| draft-ietf-httpbis-resumable-upload-09.txt | draft-ietf-httpbis-resumable-upload-latest.txt | |||
|---|---|---|---|---|
| HTTP Working Group M. Kleidl, Ed. | HTTP Working Group M. Kleidl, Ed. | |||
| Internet-Draft Transloadit | Internet-Draft Transloadit | |||
| Intended status: Standards Track G. Zhang, Ed. | Intended status: Standards Track G. Zhang, Ed. | |||
| Expires: December 6, 2025 Apple Inc. | Expires: December 18, 2025 Apple Inc. | |||
| L. Pardue, Ed. | L. Pardue, Ed. | |||
| Cloudflare | Cloudflare | |||
| June 04, 2025 | June 16, 2025 | |||
| Resumable Uploads for HTTP | Resumable Uploads for HTTP | |||
| draft-ietf-httpbis-resumable-upload-09 | draft-ietf-httpbis-resumable-upload-latest | |||
| Abstract | Abstract | |||
| Data transfer using the Hypertext Transfer Protocol (HTTP) is often | Data transfer using the Hypertext Transfer Protocol (HTTP) is often | |||
| interrupted by canceled requests or dropped connections. If the | interrupted by canceled requests or dropped connections. If the | |||
| intended recipient can indicate how much of the data was received | intended recipient can indicate how much of the data was received | |||
| prior to interruption, a sender can resume data transfer at that | prior to interruption, a sender can resume data transfer at that | |||
| point instead of attempting to transfer all of the data again. HTTP | point instead of attempting to transfer all of the data again. HTTP | |||
| range requests support this concept of resumable downloads from | range requests support this concept of resumable downloads from | |||
| server to client. This document describes a mechanism that supports | server to client. This document describes a mechanism that supports | |||
| skipping to change at page 2, line 10 ¶ | skipping to change at page 2, line 10 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on December 6, 2025. | This Internet-Draft will expire on December 18, 2025. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2025 IETF Trust and the persons identified as the | Copyright (c) 2025 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 36 ¶ | skipping to change at page 3, line 36 ¶ | |||
| 13. Security Considerations . . . . . . . . . . . . . . . . . . . 32 | 13. Security Considerations . . . . . . . . . . . . . . . . . . . 32 | |||
| 14. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 33 | 14. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 33 | |||
| 14.1. HTTP Fields . . . . . . . . . . . . . . . . . . . . . . 33 | 14.1. HTTP Fields . . . . . . . . . . . . . . . . . . . . . . 33 | |||
| 14.2. HTTP Status Code . . . . . . . . . . . . . . . . . . . . 33 | 14.2. HTTP Status Code . . . . . . . . . . . . . . . . . . . . 33 | |||
| 14.3. Media Type . . . . . . . . . . . . . . . . . . . . . . . 33 | 14.3. Media Type . . . . . . . . . . . . . . . . . . . . . . . 33 | |||
| 14.4. HTTP Problem Types . . . . . . . . . . . . . . . . . . . 34 | 14.4. HTTP Problem Types . . . . . . . . . . . . . . . . . . . 34 | |||
| 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 35 | 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 35 | |||
| 15.1. Normative References . . . . . . . . . . . . . . . . . . 35 | 15.1. Normative References . . . . . . . . . . . . . . . . . . 35 | |||
| 15.2. Informative References . . . . . . . . . . . . . . . . . 36 | 15.2. Informative References . . . . . . . . . . . . . . . . . 36 | |||
| Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . 37 | Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . 37 | |||
| A.1. Since draft-ietf-httpbis-resumable-upload-08 . . . . . . 37 | A.1. Since draft-ietf-httpbis-resumable-upload-09 . . . . . . 37 | |||
| A.2. Since draft-ietf-httpbis-resumable-upload-07 . . . . . . 37 | A.2. Since draft-ietf-httpbis-resumable-upload-08 . . . . . . 37 | |||
| A.3. Since draft-ietf-httpbis-resumable-upload-06 . . . . . . 37 | A.3. Since draft-ietf-httpbis-resumable-upload-07 . . . . . . 37 | |||
| A.4. Since draft-ietf-httpbis-resumable-upload-05 . . . . . . 38 | A.4. Since draft-ietf-httpbis-resumable-upload-06 . . . . . . 37 | |||
| A.5. Since draft-ietf-httpbis-resumable-upload-04 . . . . . . 38 | A.5. Since draft-ietf-httpbis-resumable-upload-05 . . . . . . 38 | |||
| A.6. Since draft-ietf-httpbis-resumable-upload-03 . . . . . . 38 | A.6. Since draft-ietf-httpbis-resumable-upload-04 . . . . . . 38 | |||
| A.7. Since draft-ietf-httpbis-resumable-upload-02 . . . . . . 39 | A.7. Since draft-ietf-httpbis-resumable-upload-03 . . . . . . 38 | |||
| A.8. Since draft-ietf-httpbis-resumable-upload-01 . . . . . . 39 | A.8. Since draft-ietf-httpbis-resumable-upload-02 . . . . . . 39 | |||
| A.9. Since draft-ietf-httpbis-resumable-upload-00 . . . . . . 39 | A.9. Since draft-ietf-httpbis-resumable-upload-01 . . . . . . 39 | |||
| A.10. Since draft-tus-httpbis-resumable-uploads-protocol-02 . . 39 | A.10. Since draft-ietf-httpbis-resumable-upload-00 . . . . . . 39 | |||
| A.11. Since draft-tus-httpbis-resumable-uploads-protocol-01 . . 39 | A.11. Since draft-tus-httpbis-resumable-uploads-protocol-02 . . 39 | |||
| A.12. Since draft-tus-httpbis-resumable-uploads-protocol-00 . . 40 | A.12. Since draft-tus-httpbis-resumable-uploads-protocol-01 . . 39 | |||
| A.13. Since draft-tus-httpbis-resumable-uploads-protocol-00 . . 40 | ||||
| Appendix B. Draft Version Identification . . . . . . . . . . . . 40 | Appendix B. Draft Version Identification . . . . . . . . . . . . 40 | |||
| Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 40 | Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 40 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 41 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 41 | |||
| 1. Introduction | 1. Introduction | |||
| Data transfer using the Hypertext Transfer Protocol ([HTTP]) is often | Data transfer using the Hypertext Transfer Protocol ([HTTP]) is often | |||
| interrupted by canceled requests or dropped connections. If the | interrupted by canceled requests or dropped connections. If the | |||
| intended recipient can indicate how much of the data was received | intended recipient can indicate how much of the data was received | |||
| prior to interruption, a sender can resume data transfer at that | prior to interruption, a sender can resume data transfer at that | |||
| skipping to change at page 37, line 13 ¶ | skipping to change at page 37, line 13 ¶ | |||
| http://ha.ckers.org/slowloris/>. | http://ha.ckers.org/slowloris/>. | |||
| 15.3. URIs | 15.3. URIs | |||
| [1] https://tus.io/ | [1] https://tus.io/ | |||
| Appendix A. Changes | Appendix A. Changes | |||
| This section is to be removed before publishing as an RFC. | This section is to be removed before publishing as an RFC. | |||
| A.1. Since draft-ietf-httpbis-resumable-upload-08 | A.1. Since draft-ietf-httpbis-resumable-upload-09 | |||
| None yet | ||||
| A.2. Since draft-ietf-httpbis-resumable-upload-08 | ||||
| o Clarify definitions of new header fields. | o Clarify definitions of new header fields. | |||
| o Make handling of OPTIONS * optional. | o Make handling of OPTIONS * optional. | |||
| o Require server to announce limits using Upload-Limit. | o Require server to announce limits using Upload-Limit. | |||
| o Require clients to adhere to known limits. | o Require clients to adhere to known limits. | |||
| o Rephrase requirements for concurrency handling, focusing on the | o Rephrase requirements for concurrency handling, focusing on the | |||
| outcome. | outcome. | |||
| o Remove requirement for 204 status code for DELETE responses. | o Remove requirement for 204 status code for DELETE responses. | |||
| o Increase the draft interop version. | o Increase the draft interop version. | |||
| o Add section about 104 status code. | o Add section about 104 status code. | |||
| o Rephrase recommendation for sending information back to client. | o Rephrase recommendation for sending information back to client. | |||
| A.2. Since draft-ietf-httpbis-resumable-upload-07 | A.3. Since draft-ietf-httpbis-resumable-upload-07 | |||
| o Clarify server handling when upload length is exceeded. | o Clarify server handling when upload length is exceeded. | |||
| o Extend security considerations about upload resource URIs, | o Extend security considerations about upload resource URIs, | |||
| representation metadata, and untrusted inputs. | representation metadata, and untrusted inputs. | |||
| o Allow clients to retry for appropriate 4xx responses. | o Allow clients to retry for appropriate 4xx responses. | |||
| A.3. Since draft-ietf-httpbis-resumable-upload-06 | A.4. Since draft-ietf-httpbis-resumable-upload-06 | |||
| o Minor editorial improvements to introduction and examples. | o Minor editorial improvements to introduction and examples. | |||
| o Define structured types for new header fields. | o Define structured types for new header fields. | |||
| A.4. Since draft-ietf-httpbis-resumable-upload-05 | A.5. Since draft-ietf-httpbis-resumable-upload-05 | |||
| o Increase the draft interop version. | o Increase the draft interop version. | |||
| o Numerous editorial changes. | o Numerous editorial changes. | |||
| o Rename "expires" limit to "max-age". | o Rename "expires" limit to "max-age". | |||
| o Require "Upload-Complete", but not "Upload-Offset" or "Upload- | o Require "Upload-Complete", but not "Upload-Offset" or "Upload- | |||
| Limit", for append responses. | Limit", for append responses. | |||
| o Add problem type for inconsistent length values. | o Add problem type for inconsistent length values. | |||
| o Reduce use of "file" in favor of "representation". | o Reduce use of "file" in favor of "representation". | |||
| A.5. Since draft-ietf-httpbis-resumable-upload-04 | A.6. Since draft-ietf-httpbis-resumable-upload-04 | |||
| o Clarify implications of "Upload-Limit" header. | o Clarify implications of "Upload-Limit" header. | |||
| o Allow client to fetch upload limits upfront via "OPTIONS". | o Allow client to fetch upload limits upfront via "OPTIONS". | |||
| o Add guidance on upload creation strategy. | o Add guidance on upload creation strategy. | |||
| o Add "Upload-Length" header to indicate length during creation. | o Add "Upload-Length" header to indicate length during creation. | |||
| o Describe possible usage of "Want-Repr-Digest". | o Describe possible usage of "Want-Repr-Digest". | |||
| A.6. Since draft-ietf-httpbis-resumable-upload-03 | A.7. Since draft-ietf-httpbis-resumable-upload-03 | |||
| o Add note about "Content-Location" for referring to subsequent | o Add note about "Content-Location" for referring to subsequent | |||
| resources. | resources. | |||
| o Require "application/partial-upload" for appending to uploads. | o Require "application/partial-upload" for appending to uploads. | |||
| o Explain handling of content and transfer codings. | o Explain handling of content and transfer codings. | |||
| o Add problem types for mismatching offsets and completed uploads. | o Add problem types for mismatching offsets and completed uploads. | |||
| o Clarify that completed uploads must not be appended to. | o Clarify that completed uploads must not be appended to. | |||
| o Describe interaction with Digest Fields from RFC9530. | o Describe interaction with Digest Fields from RFC9530. | |||
| o Require that upload offset does not decrease over time. | o Require that upload offset does not decrease over time. | |||
| o Add Upload-Limit header field. | o Add Upload-Limit header field. | |||
| o Increase the draft interop version. | o Increase the draft interop version. | |||
| A.7. Since draft-ietf-httpbis-resumable-upload-02 | A.8. Since draft-ietf-httpbis-resumable-upload-02 | |||
| o Add upload progress notifications via informational responses. | o Add upload progress notifications via informational responses. | |||
| o Add security consideration regarding request filtering. | o Add security consideration regarding request filtering. | |||
| o Explain the use of empty requests for creation uploads and | o Explain the use of empty requests for creation uploads and | |||
| appending. | appending. | |||
| o Extend security consideration to include resource exhaustion | o Extend security consideration to include resource exhaustion | |||
| attacks. | attacks. | |||
| o Allow 200 status codes for offset retrieval. | o Allow 200 status codes for offset retrieval. | |||
| o Increase the draft interop version. | o Increase the draft interop version. | |||
| A.8. Since draft-ietf-httpbis-resumable-upload-01 | A.9. Since draft-ietf-httpbis-resumable-upload-01 | |||
| o Replace Upload-Incomplete header with Upload-Complete. | o Replace Upload-Incomplete header with Upload-Complete. | |||
| o Replace terminology about procedures with HTTP resources. | o Replace terminology about procedures with HTTP resources. | |||
| o Increase the draft interop version. | o Increase the draft interop version. | |||
| A.9. Since draft-ietf-httpbis-resumable-upload-00 | A.10. Since draft-ietf-httpbis-resumable-upload-00 | |||
| o Remove Upload-Token and instead use Server-generated upload URL | o Remove Upload-Token and instead use Server-generated upload URL | |||
| for upload identification. | for upload identification. | |||
| o Require the Upload-Incomplete header field in Upload Creation | o Require the Upload-Incomplete header field in Upload Creation | |||
| Procedure. | Procedure. | |||
| o Increase the draft interop version. | o Increase the draft interop version. | |||
| A.10. Since draft-tus-httpbis-resumable-uploads-protocol-02 | A.11. Since draft-tus-httpbis-resumable-uploads-protocol-02 | |||
| None | None | |||
| A.11. Since draft-tus-httpbis-resumable-uploads-protocol-01 | A.12. Since draft-tus-httpbis-resumable-uploads-protocol-01 | |||
| o Clarifying backtracking and preventing skipping ahead during the | o Clarifying backtracking and preventing skipping ahead during the | |||
| Offset Receiving Procedure. | Offset Receiving Procedure. | |||
| o Clients auto-retry 404 is no longer allowed. | o Clients auto-retry 404 is no longer allowed. | |||
| A.12. Since draft-tus-httpbis-resumable-uploads-protocol-00 | A.13. Since draft-tus-httpbis-resumable-uploads-protocol-00 | |||
| o Split the Upload Transfer Procedure into the Upload Creation | o Split the Upload Transfer Procedure into the Upload Creation | |||
| Procedure and the Upload Appending Procedure. | Procedure and the Upload Appending Procedure. | |||
| Appendix B. Draft Version Identification | Appendix B. Draft Version Identification | |||
| This section is to be removed before publishing as an RFC. | This section is to be removed before publishing as an RFC. | |||
| To assist the development of implementations and interoperability | To assist the development of implementations and interoperability | |||
| testing while this document is still a draft, an interop version is | testing while this document is still a draft, an interop version is | |||
| End of changes. 17 change blocks. | ||||
| 28 lines changed or deleted | 33 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||