists.w3.org/Archives/Public/w3c-dist-auth/.
This is one of a pair of specifications that extend the WebDAV
Distributed Authoring Protocol to enable clients to create new access
paths to existing resources. This capability is useful for several
reasons:
Not Hierarchical:
The first sentence of the second paragraph of the introduction of the redirect spec asserts that the URIs of WebDAV compliant resources match to collections. The WebDAV standard makes no such requirement. I therefore move that this sentence be stricken.
State the more general HTTP rationale first (alternative names for the same resource), then introduce the collection hierarchy rationale, which applies only if you are in a WebDAV-compliant space.
URIs of WebDAV-compliant resources are hierarchical and correspond to a
hierarchy of collections in resource space. The WebDAV Distributed
Authoring Protocol makes it possible to organize theseHTTP resources into
hierarchies, placing them into groupings, known as collections, which
are more easily browsed and manipulated than a single flat collection.
However, hierarchies require categorization decisions that locate
resources at a single location in the hierarchy, a drawback when a
resource has multiple valid categories. For example, in a hierarchy of
vehicle descriptions containing collections for cars and boats, a
description of a combination car/boat vehicle could belong in either
collection. Ideally, the description should be accessible from both.
Allowing clients to create new URIs that access the existing resource
lets them put that resource into multiple collections.
Servers: Replace "server" with "unrelated system" throughout.
Try replacing "server" with "host" in some contexts, rephrasing in passive voice in others.
See also issue 40.
Hierarchies also make resource sharing more difficult, since resources
that have utility across many collections are still forced into a single
collection. For example, the mathematics department at one university
might create a collection of information on fractals that contains
bindings to some local resources, but also provides access to some
resources at other universities. For many reasons, it may be
undesirable to make physical copies of the shared resources on the local
server: to conserve disk space, to respect copyright constraints, or to
make any changes in the shared resources visible automatically. Being
able to create new access paths to existing resources in other
collections or even on other servers is useful for this sort of case.
Forwarding: Replace "forward" with "redirect" throughout.
Use "redirect" for the behavior redirect resources do exhibit. Use "forward" for the contrasting behavior (passing a method on to the target with no client action needed). Define these two terms. See also issue 40.
The redirect reference resources defined here provide a mechanism for
creating alternative access paths to existing resources. A redirect
reference resource is a resource in one collection whose purpose is to
forward requests to another resource (its target), possibly in a
different collection. In this way, it allows clients to submit requests
to the target resource from another collection. It redirects most
requests to the target resource using the HTTP 302 (Found) status codea HTTP status code from the 3xx range (Redirection),
thereby providing a form of mediated access to the target resource.
Integrity: Intro, para 7 "Servers are not required to enforce the integrity of redirect references." Integrity is not defined. Replace with something clearer.
Remove that sentence. Issue will be resolved as part of the resolution of
"lc-57-noautoupdate".
A redirect reference is a resource with properties but no body of its own. Properties of a redirect reference resource can
contain such information as who created the reference, when, and why.
Since redirect reference resources are implemented using HTTP 3023xx
responses, it generally takes two round trips to submit a request to the
intended resource. Servers are not required to enforce the integrity of
redirect references. Redirect references work equally well for local
resources and for resources that reside on a different server from the
reference.
The remainder of this document is structured as follows:
defines terms that will be used throughout the specification.
provides an overview of redirect reference resources.
discusses how to create a redirect reference resource.
defines the semantics of existing methods when applied to redirect
reference resources, and discusses their semantics when
applied to collections that contain redirect reference resources.
Sections
through discuss several other issues raised by the
existence of redirect reference resources. Sections through
define the new headers, properties, and XML elements required to support
redirect reference resources. Section discusses capability
discovery. Sections
through present the security,
internationalization, and IANA concerns raised by this specification.
The remaining sections provide a variety of supporting information.
Since this document describes a set of extensions to the WebDAV
Distributed Authoring Protocol , itself an extension to the
HTTP/1.1 protocol, the augmented BNF used here to describe protocol
elements is exactly the same as described in Section 2.1 of .
Since this augmented BNF uses the basic production rules provided in
Section 2.2 of , these rules apply to this document as well.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in .
The terminology used here follows and extends that in the WebDAV
Distributed Authoring Protocol specification . Definitions of
the terms resource, Uniform Resource Identifier (URI), and Uniform
Resource Locator (URL) are provided in .
Consider global rename of "redirect reference resource" to "redirect resource".
Redirect Reference Resource
A resource created to redirect all requests made to it, using 302 (Found)an HTTP status code from the 3xx range,
to a defined target resource.
Non-Reference Resource
A resource that is not a reference to another resource.Target Resource
The resource to which requests are forwarded by a reference
resource.
A target resource can be anything that can be identified by an absolute URI
(see , "absoluteURI").
This document uses the terms "precondition", "postcondition" and "protected property" as defined in
. Servers MUST report pre-/postcondition failures
as described in section 1.6 of this document.
For all operations submitted to a redirect reference resource, the
default response is a 302 (Found), accompanied by the Redirect-Ref
header (defined in below) and the Location header set to
the URI of the target resource. With this information, the client can
resubmit the request to the URI of the target resource.
A redirect reference resource never automatically forwards requests to
its target resource. Redirect resources
bring the same benefits as links in HTML documents. They can be created and
maintained without the involvement or even knowledge of their target
resource. This reduces the cost of linking between resources."
If the client is aware that it is operating on a redirect reference
resource, it can resolve the reference by retrieving the reference
resource's DAV:reftarget property (defined in below), whose
value contains the URI of the target resource. It can then submit
requests to the target resource.
A redirect reference resource is a new type of resource. To distinguish
redirect reference resources from non-reference resources, a new value
of the DAV:resourcetype property (defined in ), DAV:redirectref,
is defined in below.
Since a redirect reference resource is a resource, methods can be applied to the reference
resource as well as to its target resource. The Apply-To-Redirect-Ref
request header (defined in below) is provided so that
referencing-aware clients can control whether an operation is applied to
the redirect reference resource or
standard HTTP/WebDAV behaviour (redirection with a 3xx status code)
should occur. The Apply-To-Redirect-Ref
header can be used with most requests to redirect
reference resources. This header is particularly useful with PROPFIND,
to retrieve the reference resource's own properties.
Umbrella issue for all changes caused by replacing the generic MKRESOURCE
method by MKREDIRECTREF.
There needs to be a way to update the target of a redirect reference.
Agreed.
See also issues 6, 43.
Make redirect references independent of the rest of WebDAV. The creation method for redirect references shouldn't require an XML request body.
MKRESOURCE will be replaced by a specific method that doesn't rely
on any PROPPATCH semantics, however it will still use XML (see also BIND
spec for similar marshalling).
The new MKRESOURCE method is used to create new redirect reference
resources. In order to create a redirect reference resource using
MKRESOURCE, the values of two properties must be set in the body of the
MKRESOURCE request. The value of DAV:resourcetype MUST be set to
DAV:redirectref, a new value of DAV:resourcetype defined in .
The value of DAV:reftarget MUST be set to the URI of the target
resource.
Used in this way, the MKRESOURCE method creates a redirect reference
resource whose target is identified by the DAV:reftarget property.
The MKRESOURCE method requests the creation of a redirect reference resource and
initialization of its properties in one atomic operation.
Preconditions:
A resource MUST NOT exist at the Request-URI.
Request Marshalling:
The location of the new resource to be created is specified by the
Request-URI.
The request body of the MKRESOURCE method MUST consist of the
DAV:propertyupdate XML element defined in Section 12.13 of ,
specifying a DAV:resourcetype of "DAV:redirectref".
Postconditions:
If the response status code is 201, a new resource exists at the
Request-URI.
Section 5.1: Replace the sentence "The properties of the new resource are as specified by the DAV:propertyupdate request body, using PROPPATCH semantics" with the following:
"The MKRESOURCE request MAY contain a DAV:propertyupdate request body to initialize resource properties. Herein, the semantics is the same as when sending a MKRESOURCE request without a request body, followed by a PROPPATCH with the DAV:propertyupdate request body."
MKRESOURCE will be replaced by simpler/more specific method.
The properties of the new resource are as specified by the
DAV:propertyupdate request body, using PROPPATCH semantics.
If the response status code is not 201, then a new resource is not
created at the Request-URI, and any existing resource at the Request-URI
is unaffected.
Response Marshalling:
Responses from a MKRESOURCE request MUST NOT be cached, as MKRESOURCE
has non-idempotent semantics.
The following status codes can be expected in responses to MKRESOURCE:
201 (Created): The new resource was successfully created.
403 (Forbidden): The server does not allow the creation of the requested
resource type at the requested location, or the parent collection of the
Request-URI exists but cannot accept members.
409 (Conflict): A resource cannot be created at the Request-URI because
the parent collection for the resource does not exist, or because there
is already a resource at that request-URL.
423 (Locked): The Request-URI is locked, and the lock token was not
passed with the request.
507 (Insufficient Storage): The server does not have sufficient space to
record the state of the resource.
This request resulted in the creation of a new redirect reference
resource at
http://www.example.com/~whitehead/dav/spec08.ref, which points to
the resource identified by the DAV:reftarget property. In this example,
the target resource is identified by the URI http://www.example.com/i-d/draft-webdav-protocol-08.txt.
The redirect reference resource's DAV:resourcetype property is set to DAV:redirectref.
The MKREDIRECTREF method requests the creation of a redirect reference resource.
If a MKREDIRECTREF request fails, the server state preceding the request MUST be restored.
Responses from a MKREDIRECTREF request MUST NOT be cached, as MKREDIRECTREF
has non-idempotent semantics.
Marshalling:
The request body MUST be a DAV:mkredirectref XML element.
The DAV:href element is defined in (Section 12.3)
and MUST contain either an absoluteURI or a relativeURI
(see , Section 3 and 5).
If the request succeeds, the server MUST return 201 (Created) status.
If a response body for a successful request is included, it MUST be a
DAV:mkredirectref-response XML element. Note that this document does not define
any elements for the MKREDIRECTREF response body, but the DAV:mkredirectref-response
element is defined to ensure interoperability between future extensions
that do define elements for the MKREDIRECTREF response body.
Preconditions:
(DAV:resource-must-be-null): A resource MUST NOT exist at the request-URL.
(DAV:parent-resource-must-be-non-null): The request-URL minus the last
past segment MUST identify a collection.
(DAV:name-allowed): The last segment of the request URL is available for
use as a resource name.
(DAV:locked-update-allowed): If the collection identified by the
Request-URL minus the last path segment is write-locked, then the appropriate
token MUST be specified in an If request header.
(DAV:redirect-lifetime-supported): If the request body contains a DAV:redirect-lifetime
element, the server MUST support the specified liftime. Support for DAV:temporary is REQUIRED, while
support for DAV:permanent is OPTIONAL.
Postconditions:
(DAV:new-redirectref): a new redirect reference resource is created
whose DAV:reftarget property has the value specified in the request body.
This request resulted in the creation of a new redirect reference
resource at
http://www.example.com/~whitehead/dav/spec08.ref, which points to
the resource identified by the DAV:reftarget property. In this example,
the target resource is identified by the URI http://www.example.com/i-d/draft-webdav-protocol-08.txt.
The redirect reference resource's DAV:resourcetype property is set to DAV:redirectref.
Replace all of section 6 with just this:
A redirect resource, upon receiving a request without an Apply-To-Redirect-Ref header, MUST respond with a 302 (Found) response. The 302 (Found) response MUST include a location header identifying the target and a Redirect-Ref header.
If a redirect resource receives a request with an Apply-To-Redirect-Ref header then the redirect reference resource MUST apply the method to itself rather than blindly returning a 302 (Found) response.
Keep a summary along the lines of Yaron's proposal (don't use the word "blindly").
Keep the bullets detailing the headers to be returned.
Delete the rest, including the examples.
See also issue 28, 29, 30, 31, 32.
Although non-referencing-aware clients cannot create reference
resources, they should be able to submit requests through the reference
resources created by reference-aware WebDAV clients. They should be
able to follow any references to their targets. To make this possible,
a server that receives any request made via a redirect reference
resource MUST return a 302 (Found)3xx range (Redirection) status code, unless the request
includes an Apply-To-Redirect-Ref header specifying "T". The client and server MUST
follow Section 10.3.3 "302 Found", but with these additional
rules:
The Location response header MUST contain an absolute URI that
identifies the target of the reference resource.
The response MUST include the Redirect-Ref header. This header
allows reference-aware WebDAV clients to recognize the resource as a
reference resource and understand the reason for the redirection.
A reference-aware WebDAV client can, like a non-referencing client, resubmit the request to
the URI in the Location header in order to operate on the target
resource. Alternatively, it can resubmit the request to the URI of the
redirect reference resource with the
"Apply-To-Redirect-Ref: T" header in
order to operate on the reference resource itself. In this case, the request MUST be applied to the
reference resource itself, and a 3023xx response MUST NOT be returned.
As redirect references do not have bodies, GET and PUT requests with
"Apply-To-Redirect-Ref: T" MUST fail with status 403 (forbidden).
Consistent with the rules in , the response for each redirect
reference encountered while processing a collection MUST be a 302
(Found)3xx (Redirection) unless a "Apply-To-Redirect-Ref: T" header is included with the
request. The overall response will therefore be a 207 (Multi-Status).
For each DAV:response element representing a redirect reference, the server
MUST include an additional DAV:location element, specifying the value of the
"Location" header that would be returned otherwise.
The extension is defined in below.
The Apply-To-Redirect-Ref header (defined in ) MAY be used
with any request on a collection. If present, it will be applied to all
redirect reference resources encountered while processing the
collection.
An attempt to lock (with Depth: infinity) a collection that contains redirect references
without specifying "Apply-To-Redirect-Ref: T" will always fail. The Multi-Status response will contain a
3023xx response
for each redirect reference.
Reference-aware clients can lock the collection by using Apply-To-Redirect-Ref,
and, if desired, lock the targets of the redirect
references individually.
Non-referencing clients must resort to locking each resource
individually.
Suppose a PROPFIND request with Depth: infinity is submitted to the
following collection, with the members shown here:
In this example the Depth header is set to infinity, and the Apply-To-Redirect-Ref
header is set to "F". The collection contains one URI that
identifies a redirect reference resource. The response element for the
redirect reference resource has a status of 302 (Found), and includes a
DAV:location extension element
to allow clients to retrieve the properties of
its target resource. (The response element for the redirect reference
resource does not include the requested properties. The client can
submit another PROPFIND request to the URI in the DAV:location pseudo-property
to retrieve those properties.)
Suppose a PROPFIND request with
"Apply-To-Redirect-Ref: T" and Depth:
infinity is submitted to the following collection, with the members
shown here:
Since the "Apply-To-Redirect-Ref: T" header is present, the response shows
the properties of the redirect reference resource in the collection
rather than reporting a 302 status.
Suppose a COPY request is submitted to the following collection, with
the members shown:
In this case, since /MyCollection/nunavut is a redirect reference
resource, the COPY operation was only a partial success. The redirect
reference resource was not copied, but a 302 response was returned for
it. So the resulting collection is as follows:
Suppose a LOCK request is submitted to the following collection, with
the members shown:
The server returns a 302 response code for the redirect reference
resource in the collection. Consequently, neither the collection nor
any of the resources identified by its internal member URIs were locked.
A referencing-aware client can submit a separate LOCK request to the URI
in the DAV:location
element returned for the redirect reference
resource, and can resubmit the LOCK request with the Apply-To-Redirect-Ref
header to the collection. At that point both the reference resource
and its target resource will be locked (as well as the collection and
all the resources identified by its other members).
Operations on targets of redirect reference resources have no effect on
the reference resource.
Add language to forbid servers from automatically updating redirect resources when their targets move.
I don't think we can forbid that. This spec consists of (a) clarifications
of how a server that supports redirects should behave for specific
WebDAV methods, and (b) extensions to explicitly create them (or to
apply a method to the redirect itself). As such, we shouldn't add any
requirements that HTTP doesn't add. What we could do is (1) note why auto-update
may be a bad idea, and possibly (2) define that redirects created by
MKREDIRECTREF should not behave that way (or alternatively define
more specific resource types).
The URI in the href in a DAV:reftarget property MAY be a relative URI.
In this case, the base URI to be used for resolving the relative URI to
absolute form is the URI used in the HTTP message to identify the
redirect reference resource to which the DAV:reftarget property belongs.
When DAV:reftarget appears in the context of a Multi-Status response, it
is in a DAV:response element that contains a single DAV:href element.
The value of this DAV:href element serves as the base URI for resolving
a relative URI in DAV:reftarget. The value of DAV:href may itself be
relative, in which case it must be resolved first in order to serve as
the base URI for the relative URI in DAV:reftarget. If the DAV:href
element is relative, its base URI is constructed from the scheme
component "http", the value of the Host header in the request, and the
request-URI.
In this example, the relative URI statistics/population/1997.html is
returned as the value of reftarget for the reference resource identified
by href /geog/stats.html. The href is itself a relative URI, which
resolves to http://example.com/geog/stats.html. This is the base URI
for resolving the relative URI in reftarget. The absolute URI of
reftarget is
http://example.com/geog/statistics/population/1997.html.
In a Request-URI /segment1/segment2/segment3, any of the three segments
may identify a redirect reference resource. (See , Section 3.3,
for definitions of "path" and "segment".) If any segment in a Request-URI
identifies a redirect reference resource, the response SHOULD be a 3023xx.
The value of the Location header in the 302 response is as follows:
The leftmost path segment of the request-URI that identifies a redirect
reference resource, together with all path segments and separators to
the left of it, is replaced by the value of the redirect reference
resource's DAV:reftarget property (resolved to an absolute URI). The
remainder of the request-URI is concatenated to this path.
Note: If the DAV:reftarget property ends with a "/" and the remainder of
the Request-URI is non-empty (and therefore must begin with a "/"), the
final "/" in the DAV:reftarget property is dropped before the remainder
of the Request-URI is appended.
Consider Request-URI /x/y/z.html. Suppose that /x/ is a redirect
reference resource whose target resource is collection /a/, which
contains redirect reference resource y whose target resource is
collection /b/, which contains redirect reference resource z.html whose
target resource is /c/d.html.
In this case the client must follow up three separate 3023xx responses
before finally reaching the target resource. The server responds to the
initial request with a 3023xx with Location: /a/y/z.html, and the client
resubmits the request to /a/y/z.html. The server responds to this
request with a 3023xx with Location: /b/z.html, and the client resubmits
the request to /b/z.html. The server responds to this request with a
3023xx with Location: /c/d.html, and the client resubmits the request to
/c/d.html. This final request succeeds.
Note: the behavior described above may have a very serious impact on the
efficiency of mapping Request-URIs to resources in HTTP request processing.
Therefore servers MAY respond with a 404 status code if the cost of checking
all leading path segments for redirect references seems prohibitive.
The Redirect-Ref header is used in all 3023xx responses from redirect
reference resources.
The value is the (possibly relative) URI of the link target as specified during
redirect reference resource creation.
The optional Apply-To-Redirect-Ref header can be used on any request to
a redirect reference resource. When it is present and set to "T", the request MUST be
applied to the reference resource itself, and a 3023xx response MUST NOT be
returned.
If the Apply-To-Redirect-Ref header is used on a request to any other
sort of resource besides a redirect reference resource, the server
MUST ignore it.
reftargetDAV:A property of redirect reference resources that provides an
efficient way for clients to discover the URI of the target
resource. This is a read-only property after its initial
creation. Its value can only be set in a MKRESOURCEMKREDIRECTREF request.href containing the URI of the target resource. This value
MAY be a relative URI. The reftarget property can occur in
the entity bodies of MKRESOURCEMKREDIRECTREF requests and of responses to
PROPFIND requests.
The properties defined below are REQUIRED on redirect reference resources.
This property provides information about the lifetime of a redirect. It can
either be DAV:permanent (HTTP status 301) or DAV:temporary (HTTP status 302).
Future protocols MAY define additional values.
Sync names for DAV:reftarget property and "Redirect-Ref" response headers.
This property provides an efficient way for clients to discover the URI of
the target resource. This is a read-only property after its initial creation.
Its value can only be set in a MKREDIRECTREF request. The value is a DAV:href
element containing the URI of the target resource.
redirectrefDAV:Used as the value of the DAV:resourcetype property to
specify that the resource type is a redirect reference
resource.
As described in , the DAV:location element
may be returned in the DAV:response element of a 207 Multi-Status response,
to allow clients to resubmit their requests to the target resource of a
redirect reference resource.
Consequently, the definition of the DAV:response XML element changes to
the following:
Sections 9.1 and 15 of describe the use of compliance classes
with the DAV header in responses to OPTIONS, to indicate which parts of
the WebDAV Distributed Authoring protocols the resource supports. This
specification defines an OPTIONAL extension to . It defines a
new compliance class, called redirectrefs, for use with the DAV header
in responses to OPTIONS requests. If a resource does support redirect
references, its response to an OPTIONS request may indicate that it
does, by listing the new redirectrefs compliance class in the DAV
header and by listing the MKRESOURCEMKREDIRECTREF method as one it supports.
When responding to an OPTIONS request, any type of resource can include
redirectrefs in the value of the DAV header. Doing so indicates that
the server permits a redirect reference resource at the request URI.
The DAV header in the response indicates that the resource
/somecollection/someresource is level 1 and level 2 compliant, as
defined in . In addition, /somecollection/someresource supports
redirect reference resources. The Allow header indicates that
MKRESOURCEMKREDIRECTREF requests can be submitted to /somecollection/someresource.
This section is provided to make applications that implement this protocol aware of the
security implications of this protocol.
All of the security considerations of HTTP/1.1 and the WebDAV
Distributed Authoring Protocol specification also apply to this protocol
specification. In addition, redirect reference resources introduce
several new security concerns and increase the risk of some existing
threats. These issues are detailed below.
By creating redirect reference resources on a trusted server, it is
possible for a hostile agent to induce users to send private information
to a target on a different server. This risk is mitigated somewhat,
since clients are required to notify the user of the redirection for any
request other than GET or HEAD. (See , Section 10.3.3 302 Found.)
Although redirect loops were already possible in HTTP 1.1, the
introduction of the MKRESOURCEMKREDIRECTREF method creates a new avenue for clients
to create loops accidentally or maliciously. If the reference resource
and its target are on the same server, the server may be able to detect
MKRESOURCEMKREDIRECTREF requests that would create loops. See also , Section
10.3 "Redirection 3xx."
Denial of service attacks were already possible by posting URLs that
were intended for limited use at heavily used Web sites. The
introduction of MKRESOURCEMKREDIRECTREF creates a new avenue for similar denial of
service attacks. Clients can now create redirect reference resources at
heavily used sites to target locations that were not designed for heavy
usage.
There are several ways that redirect reference resources may reveal
information about collection structures. First, the DAV:reftarget
property of every redirect reference resource contains the URI of the
target resource. Anyone who has access to the reference resource can
discover the collection path that leads to the target resource. The
owner of the target resource may have wanted to limit knowledge of this
collection structure.
Sufficiently powerful access control mechanisms can control this risk to
some extent. Property-level access control could prevent users from
examining the DAV:reftarget property. (The Location header returned in
responses to requests on redirect reference resources reveals the same
information, however.)
This risk is no greater than the similar risk posed by HTML links.
All internationalization considerations mentioned in also apply to this document.
Expand the IANA section to list all methods, headers, XML elements, MIME types, URL schemes, etc., defined by the spec.
Rejected: this section is about registering new spaces of identifiers.
See RFC2434.
All IANA considerations mentioned in also
apply to this document.
Many thanks to Jason Crawford, Jim Davis, Chuck Fay and Judith Slein who can take credit
for big parts of the original design of this specification.
This document has benefited from thoughtful discussion by Jim Amsden, Peter
Carlson, Steve Carter, Tyson Chihaya, Ken Coar, Ellis Cohen, Bruce
Cragun, Spencer Dawkins, Mark Day, Rajiv Dulepet, David Durand, Lisa Dusseault, Stefan Eissing, Roy
Fielding, Yaron Goland, Fred Hitt, Alex Hopmann, James Hunt, Marcus
Jager, Chris Kaler, Manoj Kasichainula, Rohit Khare, Daniel LaLiberte,
Steve Martin, Larry Masinter, Jeff McAffer, Joe Orton,
Surendra Koduru Reddy, Juergen Reuter, Max
Rible, Sam Ruby, Bradley Sergeant, Nick Shelness, John Stracke, John
Tigue, John Turner, Kevin Wiggen, and others.
Key words for use in RFCs to Indicate Requirement LevelsHarvard Universitysob@harvard.eduUniform Resource Identifiers (URI): Generic SyntaxWorld Wide Web Consortiumtimbl@w3.orgDepartment of Information and Computer Sciencefielding@ics.uci.eduXerox PARCmasinter@parc.xerox.comHTTP Extensions for Distributed Authoring -- WEBDAVMicrosoft Corporationyarong@microsoft.comDept. Of Information and Computer Science, University of California, Irvineejw@ics.uci.eduNetscapeasad@netscape.comNovellsrcarter@novell.comNovelldcjensen@novell.comHypertext Transfer Protocol -- HTTP/1.1University of California, Irvinefielding@ics.uci.eduW3Cjg@w3.orgCompaq Computer Corporationmogul@wrl.dec.comMIT Laboratory for Computer Sciencefrystyk@w3.orgXerox Corporationmasinter@parc.xerox.comMicrosoft Corporationpaulle@microsoft.comW3Ctimbl@w3.orgVersioning Extensions to WebDAV (Web Distributed Authoring and Versioning)Rational Softwaregeoffrey.clemm@rational.comIBMjamsden@us.ibm.comIBMtim_ellison@uk.ibm.comMicrosoftckaler@microsoft.comUC Santa Cruz, Dept. of Computer Scienceejw@cse.ucsc.edu
Cleanup DTD.
Julian Reschke takes editorial role (added to authors list). Cleanup
XML indentation. Start adding all unresolved last call issues. Update
some author's contact information. Update references, split into "normative"
and "informational". Remove non-RFC2616 headers ("Public") from examples.
Fixed width problems in artwork. Start resolving editorial issues.
Added Joe Orton and Juergen Reuter to Acknowledgements section. Close more
editorial issues. Remove dependencies on BIND spec.
More editorial fixes. Clarify that MKRESOURCE can only be used to create
redirect references (switch to new method in a future draft). Clarify
that redirect references do not have bodies.
Close (accept) issue "lc-79-accesscontrol". Add issue "rfc2606-compliance".
Close issues "lc-50-blindredirect", "lc-71-relative", "lc-74-terminology".
Update contact info for Geoff Clemm. Moved some of the original authors names to
new Contributors section.
Add and close issue "9-MKRESOURCE-vs-relative-URI".
Close issue "lc-72-trailingslash".
Close issue "lc-60-ex". Update issue "lc-85-301" with proposal.
Close issue "lc-06-reftarget-relative" (9-MKRESOURCE-vs-relative-URI was
a duplicate of this one). Also remove section 9.1 (example for MKRESOURCE
vs relative URIs).
Add and resolve issue "11.2-apply-to-redirect-ref-syntax" (header now has
values "T" and "F"). Also some cleanup for "rfc2606-compliance".
Typo fixes. Add and resolve "15.1-options-response".
Resolve issues "lc-19-direct-ref", "lc-28-lang", "lc-29-lang", "lc-44-pseudo",
"lc-53-s10", "lc-61-pseudo", "lc-63-move", "lc-80-i18n" and "rfc2606-compliance". Start work on index.
Add new issue "old_clients".
Closed issue "lc-38-not-hierarchical". Cleaned up DTD fragments in appendix.
Close (reject) issues "lc-55-iana" and "lc-41-no-webdav". Add issue
"5_mkresource" and start work on MKREDIRECTREF (issue closed, but more
work on MKREDIRECTREF needs to be done for updates and status codes other
than 302). Start resolution of "lc-85-301", replacing "302" by more generic
language. Update issue "lc-57-noautoupdate". Close issue "lc-37-integrity"
(duplicate of "lc-57-autoupdate"). Started work on "lc-85-301". Add L.
Dusseault and S. Eissing to Acknowledgments section.