|WEBDAV DASL Working Group||J. Reschke|
|Intended status: Experimental||S. Reddy|
|Expires: August 2003||Oracle|
Note: a later version of this document has been published as RFC5323.
This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress”.
The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.
This Internet-Draft will expire in August 2003.
Copyright © The Internet Society (2003). All Rights Reserved.
1 This document specifies a set of methods, headers, properties and content-types composing WebDAV SEARCH, an application of the HTTP/1.1 protocol to efficiently search for DAV resources based upon a set of client-supplied criteria.
2 Distribution of this document is unlimited. Please send comments to the Distributed Authoring and Versioning (WebDAV) DASL mailing list at firstname.lastname@example.org, which may be joined by sending a message with subject "subscribe" to email@example.com. Discussions of the WebDAV DASL mailing list are archived at URL: http://www.w3.org/pub/WWW/Archives/Public/www-webdav-dasl/.
3 This document defines WebDAV SEARCH, an application of HTTP/1.1 forming a lightweight search protocol to transport queries and result sets and allows clients to make use of server-side search facilities. It is based on the expired draft for WebDAV DASL [DASL]. [DASLREQ] describes the motivation for DASL.¶
4 DASL will minimize the complexity of clients so as to facilitate widespread deployment of applications capable of utilizing the DASL search mechanisms.¶
5 DASL consists of: ¶
12 For WebDAV-compliant servers, it also defines a new live property DAV:supported-query-grammar-set.¶
15 The augmented BNF used by this document to describe protocol elements is exactly the same as the one described in Section 2.1 of [RFC2616]. Because this augmented BNF uses the basic production rules provided in Section 2.2 of [RFC2616], those rules apply to this document as well.¶
17 When an XML element type in the "DAV:" namespace is referenced in this document outside of the context of an XML fragment, the string "DAV:" will be prefixed to the element type.¶
18 Note that this draft currently defines elements and properties in the WebDAV namespace "DAV:", which it shouldn't do as it isn't a work item of the WebDAV working group. The reason for this is the desire for some kind of backward compatibility to the expired DASL drafts and the assumption that the draft may become an official RFC submission of the WebDAV working group at a later point of time.¶
19 Similarily, when an XML element type in the namespace "http://www.w3.org/2001/XMLSchema" is referenced in this document outside of the context of an XML fragment, the string "xs:" will be prefixed to the element type.¶
20 One can express the basic usage of DASL in the following steps: ¶
26 The SEARCH method plays the role of transport mechanism for the query and the result set. It does not define the semantics of the query. The type of the query defines the semantics.¶
27 The client invokes the SEARCH method on the resource named by the Request-URI.¶
28 The Request-URI identifies the search arbiter. Any HTTP resource may function as search arbiter. It is not a new type of resource (in the sense of DAV:resourcetype as defined in [RFC2518]), nor does it have to be a WebDAV-compliant resource.¶
29 The SEARCH method defines no relationship between the arbiter and the scope of the search, rather the particular query grammar used in the query defines the relationship. For example, the FOO query grammar may force the request-URI to correspond exactly to the search scope.¶
31 If the client sends a text/xml or application/xml body, it MUST include the DAV:searchrequest XML element. The DAV:searchrequest XML element identifies the query grammar, defines the criteria, the result record, and any other details needed to perform the search.¶
<!ELEMENT searchrequest ANY >
32 The DAV:searchrequest XML element contains a single XML element that defines the query. The name of the query element defines the type of the query. The value of that element defines the query itself.¶
33 If the server returns 207 (Multistatus), then the search proceeded successfully and the response MUST match that of a PROPFIND. The results of this method SHOULD NOT be cached.¶
34 There MUST be one DAV:response for each resource that matched the search criteria. For each such response, the DAV:href element contains the URI of the resource, and the response MUST include a DAV:propstat element.¶
|I results-vs-binds (type: edit, status: closed)|
Given a URL space which supports the binding protocol, and which actually
contains multiple binds for a resource matching the search conditions. What
do we expect:
1) only one of the URIs is reported,
2) all of them are reported.
Case 1) may be better for simple clients that aren't aware of the existence of BIND. Case 2) may be required for more advanced clients (that actually *want* to find all bindings, and can select DAV:resourceid to decide which of the reported URIs map to the same resource).
|Associated changes in this document: 2.4.|
36 In addition, the server MAY include DAV:response items in the reply where the DAV:href element contains a URI that is not a matching resource, e.g. that of a scope or the query arbiter. Each such response item MUST NOT contain a DAV:propstat element, and MUST contain a DAV:status element (unless no property was selected).¶
37 A response MAY include more information than PROPFIND defines so long as the extra information does not invalidate the PROPFIND response. Query grammars SHOULD define how the response matches the PROPFIND response.¶
38 This example demonstrates the request and response framework. The following XML document shows a simple (hypothetical) natural language query. The name of the query element is natural-language-query in the XML namespace "http://example.com/foo". The actual query is "Find the locations of good Thai restaurants in Los Angeles". For this hypothetical query, the arbiter returns two properties for each selected resource.¶
39 >> Request:
SEARCH / HTTP/1.1 Host: example.org Content-Type: application/xml Content-Length: xxx <?xml version="1.0" encoding="UTF-8"?> <D:searchrequest xmlns:D="DAV:" xmlns:F="http://example.com/foo"> <F:natural-language-query> Find the locations of good Thai restaurants in Los Angeles </F:natural-language-query> </D:searchrequest>
40 >> Response:
HTTP/1.1 207 Multi-Status Content-Type: text/xml; charset="utf-8" Content-Length: xxx <?xml version="1.0" encoding="UTF-8"?> <D:multistatus xmlns:D="DAV:" xmlns:R="http://example.org/propschema"> <D:response> <D:href>http://siamiam.test/</D:href> <D:propstat> <D:prop> <R:location>259 W. Hollywood</R:location> <R:rating><R:stars>4</R:stars></R:rating> </D:prop> </D:propstat> </D:response> </D:multistatus>
41 A server MAY limit the number of resources in a reply, for example to limit the amount of resources expended in processing a query. If it does so, the reply MUST use status code 207, return a DAV:multistatus response body and indicate a status of 507 (Insufficient Storage) for the search arbiter URI. It SHOULD include the partial results.¶
|I result-truncation (type: change, status: open)|
|firstname.lastname@example.org||2002-03-29||I believe the same response body that contains the first N <DAV:response> elements should also contain a *different* element stating that the results were incomplete and the result set was truncated by the server. There may also be a need to report that the results were incomplete and the result set was truncated at the choice of the client (isn't there a limit set in the client request?) That's important so the client knows the difference between receiving 10 results because there were >10 but only 10 were asked for, and receiving 10 results because there were only exactly 10 results and it just happens that 10 were asked for.|
|email@example.com||2002-05-28||I agree that this could be useful, but I think this issue should be consolidated with issue JW5 (see below), which proposes that DASL basicsearch ought to have a way for client to request additional result sets. It should be moved because there is little or no value in allowing a client to distinguish between the case where "N results were requested, and there are exactly N available" and "N results were requested, and there are more than N available" if there is no way for client to get the next batch of results.|
Feedback from interim WG meeting: agreement that marshalling should be
rewritten and backwards compatibility is not important. Proposal: extend
DAV:multistatus by a new child element that indicates (1) the range that was
returned, (2) the total number of results and (3) a URI identifying the
result (for resubmission when getting the "next" results). Such as
<multistatus xmlns='DAV:'> <search-result> <href>...identifier for result set...</href> <total><-- number of results --></total> <start><-- 1-based index of 1st result --></start> <length><-- size of result set returned --></length> <partial-result/><-- indicates that this is a partial result --> </search-result> ...response elements for search results... </multistatus>The example below would then translate to:
HTTP/1.1 207 Multistatus Content-Type: text/xml; charset="utf-8" Content-Length: xxx <?xml version="1.0" encoding="utf-8"?> <D:multistatus xmlns:D="DAV:"> <D:search-result> <D:partial-result/> </D:search-result> <D:response> <D:href>http://www.example.net/sounds/unbrokenchain.au</D:href> <D:propstat> <D:prop/> <D:status>HTTP/1.1 200 OK</D:status> </D:propstat> </D:response> <D:response> <D:href>http://tech.mit.test/archive96/photos/Lesh1.jpg</D:href> <D:propstat> <D:prop/> <D:status>HTTP/1.1 200 OK</D:status> </D:propstat> </D:response> </D:multistatus>Q: do we need all elements, in particular start and length?
42 When a result set is truncated, there may be many more resources that satisfy the search criteria but that were not examined.¶
43 If partial results are included and the client requested an ordered result set in the original request, then any partial results that are returned MUST be ordered as the client directed.¶
44 Note that the partial results returned MAY be any subset of the result set that would have satisfied the original query.¶
45 >> Request:
SEARCH / HTTP/1.1 Host: example.net Content-Type: text/xml; charset="utf-8" Content-Length: xxx ... the query goes here ...
46 >> Response:
HTTP/1.1 207 Multistatus Content-Type: text/xml; charset="utf-8" Content-Length: xxx <?xml version="1.0" encoding="utf-8"?> <D:multistatus xmlns:D="DAV:"> <D:response> <D:href>http://www.example.net/sounds/unbrokenchain.au</D:href> <D:propstat> <D:prop/> <D:status>HTTP/1.1 200 OK</D:status> </D:propstat> </D:response> <D:response> <D:href>http://tech.mit.test/archive96/photos/Lesh1.jpg</D:href> <D:propstat> <D:prop/> <D:status>HTTP/1.1 200 OK</D:status> </D:propstat> </D:response> <D:response> <D:href>http://example.net</D:href> <D:status>HTTP/1.1 507 Insufficient Storage</D:status> <D:responsedescription xml:lang="en"> Only first two matching records were returned </D:responsedescription> </D:response> </D:multistatus>
47 If an error occurred that prevented execution of the query, the server MUST indicate the failure with the appropriate status code and SHOULD include a DAV:multistatus element to point out errors associated with scopes.¶
48 400 Bad Request. The query could not be executed. The request may be malformed (not valid XML for example). Additionally, this can be used for invalid scopes and search redirections.¶
49 422 Unprocessable entity. The query could not be executed. If a application/xml or text/xml request entity was provided, then it may have been well-formed but may have contained an unsupported or unimplemented query operator.¶
50 A client may submit a scope that the arbiter may be unable to query. The inability to query may be due to network failure, administrative policy, security, etc. This raises the condition described as an "invalid scope".¶
51 To indicate an invalid scope, the server MUST respond with a 400 (Bad Request).¶
52 The response includes a body with a DAV:multistatus element. Each DAV:response in the DAV:multistatus identifies a scope. To indicate that this scope is the source of the error, the server MUST include the DAV:scopeerror element.¶
53 >> Response:
HTTP/1.1 400 Bad-Request Content-Type: text/xml; charset="utf-8" Content-Length: xxx <?xml version="1.0" encoding="UTF-8"?> <d:multistatus xmlns:d="DAV:"> <d:response> <d:href>http://www.example.com/X</d:href> <d:status>HTTP/1.1 404 Object Not Found</d:status> <d:scopeerror/> </d:response> </d:multistatus>
|I invalid-scope (type: change, status: open)|
|firstname.lastname@example.org||2003-01-09||Marshalling a BAD REQUEST with an (extended) multistatus body seems to be a weird approach. Should be resolved by finally adopting the RFC3253 error marshalling.|
|email@example.com||2003-01-28||Funny enough, Roy Fielding's feedback on a related issue indicates that this may be the absolutely right thing to do. Needs coordination with RFC2518bis activity.|
54 Servers MUST support discovery of the query grammars supported by a search arbiter resource.¶
55 Clients can determine which query grammars are supported by an arbiter by invoking OPTIONS on the search arbiter. If the resource supports SEARCH, then the DASL response header will appear in the response. The DASL response header lists the supported grammars.¶
59 The OPTIONS method allows the client to discover if a resource supports the SEARCH method and to determine the list of search grammars supported for that resource.¶
62 DASL servers MUST include the DASL header in the OPTIONS response. This header identifies the search grammars supported by that resource.¶
63 >> Response:
DASLHeader = "DASL" ":" Coded-URL-List Coded-URL-List : Coded-URL [ "," Coded-URL-List ] Coded-URL ; defined in section 9.4 of [RFC2518]
64 The DASL response header indicates server support for a query grammar in the OPTIONS method. The value is a URI that indicates the type of grammar. Note that although the URI can be used to identify each supported search grammar, there is not necessarily a direct relationship between the URI and the XML element name that can be used in XML based SEARCH requests (the element name itself is identified by it's namespace name (a URI reference) and the element's local name).¶
65 This header MAY be repeated.¶
66 For example:
DASL: <http://foobar.test/syntax1> DASL: <http://akuma.test/syntax2> DASL: <DAV:basicsearch> DASL: <http://example.com/foo/natural-language-query>
<!ELEMENT supported-query-grammar-set (supported-query-grammar*)> <!ELEMENT supported-query-grammar grammar> <!ELEMENT grammar ANY>
68 ANY value: a query grammar element type¶
69 This example shows that the server supports search on the /somefolder resource with the query grammars: DAV:basicsearch, http://foobar.test/syntax1 and http://akuma.test/syntax2. Note that every server MUST support DAV:basicsearch.¶
70 >> Request:
OPTIONS /somefolder HTTP/1.1 Host: example.org
71 >> Response:
HTTP/1.1 200 OK Date: Tue, 20 Jan 1998 20:52:29 GMT Allow: OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, SEARCH DASL: <DAV:basicsearch> DASL: <http://foobar.test/syntax1> DASL: <http://akuma.test/syntax2>
73 This example shows the equivalent taking advantage of a server's support for DAV:supported-method-set and DAV:supported-query-grammar-set.¶
74 >> Request:
PROPFIND /somefolder HTTP/1.1 Host: example.org Depth: 0 Content-Type: text/xml; charset="utf-8" Content-Length: xxx <?xml version="1.0" encoding="UTF-8" ?> <propfind xmlns="DAV:"> <prop> <supported-query-grammar-set/> <supported-method-set/> </prop> </propfind>
75 >> Response:
HTTP/1.1 207 Multi-Status Content-Type: text/xml; charset="utf-8" Content-Length: xxx <?xml version="1.0" encoding="utf-8" ?> <multistatus xmlns="DAV:"> <response> <href>http://example.org/somefolder</href> <propstat> <prop> <supported-query-grammar-set> <supported-query-grammar> <grammar><basicsearch/></grammar> </supported-query-grammar> <supported-query-grammar> <grammar><syntax1 xmlns="http://foobar.test" /></grammar> </supported-query-grammar> <supported-query-grammar> <grammar><syntax2 xmlns="http://akuma.test/"/></grammar> </supported-query-grammar> </supported-query-grammar-set> <supported-method-set> <supported-method name="COPY" /> <supported-method name="DELETE" /> <supported-method name="GET" /> <supported-method name="HEAD" /> <supported-method name="LOCK" /> <supported-method name="MKCOL" /> <supported-method name="MOVE" /> <supported-method name="OPTIONS" /> <supported-method name="POST" /> <supported-method name="PROPFIND" /> <supported-method name="PROPPATCH" /> <supported-method name="PUT" /> <supported-method name="SEARCH" /> <supported-method name="TRACE" /> <supported-method name="UNLOCK" /> </supported-method-set> </prop> <status>HTTP/1.1 200 OK</status> </propstat> </response> </multistatus>
76 Note that the query grammar element names marshalled as part of the DAV:supported-query-grammar-set can be directly used as element names in an XML based query.¶
|I qsd-optional (type: change, status: open)|
|firstname.lastname@example.org||2003-01-28||WG January meeting feedback: QSD should be made required.|
77 Servers MAY support the discovery of the schema for a query grammar.¶
78 The DASL response header and the DAV:supported-query-grammar-set property provide means for clients to discover the set of query grammars supported by a resource. This alone is not sufficient information for a client to generate a query. For example, the DAV:basicsearch grammar defines a set of queries consisting of a set of operators applied to a set of properties and values, but the grammar itself does not specify which properties may be used in the query. QSD for the DAV:basicsearch grammar allows a client to discover the set of properties that are searchable, selectable, and sortable. Moreover, although the DAV:basicsearch grammar defines a minimal set of operators, it is possible that a resource might support additional operators in a query. For example, a resource might support a optional operator that can be used to express content-based queries in a proprietary syntax. QSD allows a client to discover these operators and their syntax. The set of discoverable quantities will differ from grammar to grammar, but each grammar can define a means for a client to discover what can be discovered.¶
79 In general, the schema for a given query grammar depends on both the resource (the arbiter) and the scope. A given resource might have access to one set of properties for one potential scope, and another set for a different scope. For example, consider a server able to search two distinct collections, one holding cooking recipes, the other design documents for nuclear weapons. While both collections might support properties such as author, title, and date, the first might also define properties such as calories and preparation time, while the second defined properties such as yield and applicable patents. Two distinct arbiters indexing the same collection might also have access to different properties. For example, the recipe collection mentioned above might also indexed by a value-added server that also stored the names of chefs who had tested the recipe. Note also that the available query schema might also depend on other factors, such as the identity of the principal conducting the search, but these factors are not exposed in this protocol.¶
80 Each query grammar supported by DASL defines its own syntax for expressing the possible query schema. A client retrieves the schema for a given query grammar on an arbiter resource with a given scope by invoking the SEARCH method on that arbiter with that grammar and scope and with a root element of DAV:query-schema-discovery rather than DAV:searchrequest.¶
81 Marshalling: ¶
<!ELEMENT query-schema-discovery ANY> ANY value: XML element defining a valid query
<!ELEMENT response (href, ((href*, status)|(propstat+)), query-schema?, responsedescription?) > <!ELEMENT query-schema ANY>
85 The content of this container is an XML element whose name and syntax depend upon the grammar, and whose value may (and likely will) vary depending upon the grammar, arbiter, and scope.¶
86 In this example, the arbiter is recipes.test, the grammar is DAV:basicsearch, the scope is also recipes.test.¶
87 >> Request:
SEARCH / HTTP/1.1 Host: recipes.test Content-Type: application/xml Content-Length: xxx <?xml version="1.0"?> <query-schema-discovery xmlns="DAV:"> <basicsearch> <from> <scope> <href>http://recipes.test</href> <depth>infinity</depth> </scope> </from> </basicsearch> </query-schema-discovery>
88 >> Response:
HTTP/1.1 207 Multistatus Content-Type: application/xml Content-Length: xxx <?xml version="1.0"?> <multistatus xmlns="DAV:"> <response> <href>http://recipes.test</href> <status>HTTP/1.1 200 OK</status> <query-schema> <basicsearchschema> (See section "Query schema for DAV:basicsearch" for the actual contents) </basicsearchschema> </query-schema> </response> </multistatus>
91 DAV:basicsearch uses an extensible XML syntax that allows clients to express search requests that are generally useful for WebDAV scenarios. DASL-extended servers MUST accept this grammar, and MAY accept other
92 DAV:basicsearch has several components:¶
|I JW24d (type: edit, status: open)|
|email@example.com||2000-04-20||Where does xml:lang go in a query?|
|firstname.lastname@example.org||2002-02-28||What would be the *purpose* of putting xml:lang into a query?|
|email@example.com||2002-05-28||The purpose is to allow one to express queries more precisely, e.g. to distinguish between the English word "hoop" (a circular object) and Dutch "hoop" (hope). Imagine a property that holds keywords for a resource. See 4.4 in http://www.ietf.org/rfc/rfc2518.txt, and 2.12 in http://www.w3.org/TR/REC-xml|
I think this would be an interesting feature, but it seems to be extremely hard to implement.
So assuming a query that
- the query specifies a language and
- be the text content of the property matches
The result will be:
1) true (match), if the property was stored with a matching xml:lang property (where the language tag matching rules would have to apply)
2) undefined if the property was stored without xml:lang
3) false otherwise
On the other hand if
- the query doesn't specify a language
the result will be:
4) undefined (at least according to the current wording).
1) requires that the query engine actually knows how to match language tags -- I'm not sure that everybody is willing to implement that.
2) is this desirable?
4) that seems to be wrong. If the query doesn't care, it should match, right?
- what is the language of a date-typed property?
- (sic!) where should xml:lang go into the query? There's no XML feature to undefine an xml:lang which is in scope, but there may be cases where this is needed.
On the other hand, if we drop this requirement, a client can still do a query and then process the result set -- the property elements in the response body will be reported with xml:lang (when persisted with language) anyway.
So I'd recommend to drop the feature. Defining string comparisons vs. collation sequences is hard enough.
|firstname.lastname@example.org||2003-01-09||(Proposal to reject)|
|email@example.com||2003-01-28||WG meeting feedback: should be moved into explicit operators (see proposal on mailing list). Open: is this optional or required?|
<!ELEMENT basicsearch (select, from, where?, orderby?, limit?) > <!ELEMENT select (allprop | prop) > <!ELEMENT from (scope) > <!ELEMENT scope (href, depth) > <!ENTITY %comp_ops "eq | lt | gt| lte | gte"> <!ENTITY %log_ops "and | or | not"> <!ENTITY %special_ops "is-collection | isdefined"> <!ENTITY %string_ops "like"> <!ENTITY %content_ops "contains"> <!ENTITY %all_ops "%comp_ops; | %log_ops; | %special_ops; | %string_ops; | %content_ops;"> <!ELEMENT where ( %all_ops; ) > <!ELEMENT and ( ( %all_ops; ) +) > <!ELEMENT or ( ( %all_ops; ) +) > <!ELEMENT not ( %all_ops; ) > <!ELEMENT lt ( prop , literal ) > <!ATTLIST lt casesensitive (1|0) "1" > <!ELEMENT lte ( prop , literal ) > <!ATTLIST lte casesensitive (1|0) "1" > <!ELEMENT gt ( prop , literal) > <!ATTLIST gt casesensitive (1|0) "1" > <!ELEMENT gte ( prop , literal ) > <!ATTLIST gte casesensitive (1|0) "1" > <!ELEMENT eq ( prop , literal ) > <!ATTLIST eq casesensitive (1|0) "1" > <!ELEMENT literal (#PCDATA)> <!ELEMENT isdefined (prop) > <!ELEMENT like (prop, literal) > <!ATTLIST like casesensitive (1|0) "1" > <!ELEMENT contains (#PCDATA)> <!ELEMENT orderby (order+) > <!ELEMENT order (prop, (ascending | descending)?) <!ATTLIST order casesensitive (1|0) "1" > <!ELEMENT ascending EMPTY> <!ELEMENT descending EMPTY> <!ELEMENT limit (nresults) > <!ELEMENT nresults (#PCDATA) >
99 This query retrieves the content length values for all resources located under the server's "/container1/" URI namespace whose length exceeds 10000.¶
<d:searchrequest xmlns:d="DAV:"> <d:basicsearch> <d:select> <d:prop><d:getcontentlength/></d:prop> </d:select> <d:from> <d:scope> <d:href>/container1/</d:href> <d:depth>infinity</d:depth> </d:scope> </d:from> <d:where> <d:gt> <d:prop><d:getcontentlength/></d:prop> <d:literal>10000</d:literal> </d:gt> </d:where> <d:orderby> <d:order> <d:prop><d:getcontentlength/></d:prop> <d:ascending/> </d:order> </d:orderby> </d:basicsearch> </d:searchrequest>
|I scope-vs-versions (type: change, status: open)|
A relatively frequent use case for servers that both support versioning and
DASL seems to have searches that include all versions of the resources in
scope. In general, the version URIs may not be in the scope of the query.
Therefore, I'd like to extend the DAV:scope to specify inclusion of
versions. This would be an optional extension -- however, a server that does
not support his feature should reject the request (so that the client would
know that the request could not be satisfied).
<d:from xmlns:d="DAV:"> <d:scope> <d:href>/container1/</d:href> <d:depth>infinity</d:depth> <d:include-versions /> </d:scope> </d:from>
just to clarify:
1. If a resource in scope has versions, the server SHOULD take care of versions as well.
2. If the client specifies <d:include-versions />, the server MUST take care of versions or MUST reject the request.
3. If the user does not want to get versions, he must specify <not xmlns="DAV:"><is-defined><version-name /></is-defined></not> ...
Is my understanding correct?
However, a defined "switch" (include - exclude) could be a good hint for the server in terms of performance, so I'd prefer a <d:exclude-versions/> as well. Alternatively the server should only include the versions, if <d:include-versions /> is specified.
Does this make sense?
|firstname.lastname@example.org||2003-02-06||I don't like that, because I'd prefer to keep the definition of "scope" intact. If versions happen to be in the namespace scope, they should be in scope of the search as well. Thus the proposal to add a specific element that *extends* the scope of the query.|
101 DAV:from defines the query scope. This contains exactly one DAV:scope element. The scope element contains mandatory DAV:href and DAV:depth elements.¶
102 DAV:href indicates the URI to use as a scope.¶
103 When the scope is a collection, if DAV:depth is "0", the search includes only the collection. When it is "1", the search includes the (toplevel) members of the collection. When it is "infinity", the search includes all recursive members of the collection. ¶
104 If the DAV:scope element is an absolute URI, the scope is exactly that URI.¶
105 If the DAV:scope element is is an absolute URI reference, the scope is taken to be relative to the request-URI.¶
106 A Scope can be an arbitrary URI.¶
107 Servers, of course, may support only particular scopes. This may include limitations for particular schemes such as "http:" or "ftp:" or certain URI namespaces.¶
108 If a scope is given that is not supported the server MUST respond with a 400 status code that includes a Multistatus error. A scope in the query appears as a resource in the response and must include an appropriate status code indicating its validity with respect to the search arbiter.
HTTP/1.1 400 Bad Request Content-Type: text/xml; charset="utf-8" Content-Length: xxx <?xml version="1.0" encoding="UTF-8"?> <d:multistatus xmlns:d="DAV:"> <d:response> <d:href>http://www.example.com/scope1</d:href> <d:status>HTTP/1.1 502 Bad Gateway</d:status> </d:response> </d:multistatus>
110 This example shows the response if there is a scope error. The response provides a Multistatus with a status for the scope. In this case, the scope cannot be reached because the server cannot search another server (502).
|I duplicate-invalid-scope (type: change, status: closed)|
|email@example.com||2003-01-09||This is in conflict with section 2.6. Proposal: remove this part.|
|Associated changes in this document: 5.4.2.|
111 DAV:where element defines the search condition for inclusion of resources in the result set. The value of this element is an XML element that defines a search operator that evaluates to one of the Boolean truth values TRUE, FALSE, or UNKNOWN. The search operator contained by DAV:where may itself contain and evaluate additional search operators as operands, which in turn may contain and evaluate additional search operators as operands, etc. recursively.¶
|I query-on-href (type: change, status: closed)|
|firstname.lastname@example.org||2002-02-28||DAV:href isn't a property, so it can't be used in queries. Is this a problem? Examples where DAV:displayname is queried instead seem to indicate that. A possible solution would be to allow DAV:href whereever DAV:prop is allowed in the where clause.|
|email@example.com||2002-11-27||Closed (nobody seems to care).|
112 Each operator defined for use in the where clause that returns a Boolean value MUST evaluate to TRUE, FALSE, or UNKNOWN. The resource under scan is included as a member of the result set if and only if the search condition evaluates to TRUE.¶
114 If a query contains an operator that is not supported by the server, then the server MUST respond with a 422 (Unprocessable Entity) status code.¶
|I undefined-properties (type: change, status: closed)|
|firstname.lastname@example.org||2002-11-27||Shouldn't this say: "If a PROPFIND for a property value would yield any non-200 (OK) response for that property, then that property is considered NULL."?|
|Associated changes in this document: 5.5.3.|
115 If a PROPFIND for a property value would yield a
404 or 403 response for that property, then that property is considered NULL.¶
116 NULL values are "less than" all other values in comparisons.¶
117 Empty strings (zero length strings) are not NULL values. An empty string is "less than" a string with length greater than zero.¶
118 The DAV:isdefined operator is defined to test if the value of a property is NULL.¶
|I mixed-content-properties (type: change, status: closed)|
|email@example.com||2002-11-27||Does this mean "undefined" as (1) "not defined by this specification" or (2) as in SQL's three-valued logic? For the sake of interoperability, I'd vote for (2). If an implementation wants to support matching in mixed/element content, it will then have to *explicitly* extend DAV:basicsearch.|
|Associated changes in this document: 5.5.4.|
120 The example shows a single operator (DAV:eq) applied in the criteria.¶
<d:where> <d:eq> <d:prop> <d:getcontentlength/> </d:prop> <d:literal>100</d:literal> </d:eq> </d:where>
121 The example shows a more complex operation involving several operators (DAV:and, DAV:eq, DAV:gt) applied in the criteria. This DAV:where expression matches those resources that are "image/gifs" over 4K in size.¶
<D:where> <D:and> <D:eq> <D:prop> <D:getcontenttype/> </D:prop> <D:literal>image/gif</D:literal> </D:eq> <D:gt> <D:prop> <D:getcontentlength/> </D:prop> <D:literal>4096</D:literal> </D:gt> </D:and> </D:where>
122 The DAV:orderby element specifies the ordering of the result set. It contains one or more DAV:order elements, each of which specifies a comparison between two items in the result set. Informally, a comparison specifies a test that determines whether one resource appears before another in the result set. Comparisons are applied in the order they occur in the DAV:orderby element, earlier comparisons being more significant.¶
123 The comparisons defined here use only a single property from each resource, compared using the same ordering as the DAV:lt operator (ascending) or DAV:gt operator (descending). If neither direction is specified, the default is DAV:ascending.¶
|I null-ordering (type: edit, status: closed)|
|firstname.lastname@example.org||2002-02-20||In the WebDAV SEARCH spec (5.6, DAV:orderby), it says that nulls sort low, to match SQL92. However, SQL92 and SQL99 both say "Whether a sort key value that is null is considered greater or less than a non-null value is implementation-defined, but all sort key values that are null shall either be considered greater than all non-null values or be considered less than all non-null values." (words taken from SQL99, 14.1 <declare cursor> General Rule 2)c), in reference to null handling for the <order by clause>. ) I would note that in 5.5.3 WebDAV SEARCH says nulls are less than all other values in a comparison, so the DAV:orderby matches that statement, it just gives an inaccurate reason.|
|email@example.com||2003-01-09||Seems to me that if SQL databases are free to decide where to sort NULL values (as long as they are consistent), we probably need to be just as flexible in DASL (otherwise we can't directly map to a SQL query).|
(1) Amelia is completely correct.
(2) We MUST specify a definite ordering for nulls in the collation sequence if we ever hope to extend DASL in the future to cross-repository queries that do ordering. (Trust me, customers really want that.) Despite the fact that the SQL spec. caved in to one or more vendors who didn't want to change their implementation of where nulls sort, there is only one logical choice as to where null values sort -- before all non-null values. That is because shorter strings always collate before longer strings, and zero length strings are the shortest strings of all. That is the way the DASL spec. is written.
(3) The only imperfection in the spec is that, as Amelia says, the reason is inaccurate. So, to correct the imperfection, you might say something like the following:
"Nulls sort low, i.e., before all non null values. That is compatible with the SQL92 and SQL99 specs., and it is essential for a future extension for cross-repository searching."
Or, you could just say "That is compatible with the SQL92 and SQL99 specs." for the reason.
|Associated changes in this document: 5.6.|
|I language-comparison (type: change, status: open)|
|firstname.lastname@example.org||2002-03-03||XPath/XQuery (see draft, and open issue) specify string comparisons based on collations, not languages. I think we should adopt this. This would mean that "xml:lang" would be removed, and an optional attribute specifying the name of the collation is added.|
|email@example.com||2003-01-09||Proposal: adopt "lang" and "collation" attribute from XSLT 2.0's xsl:sort.|
125 Comparisons on strings take into account the language defined for that property. Clients MAY specify the language using the xml:lang attribute. If no language is specified either by the client or defined for that property by the server or if a comparison is performed on strings of two different languages, the results are undefined.¶
|I order-precedence (type: edit, status: closed)|
|firstname.lastname@example.org||2003-01-14||This example seems to contradict section 5.6: "Comparisons are applied in the order they occur in the DAV:orderby element, earlier comparisons being more significant."|
|Associated changes in this document: 5.6.2.|
127 This sort orders first by last name of the author, and then by size, in descending order, so that the largest works appear first.¶
<d:orderby> <d:order> <d:prop><r:lastname/></d:prop> <d:ascending/> </d:order> <d:order> <d:prop><d:getcontentlength/></d:prop> <d:descending/> </d:order> </d:orderby>
128 The DAV:and operator performs a logical AND operation on the expressions it contains.¶
129 The DAV:or operator performs a logical OR operation on the values it contains.¶
130 The DAV:not operator performs a logical NOT operation on the values it contains.¶
|I JW24c (type: change, status: closed)|
|email@example.com||2000-04-20||How do string equality and language tag interact. Cross-language comparison should work at least when the two languages are dialects, e.g. en-us vs en-uk.|
|firstname.lastname@example.org||2002-01-28||Proposal: strings match if and only if they match character by character.|
|email@example.com||2003-01-09||Note that XPath 2.0 currently defines no collation-aware equality operator, so I think we should just follow that example. Note that this basically is a duplicate of issue JW16b/JW24a.|
|firstname.lastname@example.org||2003-01-28||They don't interact. See separate issue on putting conditions on the xml:lang attribute.|
131 The DAV:eq operator provides simple equality matching on property values.¶
|I JW16b/JW24a (type: change, status: open)|
Define how comparisons on strings work, esp for i18n.|
Need policy statement about sort order in various national languages. (JW said "non-Latin" but it's an issue even in languages that use the latin char set.)
|email@example.com||2003-01-28||This issue not only applies to the comparison operators, but also to ordering!|
|I DB2/DB7 (type: change, status: open)|
|firstname.lastname@example.org||2000-04-20||Dates (HTTPDate in getlastmodified).|
|email@example.com||2000-04-20||Agreement that it is OK to submit isodate to search HTTPDate (i.e., it's a marshalling issue only).|
|firstname.lastname@example.org||2000-04-20||Booleans appear to be underspecified in the specification. How is a boolean tested, and what are the behavior of operators like less than, greater than, etc.|
|email@example.com||2002-01-28||I think similar questions apply to booleans. Proposal: allow specification of the literal's type using XML Schema simple types, and declare that "both" WebDAV date types are compatible.|
The current DASL draft doesn't really have Booleans or any other data type.
It's trying to skate on data types. Booleans could be tested using the "eq"
and the combination "not eq", if you had well defined literals for TRUE and
FALSE. With the current syntax, that is the way you would have to test a
Boolean. Generally, Boolean values are not considered to be ordered, so "gt"
etc. wouldn't apply. However, if the literal values of a Boolean were 1 and
0 for TRUE and FALSE (using the most commonly used convention of positive
logic), then you would have an obvious ordering. 1 and 0 have the advantage
of being language independent. You now see a lot of electronic and
electro-mechanical devices (air conditioners, computers, etc.) with a "1/0"
label on the power switch, "1" meaning "on", and "0" meaning "off".
SQL databases don't have Booleans. SQL doesn't control DASL, of course, but SQL databases are so widely used that they are important. The closest thing in SQL is a bit field. Each bit in a bit field is zero or 1.
So, why not close the issue by saying: DASL doesn't have data types. You can simulate Booleans by an integer data type, using 1 for "TRUE" and 0 for "FALSE".
let's consider a dead property "foo", and some resources a, b and c on which
this dead property is defined and has the values "1", "3" and "10".
Consider a DAV:basicsearch with the where clause:
<gte xmlns="DAV:"> <prop><foo xmlns=""/></prop> <literal>3</literal> </gte>
Which resource will match?
As DAV:basicsearch currently isn't type-aware, the server will have to do a string comparison, and only the b (with value "3") will match.
Is this really sufficient? It basically means that dead property comparisons are restricted to strings.
a) If the server happens to have type information for a dead property, it should try to do a comparison according to the known property type, if the literal can be parsed into this type. This basically replicates the behaviour that a client would expect when querying on live properties such as DAV:getcontentlength, so it could be taken as a simple clarification.
b) A client can enforce comparison using a specific data type by specifying the type in the query, for instance using:
<gte xmlns="DAV:"> <prop><foo xmlns=""/></prop> <literal xsi:type="xs:long">3</literal> </gte>
|Martin.Wallmer@softwareag.com||2002-11-25||What about existing implementations? Currently a server might react with "xsi:type unknown entity" or just ignore it (which would mean: String comparison)|
OK, how about *adding* an alternative to DAV:literal? Therefore:
DAV:literal: untyped, server can compare according to it's internal knowledge of types (with the clarification above)
DAV:typed-literal: typed according to the xsi:type attribute -- "new" servers can implement this without affecting any existing code.
We'll need to think about discovery of this feature, though. It might be possible to do this with QSD (in the meantime, are there any QSD implementations except ours?)
|firstname.lastname@example.org||2003-01-28||WG meeting feedback: define DAV:typed-literal. Also allow DAV:literal to be evaluated by the server according "internal" type knowledge. Require timestamps to be ISO, even for DAV:getlastmodified.|
|Associated changes in this document: 5.10, 5.|
134 DAV:literal allows literal values to be placed in an expression.¶
146 The DAV:is-collection operator allows clients to determine whether a resource is a collection (that is, whether it's DAV:resourcetype element contains the element DAV:collection).¶
147 Rationale: This operator is provided in lieu of defining generic structure queries, which would suffice for this and for many more powerful queries, but seems inappropriate to standardize at this time.¶
153 The DAV:like is an optional operator intended to give simple wildcard-based pattern matching ability to clients.¶
154 The operator takes two arguments.¶
155 The first argument is a DAV:prop element identifying a single property to evaluate.¶
156 The second argument is a DAV:literal element that gives the pattern matching string.¶
Pattern := [wildcard] 0*( text [wildcard] ) wildcard := exactlyone | zeroormore text := 1*( <character> | escapesequence ) exactlyone : = "?" zeroormore := "%" escapechar := "\" escapesequence := "\" ( exactlyone | zeroormore | escapechar ) character: see section 2.2 of [XML]
|I like-exactlyone (type: change, status: closed)|
|email@example.com||2002-11-27||SQL actually uses "_" for "exactlyone".|
|firstname.lastname@example.org||2002-11-28||Replaced the character, also fixed the "character" production ("( exactlyone | zeroormore | escapechar )" are not valid characters here, because they need to be escaped).|
|Associated changes in this document: 5.14.1.|
|I like-wildcard-adjacent (type: change, status: closed)|
|email@example.com||2002-11-27||This seems to imply that "__" (to match any two-character sequence) is not allowed. Does anybody remember why one would want that?|
|firstname.lastname@example.org||2002-12-14||Another thing I'd like to see clarified: Is it allowed to use "\" to escape characters other than "\", "%" and "_"? What does ANSI SQL say about this?|
Feedback from Fred Zemke (Oracle):
1) I just looked in the SQL standard and did not see anything prohibiting two consecutive underscores as a pattern. If anyone disagrees, please tell me the basis for your disagreement. My basis is SQL:1999 Foundation 8.5 <like predicate> GR 3)b)i)2).
2) The standard does not permit the escape character to be used in a LIKE predicate patterm, except immediately before another escape character, the underscore or the percent sign. An implementation is supposed to raise an exception otherwise. [SQL:1999 Foundation 8.5 <like predicate> GR 3)b)i)2) ]. However, I believe it is a common vendor practice to permit the escape character to precede any character. Such an implementation is, strictly speaking, nonconforming, though users seldom complain if a vendor finds a way to process a statement without raising an exception.
|Associated changes in this document: 5.14.1, 5.14.1.|
158 The "?" wildcard matches exactly one character.¶
159 The "%" wildcard matches zero or more characters¶
|I JW17/JW24b (type: change, status: closed)|
5.13 should discuss handling of queries when character set differs.
Some text on handling character sets would be helpful.
|email@example.com||2003-01-10||There's not a lot we can say -- the charset for the query is irrelevant due to XML, and charsets in the resources to be searched are treated seems to be very server-specific. As the semantics for DAV:contains are intentionally very flexible, I think we shouldn't say anything about this topic.|
162 The DAV:contains operator is an optional operator that provides content-based search capability. This operator implicitly searches against the text content of a resource, not against content of properties. The DAV:contains operator is intentionally not overly constrained, in order to allow the server to do the best job it can in performing the search.¶
163 The DAV:contains operator evaluates to a Boolean value. It evaluates to TRUE if the content of the resource satisfies the search. Otherwise, It evaluates to FALSE.¶
164 Within the DAV:contains XML element, the client provides a phrase: a single word or whitespace delimited sequence of words. Servers MAY ignore punctuation in a phrase. Case-sensitivity is left to the server.¶
165 The following things may or may not be done as part of the search: Phonetic methods such as "soundex" may or may not be used. Word stemming may or may not be performed. Thesaurus expansion of words may or may not be done. Right or left truncation may or may not be performed. The search may be case insensitive or case sensitive. The word or words may or may not be interpreted as names. Multiple words may or may not be required to be adjacent or "near" each other. Multiple words may or may not be required to occur in the same order. Multiple words may or may not be treated as a phrase. The search may or may not be interpreted as a request to find documents "similar" to the string operand.¶
166 The DAV:score property is intended to be useful to rank documents satisfying the DAV:contains operator.
171 The example below shows a search for the phrase "Peter Forsberg".¶
172 Depending on its support for content-based searching, a server MAY treat this as a search for documents that contain the words "Peter" and "Forsberg".¶
<D:where> <D:contains>Peter Forsberg</D:contains> </D:where>
173 The example below shows a search for resources that contain "Peter" and "Forsberg".¶
<D:where> <D:and> <D:contains>Peter</D:contains> <D:contains>Forsberg</D:contains> </D:and> </D:where>
<!ELEMENT limit (nresults) >
174 The DAV:limit XML element contains requested limits from the client to limit the size of the reply or amount of effort expended by the server.
<!ELEMENT nresults (#PCDATA)> ;only digits
|I JW5 (type: change, status: closed)|
|firstname.lastname@example.org||1999-04-26||On the topic of partial search results, DASL currently has no way for a client to request the next chunk of a set of search results. Since *every* search service I've interacted with on the Internet has a feature for returning the next set of search results, I really would expect this feature to be in DASL. An explanation for why this feature isn't present should be in the protocol specification if it is not going to be supported.|
|Martin.Wallmer@softwareag.com||2002-03-08||of course this issue is legitim. However, as basicsearch should be as simple as possible, I tend to say out of scope as well. But perhaps this could be an optional feature (is it that, what you mean by extension to DAV:basicsearch)?|
|email@example.com||2002-03-08||Moved into DAV:basicsearch section, because this is a request for a specific query grammar feature.|
|firstname.lastname@example.org||2003-01-09||Closed because of lacking feedback.|
175 The DAV:nresults XML element contains a requested maximum number of records to be returned in a reply. The server MAY disregard this limit. The value of this element is an integer.
|I limit-vs-ordering (type: edit, status: closed)|
|email@example.com||2003-02-07||The spec as written does not define any interaction between DAV:nresults and DAV:score, so if you'd ask for 10 results, sorted by score, you still couldn't rely on the 10 results being reported actually *being* the top 10 results. Of course that's what people probably would expect, so it seems we need to fix this (the interaction of limiting the result set and sorting the results) anyway.|
|Associated changes in this document: 5.|
|I case-insensitivity-name (type: change, status: closed)|
|firstname.lastname@example.org||2002-01-09||The attribute probably should be renamed to "caseless".|
|Associated changes in this document: 5.2, 5.6.1, 5.6.1, 5.8, 5.9, 5, 5.18.1, 5.18.2, 5.18, 5.18.9.|
178 The "casesensitive" attribute allows clients to specify case-sensitive or case-insensitive behavior for DAV:basicsearch operators.
179 The possible values for "casesensitive" are "1" or "0". The "1" value indicates case-sensitivity. The "0" value indicates case-insensitivity. The default value is server-specified. Case-insensitivity SHOULD implemented using caseless matching as defined in [CaseMap].
180 Support for the "casesensitive" attribute is optional. A server should respond with a status of 422 if it is used but cannot be supported.
<!ELEMENT score (#PCDATA)>
184 The DAV:score XML element is a synthetic property whose value is defined only in the context of a query result where the server computes a score, e.g. based on relevance. It may be used in DAV:select or DAV:orderby elements. Servers SHOULD support this property. The value is a string representing the score, an integer from zero to 10000 inclusive, where a higher value indicates a higher score (e.g. more relevant).
185 Clients should note that, in general, it is not meaningful to compare the numeric values of scores from two different query results unless both were executed by the same underlying search system on the same collection of resources.
|I score-pseudo-property (type: change, status: closed)|
|email@example.com||2002-02-28||Shouldn't be done using a pseudo-property. Report it as child of DAV:propstat instead?|
- remove language about it being a pseudo-property (no need to DAV:select it, do not support ordering on it)
- marshall it as child element of DAV:response within the search result (say that it SHOULD be added if the query involved DAV:contains)
|Associated changes in this document: 5.15, 5.15, 5.|
186 The DAV:basicsearch grammar defines a search criteria that is a Boolean-valued expression, and allows for an arbitrary set of properties to be included in the result record. The result set may be sorted on a set of property values. Accordingly the DTD for schema discovery for this grammar allows the server to express:¶
<!ELEMENT basicsearchschema (properties, operators)> <!ELEMENT any-other-property EMPTY> <!ELEMENT properties (propdesc*)> <!ELEMENT propdesc (prop|any-other-property), datatype?, searchable?, selectable?, sortable?, casesensitive?)> <!ELEMENT operators (opdesc*)> <!ELEMENT opdesc ANY> <!ELEMENT operand-literal EMPTY> <!ELEMENT operand-property EMPTY>
190 The DAV:properties element holds a list of descriptions of properties.¶
191 The DAV:operators element describes the optional operators that may be used in a DAV:where element.¶
192 Each instance of a DAV:propdesc element describes the property or properties in the DAV:prop element it contains. All subsequent elements are descriptions that apply to those properties. All descriptions are optional and may appear in any order. Servers SHOULD support all the descriptions defined here, and MAY define others.¶
193 DASL defines five descriptions. The first, DAV:datatype, provides a hint about the type of the property value, and may be useful to a user interface prompting for a value. The remaining four (DAV:searchable, DAV:selectable, DAV:sortable, and ↑↓
DAV:casesensitive) identify portions of the query (DAV:where, DAV:select, and DAV:orderby, respectively). If a property has a description for a section, then the server MUST allow the property to be used in that section. These descriptions are optional. If a property does not have such a description, or is not described at all, then the server MAY still allow the property to be used in the corresponding section.¶
194 This element can be used in place of DAV:prop to describe properties of WebDAV properties not mentioned in any other DAV:prop element. For instance, this can be used to indicate that all other properties are searchable and selectable without giving details about their types (a typical scenario for dead properties).¶
195 The DAV:datatype element contains a single XML element that provides a hint about the domain of the property, which may be useful to a user interface prompting for a value to be used in a query. Datatypes are identified by an element name. Where appropriate, a server SHOULD use the simple datatypes defined in [XS2].¶
<!ELEMENT datatype ANY >
Qualified name Example xs:boolean true, false, 1, 0 xs:string Foobar xs:dateTime 1994-11-05T08:15:5Z xs:float .314159265358979E+1 xs:integer -259, 23
197 If the data type of a property is not given, then the data type defaults to xs:string.¶
<!ELEMENT searchable EMPTY>
198 If this element is present, then the server MUST allow this property to appear within a DAV:where element where an operator allows a property. Allowing a search does not mean that the property is guaranteed to be defined on every resource in the scope, it only indicates the server's willingness to check.¶
<!ELEMENT selectable EMPTY>
199 This element indicates that the property may appear in the DAV:select element.¶
200 This element indicates that the property may appear in the DAV:orderby element.¶
<!ELEMENT sortable EMPTY>
201 This element only applies to properties whose data type is "xs:string" and derived data types as per the DAV:datatype property description. Its presence indicates that compares performed for searches, and the comparisons for ordering results on the string property will be case sensitive. (The default is case insensitive.)
<!ELEMENT casesensitive EMPTY>
203 The DAV:operators element describes every optional operator supported in a query. (Mandatory operators are not listed since they are mandatory and permit no variation in syntax.). All optional operators that are supported MUST be listed in the DAV:operators element. The listing for an operator consists of the operator (as an empty element), followed by one element for each operand. The operand MUST be either DAV:operand-property or DAV:operand-literal, which indicate that the operand in the corresponding position is a property or a literal value, respectively. If an operator is polymorphic (allows more than one operand syntax) then each permitted syntax MUST be listed separately.¶
<operators xmlns='DAV:'> <opdesc> <like/><operand-property/><operand-literal/> </opdesc> </operators>
<D:basicsearchschema xmlns:D="DAV:" xmlns:xs="http://www.w3.org/2001/XMLSchema""> <D:properties> <D:propdesc> <D:prop><D:getcontentlength/></D:prop> <D:datatype><xs:nonNegativeInteger/></D:datatype> <D:searchable/><D:selectable/><D:sortable/> </D:propdesc> <D:propdesc> <D:prop><D:getcontenttype/><D:displayname/></D:prop> <D:searchable/><D:selectable/><D:sortable/> </D:propdesc> <D:propdesc> <D:prop><fstop xmlns="http://jennicam.org"/></D:prop> <D:selectable/> </D:propdesc> <D:propdesc> <D:any-other-property/> <D:searchable/><D:selectable/> </D:propdesc> </D:properties> <D:operators> <D:opdesc> <D:like/><D:operand-property/><D:operand-literal/> </D:opdesc> </D:operators> </D:basicsearchschema>
204 This response lists four properties. The datatype of the last three properties is not given, so it defaults to xs:string. All are selectable, and the first three may be searched. All but the last may be used in a sort. Of the optional DAV operators, DAV:isdefined and DAV:like are supported.¶
206 Clients have the opportunity to tag properties when they are stored in a language. The server SHOULD read this language-tagging by examining the xml:lang attribute on any properties stored on a resource.¶
207 The xml:lang attribute specifies a nationalized collation sequence when properties are compared.¶
208 Comparisons when this attribute differs have undefined order.¶
|I JW25/JW26 (type: edit, status: closed)|
|firstname.lastname@example.org||2000-04-20||In Security Considerations, copy XML considerations from webDAV spec.|
|email@example.com||2000-04-20||Wouldn't it be better to just cite the XML document, so that if that document is updated, we won't have stale information?|
|firstname.lastname@example.org||2000-04-20||In Security Considerations, mention privacy risks of queries.|
|email@example.com||2002-01-28||Is this resolved?|
|firstname.lastname@example.org||2003-01-09||Closed. Havn't heard of missing considerations.|
209 This section is provided to detail issues concerning security implications of which DASL applications need to be aware. All of the security considerations of HTTP/1.1 also apply to DASL. In addition, this section will include security risks inherent in searching and retrieval of resource properties and content.¶
210 A query must not allow one to retrieve information about values or existence of properties that one could not obtain via PROPFIND. (e.g. by use in DAV:orderby, or in expressions on properties.)¶
211 A server should prepare for denial of service attacks. For example a client may issue a query for which the result set is expensive to calculate or transmit because many resources match or must be evaluated. 7.1 Implications of XML External Entities¶
212 XML supports a facility known as "external entities", defined in section 4.2.2 of [XML], which instruct an XML processor to retrieve and perform an inline include of XML located at a particular URI. An external XML entity can be used to append or modify the document type declaration (DTD) associated with an XML document. An external XML entity can also be used to include XML within the content of an XML document. For non-validating XML, such as the XML used in this specification, including an external XML entity is not required by [XML]. However, [XML] does state that an XML processor may, at its discretion, include the external XML entity.¶
213 External XML entities have no inherent trustworthiness and are subject to all the attacks that are endemic to any HTTP GET request. Furthermore, it is possible for an external XML entity to modify the DTD, and hence affect the final form of an XML document, in the worst case significantly modifying its semantics, or exposing the XML processor to the security risks discussed in [RFC3023]. Therefore, implementers must be aware that external XML entities should be treated as untrustworthy.¶
214 There is also the scalability risk that would accompany a widely deployed application which made use of external XML entities. In this situation, it is possible that there would be significant numbers of requests for one external XML entity, potentially overloading any server which fields requests for the resource containing the external XML entity.¶
215 Query grammars are identified by URIs. Applications SHOULD not attempt to retrieve these URIs even if they appear to be retrievable (for example, those that begin with "http://")¶
221 ANSI standard three valued logic is used when evaluating the search condition (as defined in the ANSI standard SQL specifications, for example in ANSI X3.135-1992, section 8.12, pp. 188-189, section 8.2, p. 169, General Rule 1)a), etc.).¶
222 ANSI standard three valued logic is undoubtedly the most widely practiced method of dealing with the issues of properties in the search condition not having a value (e.g., being null or not defined) for the resource under scan, and with undefined expressions in the search condition (e.g., division by zero, etc.). Three valued logic works as follows.¶
223 Undefined expressions are expressions for which the value of the expression is not defined. Undefined expressions are a completely separate concept from the truth value UNKNOWN, which is, in fact, well defined. Property names and literal constants are considered expressions for purposes of this section. If a property in the current resource under scan has not been set to a value, then the value of that property is undefined for the resource under scan. DASL 1.0 has no arithmetic division operator, but if it did, division by zero would be an undefined arithmetic expression.¶
224 If any subpart of an arithmetic, string, or datetime subexpression is undefined, the whole arithmetic, string, or datetime subexpression is undefined.¶
225 There are no manifest constants to explicitly represent undefined number, string, or datetime values.¶
226 Since a Boolean value is ultimately returned by the search condition, arithmetic, string, and datetime expressions are always arguments to other operators. Examples of operators that convert arithmetic, string, and datetime expressions to Boolean values are the six relational operators ("greater than", "less than", "equals", etc.). If either or both operands of a relational operator have undefined values, then the relational operator evaluates to UNKNOWN. Otherwise, the relational operator evaluates to TRUE or FALSE, depending upon the outcome of the comparison.¶
227 The Boolean operators DAV:and, DAV:or and DAV:not are evaluated according to the following rules:¶
228 UNKNOWN and UNKNOWN = UNKNOWN¶
229 UNKNOWN or UN
KKNOWN = UNKNOWN¶
230 not UNKNOWN = UNKNOWN¶
231 UNKNOWN and TRUE = UNKNOWN¶
232 UNKNOWN and FALSE = FALSE¶
233 UNKNOWN and UNKNOWN = UNKNOWN¶
234 UNKNOWN or TRUE = TRUE¶
235 UNKNOWN or FALSE = UNKNOWN¶
236 UNKNOWN or UNKNOWN = UNKNOWN¶
410 Jessie Street 6th floor
San Francisco, CA 94103
Copyright © The Internet Society (2003). All Rights Reserved.
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an “AS IS” basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director.