summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc4437.txt
diff options
context:
space:
mode:
authorThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
committerThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
commit4bfd864f10b68b71482b35c818559068ef8d5797 (patch)
treee3989f47a7994642eb325063d46e8f08ffa681dc /doc/rfc/rfc4437.txt
parentea76e11061bda059ae9f9ad130a9895cc85607db (diff)
doc: Add RFC documents
Diffstat (limited to 'doc/rfc/rfc4437.txt')
-rw-r--r--doc/rfc/rfc4437.txt1403
1 files changed, 1403 insertions, 0 deletions
diff --git a/doc/rfc/rfc4437.txt b/doc/rfc/rfc4437.txt
new file mode 100644
index 0000000..0beed3b
--- /dev/null
+++ b/doc/rfc/rfc4437.txt
@@ -0,0 +1,1403 @@
+
+
+
+
+
+
+Network Working Group J. Whitehead
+Request for Comments: 4437 U.C. Santa Cruz
+Category: Experimental G. Clemm
+ IBM
+ J. Reschke, Ed.
+ greenbytes
+ March 2006
+
+
+ Web Distributed Authoring and Versioning (WebDAV)
+ Redirect Reference Resources
+
+
+Status of This Memo
+
+ This memo defines an Experimental Protocol for the Internet
+ community. It does not specify an Internet standard of any kind.
+ Discussion and suggestions for improvement are requested.
+ Distribution of this memo is unlimited.
+
+Copyright Notice
+
+ Copyright (C) The Internet Society (2006).
+
+Abstract
+
+ This specification defines an extension to Web Distributed Authoring
+ and Versioning (WebDAV) to allow clients to author HTTP redirect
+ reference resources whose default response is an HTTP/1.1 3xx
+ (Redirection) status code. A redirect reference makes it possible to
+ access the target resourced indirectly through any URI mapped to the
+ redirect reference resource. This specification does not address
+ remapping of trees of resources or regular expression based
+ redirections. There are no integrity guarantees associated with
+ redirect reference resources. Other mechanisms can also be used to
+ achieve the same functionality as this specification. This
+ specification allows operators to experiment with this mechanism and
+ develop experience on what is the best approach to the problem.
+
+Table of Contents
+
+ 1. Introduction ....................................................3
+ 2. Notational Conventions ..........................................4
+ 3. Terminology .....................................................4
+ 4. Overview of Redirect Reference Resources ........................5
+ 5. Operations on Redirect Reference Resources ......................6
+ 6. MKREDIRECTREF Method ............................................7
+
+
+
+
+Whitehead, et al. Experimental [Page 1]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ 6.1. Example: Creating a Redirect Reference Resource
+ with MKREDIRECTREF .........................................8
+ 7. UPDATEREDIRECTREF Method ........................................9
+ 7.1. Example: Updating a Redirect Reference Resource with
+ UPDATEREDIRECTREF .........................................10
+ 8. Operations on Collections That Contain Redirect
+ Reference Resources ............................................11
+ 8.1. Example: PROPFIND on a Collection with Redirect
+ Reference .................................................11
+ 8.2. Example: PROPFIND with Apply-To-Redirect-Ref on a
+ Collection with Redirect Reference Resources ..............13
+ 9. Operations on Targets of Redirect Reference Resources ..........15
+ 10. Relative References in DAV:reftarget ..........................15
+ 10.1. Example: Resolving a Relative Reference in a
+ Multi-Status Response.....................................16
+ 11. Redirect References to Collections ............................17
+ 12. Headers .......................................................18
+ 12.1. Redirect-Ref Response Header .............................18
+ 12.2. Apply-To-Redirect-Ref Request Header .....................19
+ 13. Redirect Reference Resource Properties ........................19
+ 13.1. DAV:redirect-lifetime (protected) ........................19
+ 13.2. DAV:reftarget (protected) ................................19
+ 14. XML Elements ..................................................19
+ 14.1. redirectref XML Element ..................................19
+ 15. Extensions to the DAV:response XML Element for Multi-Status
+ Responses .....................................................20
+ 16. Capability Discovery ..........................................20
+ 16.1. Example: Discovery of Support for Redirect
+ Reference Resources ......................................20
+ 17. Security Considerations .......................................21
+ 17.1. Privacy Concerns .........................................21
+ 17.2. Redirect Loops ...........................................21
+ 17.3. Redirect Reference Resources and Denial of Service .......21
+ 17.4. Revealing Private Locations ..............................22
+ 18. Internationalization Considerations ...........................22
+ 19. IANA Considerations ...........................................22
+ 19.1. HTTP headers .............................................22
+ 19.1.1. Redirect-Ref ......................................22
+ 19.1.2. Apply-To-Redirect-Ref .............................23
+ 20. Contributors ..................................................23
+ 21. Acknowledgements ..............................................23
+ 22. Normative References ..........................................23
+
+
+
+
+
+
+
+
+
+Whitehead, et al. Experimental [Page 2]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+1. Introduction
+
+ This specification extends the Web Distributed Authoring Protocol
+ (WebDAV) to enable clients to create new access paths to existing
+ resources. This capability is useful for several reasons.
+
+ WebDAV makes it possible to organize HTTP resources into hierarchies,
+ placing them into groupings, known as collections, that are more
+ easily browsed and manipulated than a single flat collection.
+ However, hierarchies require categorization decisions that locate
+ resources at a single location in the hierarchy, a drawback when a
+ resource has multiple valid categories. For example, in a hierarchy
+ of vehicle descriptions containing collections for cars and boats, a
+ description of a combination car/boat vehicle could belong in either
+ collection. Ideally, the description should be accessible from both.
+ Allowing clients to create new URIs that access the existing resource
+ lets them put that resource into multiple collections.
+
+ Hierarchies also make resource sharing more difficult, since
+ resources that have utility across many collections are still forced
+ into a single collection. For example, the mathematics department at
+ one university might create a collection of information on fractals
+ that contains bindings to some local resources, but also provides
+ access to some resources at other universities. For many reasons, it
+ may be undesirable to make physical copies of the shared resources:
+ to conserve disk space, to respect copyright constraints, or to make
+ any changes in the shared resources visible automatically. Being
+ able to create new access paths to existing resources in other
+ collections or even on other unrelated systems is useful for this
+ sort of case.
+
+ The redirect reference resources defined here provide a mechanism for
+ creating alternative access paths to existing resources. A redirect
+ reference resource is a resource in one collection whose purpose is
+ to redirect requests to another resource (its target), possibly in a
+ different collection. In this way, it allows clients to submit
+ requests to the target resource from another collection. It
+ redirects most requests to the target resource using an HTTP status
+ code from the 3xx range (Redirection), thereby providing a form of
+ mediated access to the target resource.
+
+
+
+
+
+
+
+
+
+
+
+Whitehead, et al. Experimental [Page 3]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ A redirect reference is a resource with properties but with no body
+ of its own. Properties of a redirect reference resource can contain
+ information such as who created the reference, when, and why. Since
+ redirect reference resources are implemented using HTTP 3xx
+ responses, it generally takes two round trips to submit a request to
+ the intended resource. Redirect references work equally well for
+ local resources and for resources that reside on a different system
+ from the reference.
+
+ The remainder of this document is structured as follows: Section 3
+ defines terms that will be used throughout the specification.
+ Section 4 provides an overview of redirect reference resources.
+ Section 5 defines the semantics of existing methods when applied to
+ redirect reference resources. Section 6 discusses how to create a
+ redirect reference resource, and Section 7 discusses updating
+ redirect references. Section 8 discusses their semantics when
+ applied to collections that contain redirect reference resources.
+ Sections 9 through 11 discuss several other issues raised by the
+ existence of redirect reference resources. Sections 12 through 15
+ define the new headers, properties, and XML elements required to
+ support redirect reference resources. Section 16 discusses
+ capability discovery. Sections 17 through 19 present the security,
+ internationalization, and IANA concerns raised by this specification.
+ The remaining sections provide a variety of supporting information.
+
+2. Notational Conventions
+
+ Since this document describes a set of extensions to the WebDAV
+ Distributed Authoring Protocol [RFC2518], itself an extension to the
+ HTTP/1.1 protocol, the augmented BNF used here to describe protocol
+ elements is exactly the same as described in Section 2.1 of
+ [RFC2616]. Since this augmented BNF uses the basic production rules
+ provided in Section 2.2 of [RFC2616], these rules apply to this
+ document as well.
+
+ In this document, the key words "MUST", "MUST NOT", "REQUIRED",
+ "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
+ and "OPTIONAL" are to be interpreted as described in [RFC2119].
+
+3. Terminology
+
+ The terminology used here follows and extends that in the WebDAV
+ Distributed Authoring Protocol specification [RFC2518]. Definitions
+ of the terms resource, Uniform Resource Identifier (URI), and Uniform
+ Resource Locator (URL) are provided in [RFC3986].
+
+
+
+
+
+
+Whitehead, et al. Experimental [Page 4]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ Redirect Reference Resource
+
+ A resource created to redirect all requests made to it, using an
+ HTTP status code from the 3xx range, to a defined target resource.
+
+ Non-Reference Resource
+
+ A resource that is not a reference to another resource.
+
+ Target Resource
+
+ The resource to which requests are redirected by a redirect
+ reference resource. A target resource can be anything that can be
+ identified by an absolute URI (see [RFC3986], "absolute-URI").
+
+ This document uses the terms "precondition", "postcondition", and
+ "protected property" as defined in [RFC3253]. Servers MUST report
+ pre-/postcondition failures as described in Section 1.6 of this
+ document.
+
+4. Overview of Redirect Reference Resources
+
+ For all operations submitted to a redirect reference resource, the
+ default response is a 302 (Found), accompanied by the Redirect-Ref
+ header (defined in Section 12.1, below) and the Location header
+ ([RFC2616], Section 14.30) set to the URI of the target resource.
+ With this information, the client can resubmit the request to the URI
+ of the target resource.
+
+ A redirect reference resource never automatically forwards requests
+ to its target resource. Redirect resources bring the same benefits
+ as links in HTML documents. They can be created and maintained
+ without the involvement or even knowledge of their target resource.
+ This reduces the cost of linking between resources.
+
+ If the client is aware that it is operating on a redirect reference
+ resource, it can resolve the reference by retrieving the reference
+ resource's DAV:reftarget property (defined in Section 13.2, below),
+ whose value contains the URI of the target resource. It can then
+ submit requests to the target resource.
+
+ A redirect reference resource is a new type of resource. To
+ distinguish redirect reference resources from non-reference
+ resources, a new value of the DAV:resourcetype property (defined in
+ [RFC2518]), DAV:redirectref, is defined in Section 14.1, below.
+
+ Since a redirect reference resource is a resource, methods can be
+ applied to the reference resource as well as to its target resource.
+
+
+
+Whitehead, et al. Experimental [Page 5]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ The Apply-To-Redirect-Ref request header (defined in Section 12.2,
+ below) is provided so that referencing-aware clients can control
+ whether an operation is applied to the redirect reference resource or
+ standard HTTP/WebDAV behaviour (redirection with a 3xx status code)
+ should occur. The Apply-To-Redirect-Ref header can be used with most
+ requests to redirect reference resources. This header is
+ particularly useful with PROPFIND, to retrieve the reference
+ resource's own properties.
+
+ Implementation Note: Operations on the target of a redirect reference
+ usually do not affect the redirect reference itself. However,
+ clients should not rely on this behaviour (for instance, some servers
+ may update redirect references as a result of namespace operations on
+ the reference's target).
+
+5. Operations on Redirect Reference Resources
+
+ Although non-referencing-aware clients cannot create reference
+ resources, they should be able to submit requests through the
+ reference resources created by reference-aware WebDAV clients. They
+ should be able to follow any references to their targets. To make
+ this possible, a server that receives any request made via a redirect
+ reference resource MUST return a 3xx range (Redirection) status code,
+ unless the request includes an Apply-To-Redirect-Ref header
+ specifying "T". The client and server MUST follow [RFC2616], Section
+ 10.3, but with these additional rules:
+
+ o The Location response header MUST contain a URI (see [RFC3986],
+ Section 3) that identifies the target of the reference resource.
+
+ o The response MUST include the Redirect-Ref header. This header
+ allows reference-aware WebDAV clients to recognize the resource as
+ a reference resource and to understand the reason for the
+ redirection.
+
+ A reference-aware WebDAV client can, like a non-referencing client,
+ resubmit the request to the URI in the Location header in order to
+ operate on the target resource. Alternatively, it can resubmit the
+ request to the URI of the redirect reference resource with the
+ "Apply-To-Redirect-Ref: T" header in order to operate on the
+ reference resource itself. In this case, the request MUST be applied
+ to the reference resource itself, and a 3xx response MUST NOT be
+ returned.
+
+ As redirect references do not have bodies, GET and PUT requests with
+ "Apply-To-Redirect-Ref: T" MUST fail with status 403 (forbidden).
+
+
+
+
+
+Whitehead, et al. Experimental [Page 6]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+6. MKREDIRECTREF Method
+
+ The MKREDIRECTREF method requests the creation of a redirect
+ reference resource.
+
+ If a MKREDIRECTREF request fails, the server state preceding the
+ request MUST be restored.
+
+ Responses from a MKREDIRECTREF request MUST NOT be cached, as
+ MKREDIRECTREF has non-idempotent and non-safe semantics (see
+ [RFC2616], Section 9.1).
+
+ Marshalling
+
+ The request body MUST be a DAV:mkredirectref XML element.
+
+ <!ELEMENT mkredirectref (reftarget, redirect-lifetime?)>
+ <!ELEMENT reftarget (href)>
+ <!ELEMENT redirect-lifetime (permanent | temporary)>
+ <!ELEMENT permanent EMPTY>
+ <!ELEMENT temporary EMPTY>
+
+ The DAV:href element is defined in [RFC2518] (Section 12.3) and
+ MUST contain either a URI or a relative-ref (see [RFC3986],
+ Sections 3 and 4.2).
+
+ If no DAV:redirect-lifetime element is specified, the server MUST
+ behave as if a value of DAV:temporary was specified.
+
+ If the request succeeds, the server MUST return 201 (Created)
+ status.
+
+ If a response body for a successful request is included, it MUST
+ be a DAV:mkredirectref-response XML element. Note that this
+ document does not define any elements for the MKREDIRECTREF
+ response body, but the DAV:mkredirectref-response element is
+ defined to ensure interoperability between future extensions that
+ do define elements for the response body.
+
+ <!ELEMENT mkredirectref-response ANY>
+
+ Preconditions
+
+ (DAV:resource-must-be-null): A resource MUST NOT exist at the
+ Request-URI.
+
+ (DAV:parent-resource-must-be-non-null): The Request-URI minus the
+ last past segment MUST identify a collection.
+
+
+
+Whitehead, et al. Experimental [Page 7]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ (DAV:name-allowed): The last segment of the Request-URI is
+ available for use as a resource name.
+
+ (DAV:locked-update-allowed): If the collection identified by the
+ Request-URI minus the last path segment is write-locked, then the
+ appropriate token MUST be specified in an If request header.
+
+ (DAV:redirect-lifetime-supported): If the request body contains a
+ DAV:redirect-lifetime element, the server MUST support the
+ specified lifetime. Support for DAV:temporary is REQUIRED, while
+ support for DAV:permanent is OPTIONAL.
+
+ (DAV:legal-reftarget): The specified is a legal URI or relative-
+ ref.
+
+ Postconditions
+
+ (DAV:new-redirectref): a new redirect reference resource is
+ created whose DAV:reftarget property has the value specified in
+ the request body.
+
+6.1. Example: Creating a Redirect Reference Resource with MKREDIRECTREF
+
+ >> Request:
+
+ MKREDIRECTREF /~whitehead/dav/spec08.ref HTTP/1.1
+ Host: www.example.com
+ Content-Type: text/xml; charset="utf-8"
+ Content-Length: xxx
+
+ <?xml version="1.0" encoding="utf-8" ?>
+ <D:mkredirectref xmlns:D="DAV:">
+ <D:reftarget>
+ <D:href>/i-d/draft-webdav-protocol-08.txt</D:href>
+ </D:reftarget>
+ </D:mkredirectref>
+
+ >> Response:
+
+ HTTP/1.1 201 Created
+
+
+
+
+
+
+
+
+
+
+
+Whitehead, et al. Experimental [Page 8]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ This request resulted in the creation of a new redirect reference
+ resource at http://www.example.com/~whitehead/dav/spec08.ref, which
+ points to the resource identified by the DAV:reftarget property. In
+ this example, the target resource is identified by the URI
+ http://www.example.com/i-d/draft-webdav-protocol-08.txt. The
+ redirect reference resource's DAV:resourcetype property is set to
+ DAV:redirectref, and its DAV:redirect-lifetime property has the value
+ DAV:temporary.
+
+7. UPDATEREDIRECTREF Method
+
+ The UPDATEREDIRECTREF method requests the update of a redirect
+ reference resource.
+
+ If a UPDATEREDIRECTREF request fails, the server state preceding the
+ request MUST be restored.
+
+ Responses from a UPDATEREDIRECTREF request MUST NOT be cached, as
+ UPDATEREDIRECTREF has non-safe semantics (see [RFC2616], Section
+ 9.1).
+
+ Marshalling
+
+ The request body MUST be a DAV:updateredirectref XML element.
+
+ <!ELEMENT updateredirectref (reftarget?, redirect-lifetime?)>
+
+ See Section 6 for a definition of DAV:reftarget and DAV:redirect-
+ lifetime.
+
+ If no DAV:reftarget element is specified, the server MUST NOT
+ change the target of the redirect reference.
+
+ If no DAV:redirect-lifetime element is specified, the server MUST
+ NOT change the lifetime of the redirect reference.
+
+ If a response body for a successful request is included, it MUST
+ be a DAV:updateredirectref-response XML element. Note that this
+ document does not define any elements for the UPDATEREDIRECTREF
+ response body, but the DAV:updateredirectref-response element is
+ defined to ensure interoperability between future extensions that
+ do define elements for the response body.
+
+ <!ELEMENT updateredirectref-response ANY>
+
+
+
+
+
+
+
+Whitehead, et al. Experimental [Page 9]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ Preconditions
+
+ (DAV:locked-update-allowed): if the resource is write-locked, then
+ the appropriate token MUST be specified in an If request header.
+
+ (DAV:must-be-redirectref): the resource identified by the
+ Request-URI must be a redirect reference resource as defined by
+ this specification.
+
+ (DAV:redirect-lifetime-supported): see Section 6.
+
+ (DAV:redirect-lifetime-update-supported): servers MAY support
+ changing the DAV:redirect-lifetime property; if they don't, this
+ condition code can be used to signal failure.
+
+ (DAV:legal-reftarget): see Section 6.
+
+ Postconditions
+
+ (DAV:redirectref-updated): the DAV:reftarget and DAV:redirect-
+ lifetime properties of the redirect reference have been updated
+ accordingly.
+
+7.1. Example: Updating a Redirect Reference Resource with
+ UPDATEREDIRECTREF
+
+ >> Request:
+
+ UPDATEREDIRECTREF /~whitehead/dav/spec08.ref HTTP/1.1
+ Host: www.example.com
+ Apply-To-Redirect-Ref: T
+ Content-Type: text/xml; charset="utf-8"
+ Content-Length: xxx
+
+ <?xml version="1.0" encoding="utf-8" ?>
+ <D:updateredirectref xmlns:D="DAV:">
+ <D:reftarget>
+ <D:href>/i-d/draft-webdav-protocol-08b.txt</D:href>
+ </D:reftarget>
+ </D:updateredirectref>
+
+ >> Response:
+
+ HTTP/1.1 200 OK
+
+ This request has updated the redirect reference's DAV:reftarget
+ property to "/i-d/draft-webdav-protocol-08b.txt" and has not changed
+ the DAV:redirect-lifetime value. Note that the "Apply-To-Redirect-
+
+
+
+Whitehead, et al. Experimental [Page 10]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ Ref" request header must be used; otherwise, the request would result
+ in a redirect (3xx) response status.
+
+8. Operations on Collections That Contain Redirect Reference Resources
+
+ According to [RFC2518], Section 9.2, methods that have defined
+ interactions with the "Depth" request header should apply all other
+ request headers to each resource in scope. However, applying this
+ principle to the "Apply-To-Redirect-Ref" header uniformly would make
+ it impractical to implement this specification on top of existing
+ servers and also would result in unexpected server behaviour for
+ clients that do not take the existence of redirect references into
+ account. On the other hand, the definition of the "Depth" header
+ allows alternate behaviours to be explicitly defined.
+
+ For this reason, this specification defines the interaction between
+ "Depth" and "Apply-To-Redirect-Ref" request headers on a case-by-case
+ basis and also provides a default for methods not mentioned here that
+ do not specify the behaviour themselves.
+
+ +-------------+-----------------+------------------+-----------+
+ | method name | defined in | supported depths | behaviour |
+ +-------------+-----------------+------------------+-----------+
+ | COPY | [RFC2518], 8.9 | 0, infinity | "T" |
+ | DELETE | [RFC2518], 8.7 | infinity | "T" |
+ | LOCK | [RFC2518], 8.11 | 0, infinity | "T" |
+ | MOVE | [RFC2518], 8.10 | 0, infinity | "T" |
+ | PROPFIND | [RFC2518], 8.2 | 0, 1, infinity | inherit |
+ | REPORT | [RFC3253], 3.6 | 0, 1, infinity | inherit |
+ | default | | | "T" |
+ +-------------+-----------------+------------------+-----------+
+
+ When the behaviour is defined to be "inherit", the method should
+ follow RFC2518's default behaviour for "Depth" operations, which
+ means applying the value given for "Apply-To-Redirect-Ref" to each
+ resource in scope. On the other hand, when it is defined to be "T",
+ the method should behave as if a "Apply-To-Redirect-Ref: T" header
+ was specified for each operation on child resources. The latter
+ ensures that "Depth: infinity" operations will not fail unexpectedly
+ just because there was a redirect reference resource in scope.
+
+8.1. Example: PROPFIND on a Collection with Redirect Reference
+ Resources
+
+ Suppose a PROPFIND request with Depth: infinity is submitted to the
+ following collection, with the members shown here:
+
+
+
+
+
+Whitehead, et al. Experimental [Page 11]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ /MyCollection/
+ (non-reference resource) diary.html
+ (redirect reference resource) nunavut
+
+ >> Request:
+
+ PROPFIND /MyCollection/ HTTP/1.1
+ Host: example.com
+ Depth: infinity
+ Apply-To-Redirect-Ref: F
+ Content-Type: text/xml
+ Content-Length: xxxx
+
+ <?xml version="1.0" ?>
+ <D:propfind xmlns:D="DAV: ">
+ <D:prop xmlns:J="http://example.com/jsprops/">
+ <D:resourcetype/>
+ <J:keywords/>
+ </D:prop>
+ </D:propfind>
+
+ >> Response:
+
+ HTTP/1.1 207 Multi-Status
+ Content-Type: text/xml
+ Content-Length: xxxx
+
+ <?xml version="1.0" ?>
+ <D:multistatus xmlns:D="DAV:" xmlns:J="http://example.com/jsprops/">
+ <D:response>
+ <D:href>/MyCollection/</D:href>
+ <D:propstat>
+ <D:prop>
+ <D:resourcetype><D:collection/></D:resourcetype>
+ <J:keywords>diary, interests, hobbies</J:keywords>
+ </D:prop>
+ <D:status>HTTP/1.1 200 OK</D:status>
+ </D:propstat>
+ </D:response>
+ <D:response>
+ <D:href>/MyCollection/diary.html</D:href>
+ <D:propstat>
+ <D:prop>
+ <D:resourcetype/>
+ <J:keywords>diary, travel, family, history</J:keywords>
+ </D:prop>
+ <D:status>HTTP/1.1 200 OK</D:status>
+ </D:propstat>
+
+
+
+Whitehead, et al. Experimental [Page 12]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ </D:response>
+ <D:response>
+ <D:href>/MyCollection/nunavut</D:href>
+ <D:status>HTTP/1.1 302 Found</D:status>
+ <D:location>
+ <D:href>http://example.ca/art/inuit/</D:href>
+ </D:location>
+ </D:response>
+ </D:multistatus>
+
+ In this example, the Depth header is set to infinity, and the Apply-
+ To-Redirect-Ref header is set to "F". The collection contains one
+ URI that identifies a redirect reference resource. The response
+ element for the redirect reference resource has a status of 302
+ (Found) and includes a DAV:location extension element to allow
+ clients to retrieve the properties of its target resource. (The
+ response element for the redirect reference resource does not include
+ the requested properties. The client can submit another PROPFIND
+ request to the URI in the DAV:location pseudo-property to retrieve
+ those properties.)
+
+8.2. Example: PROPFIND with Apply-To-Redirect-Ref on a Collection with
+ Redirect Reference Resources
+
+ Suppose a PROPFIND request with "Apply-To-Redirect-Ref: T" and Depth:
+ infinity is submitted to the following collection, with the members
+ shown here:
+
+ /MyCollection/
+ (non-reference resource) diary.html
+ (redirect reference resource) nunavut
+
+ >> Request:
+
+ PROPFIND /MyCollection/ HTTP/1.1
+ Host: example.com
+ Depth: infinity
+ Apply-To-Redirect-Ref: T
+ Content-Type: text/xml
+ Content-Length: xxxx
+
+
+
+
+
+
+
+
+
+
+
+Whitehead, et al. Experimental [Page 13]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ <?xml version="1.0" ?>
+ <D:propfind xmlns:D="DAV:">
+ <D:prop>
+ <D:resourcetype/>
+ <D:reftarget/>
+ <D:redirect-lifetime/>
+ </D:prop>
+ </D:propfind>
+
+ >> Response:
+
+ HTTP/1.1 207 Multi-Status
+ Content-Type: text/xml
+ Content-Length: xxxx
+
+ <?xml version="1.0" ?>
+ <D:multistatus xmlns:D="DAV:">
+ <D:response>
+ <D:href>/MyCollection/</D:href>
+ <D:propstat>
+ <D:prop>
+ <D:resourcetype><D:collection/></D:resourcetype>
+ </D:prop>
+ <D:status>HTTP/1.1 200 OK</D:status>
+ </D:propstat>
+ <D:propstat>
+ <D:prop>
+ <D:reftarget/>
+ <D:redirect-lifetime/>
+ </D:prop>
+ <D:status>HTTP/1.1 404 Not Found</D:status>
+ </D:propstat>
+ </D:response>
+ <D:response>
+ <D:href>/MyCollection/diary.html</D:href>
+ <D:propstat>
+ <D:prop>
+ <D:resourcetype/>
+ </D:prop>
+ <D:status>HTTP/1.1 200 OK</D:status>
+ </D:propstat>
+ <D:propstat>
+ <D:prop>
+ <D:reftarget/>
+ <D:redirect-lifetime/>
+ </D:prop>
+ <D:status>HTTP/1.1 404 Not Found</D:status>
+ </D:propstat>
+
+
+
+Whitehead, et al. Experimental [Page 14]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ </D:response>
+ <D:response>
+ <D:href>/MyCollection/nunavut</D:href>
+ <D:propstat>
+ <D:prop>
+ <D:resourcetype><D:redirectref/></D:resourcetype>
+ <D:reftarget>
+ <D:href>http://example.ca/art/inuit/</D:href>
+ </D:reftarget>
+ <D:redirect-lifetime><D:temporary/></D:redirect-lifetime>
+ </D:prop>
+ <D:status>HTTP/1.1 200 OK</D:status>
+ </D:propstat>
+ </D:response>
+ </D:multistatus>
+
+ Since the "Apply-To-Redirect-Ref: T" header is present, the response
+ shows the properties of the redirect reference resource in the
+ collection rather than reporting a 302 status.
+
+9. Operations on Targets of Redirect Reference Resources
+
+ Operations on targets of redirect reference resources have no effect
+ on the reference resource.
+
+10. Relative References in DAV:reftarget
+
+ The URI in the href in a DAV:reftarget property MAY be a relative
+ reference. In this case, the base URI to be used for resolving it to
+ absolute form is the URI used in the HTTP message to identify the
+ redirect reference resource to which the DAV:reftarget property
+ belongs.
+
+ When DAV:reftarget appears in the context of a Multi-Status response,
+ it is in a DAV:response element that contains a single DAV:href
+ element. The value of this DAV:href element serves as the base URI
+ for resolving a relative reference in DAV:reftarget. The value of
+ DAV:href may itself be relative, in which case it must be resolved
+ first in order to serve as the base URI for the relative reference in
+ DAV:reftarget. If the DAV:href element is relative, its base URI is
+ constructed from the scheme component "http", the value of the Host
+ header in the request, and the Request-URI.
+
+
+
+
+
+
+
+
+
+Whitehead, et al. Experimental [Page 15]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+10.1. Example: Resolving a Relative Reference in a Multi-Status
+ Response
+
+ >> Request:
+
+ PROPFIND /geog/ HTTP/1.1
+ Host: example.com
+ Apply-To-Redirect-Ref: T
+ Depth: 1
+ Content-Type: text/xml
+ Content-Length: nnn
+
+ <?xml version="1.0" ?>
+ <D:propfind xmlns:D="DAV:">
+ <D:prop>
+ <D:resourcetype/>
+ <D:reftarget/>
+ </D:prop>
+ </D:propfind>
+
+ >> Response:
+
+ HTTP/1.1 207 Multi-Status
+ Content-Type: text/xml
+ Content-Length: nnn
+
+ <?xml version="1/0" ?>
+ <D:multistatus xmlns:D="DAV:">
+ <D:response>
+ <D:href>/geog/</D:href>
+ <D:propstat>
+ <D:prop>
+ <D:resourcetype><D:collection/></D:resourcetype>
+ </D:prop>
+ <D:status>HTTP/1.1 200 OK</D:status>
+ </D:propstat>
+ <D:propstat>
+ <D:prop><D:reftarget/></D:prop>
+ <D:status>HTTP/1.1 404 Not Found</D:status>
+ </D:propstat>
+ </D:response>
+ <D:response>
+ <D:href>/geog/stats.html</D:href>
+ <D:propstat>
+ <D:prop>
+ <D:resourcetype><D:redirectref/></D:resourcetype>
+ <D:reftarget>
+ <D:href>statistics/population/1997.html</D:href>
+
+
+
+Whitehead, et al. Experimental [Page 16]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ </D:reftarget>
+ </D:prop>
+ <D:status>HTTP/1.1 200 OK</D:status>
+ </D:propstat>
+ </D:response>
+ </D:multistatus>
+
+ In this example, the relative reference
+ "statistics/population/1997.html" is returned as the value of the
+ DAV:reftarget property for the reference resource identified by href
+ /geog/stats.html. The href is itself a relative reference, which
+ resolves to http://example.com/geog/stats.html. This is the base URI
+ for resolving the relative reference in reftarget. The absolute URI
+ of reftarget is
+ http://example.com/geog/statistics/population/1997.html.
+
+11. Redirect References to Collections
+
+ In a Request-URI /segment1/segment2/segment3, any of the three
+ segments may identify a redirect reference resource. (See [RFC3986],
+ Section 3.3, for definitions of "path" and "segment".) If any
+ segment in a Request-URI identifies a redirect reference resource,
+ the response SHOULD be a 3xx. The value of the Location header in
+ the response is as follows:
+
+ The leftmost path segment of the Request-URI that identifies a
+ redirect reference resource, together with all path segments and
+ separators to the left of it, is replaced by the value of the
+ redirect reference resource's DAV:reftarget property (resolved to an
+ absolute URI). The remainder of the Request-URI is concatenated to
+ this path.
+
+ Note: If the DAV:reftarget property ends with a "/" and the remainder
+ of the Request-URI is non-empty (and therefore must begin with a
+ "/"), the final "/" in the DAV:reftarget property is dropped before
+ the remainder of the Request-URI is appended.
+
+ Consider Request-URI /x/y/z.html. Suppose that /x/ is a redirect
+ reference resource, whose target resource is collection /a/, which
+ contains redirect reference resource y whose target resource is
+ collection /b/, which contains redirect reference resource z.html,
+ whose target resource is /c/d.html.
+
+
+
+
+
+
+
+
+
+Whitehead, et al. Experimental [Page 17]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ /x/y/z.html
+ |
+ | /x -> /a
+ |
+ v
+ /a/y/z.html
+ |
+ | /a/y -> /b
+ |
+ v
+ /b/z.html
+ |
+ | /b/z.html -> /c/d.html
+ |
+ v
+ /c/d.html
+
+ In this case, the client must follow up three separate 3xx responses
+ before finally reaching the target resource. The server responds to
+ the initial request with a 3xx with Location: /a/y/z.html, and the
+ client resubmits the request to /a/y/z.html. The server responds to
+ this request with a 3xx with Location: /b/z.html, and the client
+ resubmits the request to /b/z.html. The server responds to this
+ request with a 3xx with Location: /c/d.html, and the client resubmits
+ the request to /c/d.html. This final request succeeds.
+
+ Note: The behaviour described above may have a very serious impact
+ on the efficiency of mapping Request-URIs to resources in HTTP
+ request processing. Therefore, servers MAY respond with a 404
+ status code if the cost of checking all leading path segments for
+ redirect references seems prohibitive.
+
+12. Headers
+
+12.1. Redirect-Ref Response Header
+
+ Redirect-Ref = "Redirect-Ref:" (URI | relative-ref)
+ ; URI: see [RFC3986], Section 3
+ ; relative-ref: see [RFC3986], Section 4.2
+
+ The Redirect-Ref header is used in all 3xx responses from redirect
+ reference resources. The value is the link target as specified
+ during redirect reference resource creation.
+
+
+
+
+
+
+
+
+Whitehead, et al. Experimental [Page 18]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+12.2. Apply-To-Redirect-Ref Request Header
+
+ Apply-To-Redirect-Ref = "Apply-To-Redirect-Ref" ":" ("T" | "F")
+
+ The optional Apply-To-Redirect-Ref header can be used on any request
+ to a redirect reference resource. When it is present and set to "T",
+ the request MUST be applied to the reference resource itself, and a
+ 3xx response MUST NOT be returned.
+
+ If the Apply-To-Redirect-Ref header is used on a request to any other
+ sort of resource besides a redirect reference resource, the server
+ MUST ignore it.
+
+13. Redirect Reference Resource Properties
+
+ The properties defined below are REQUIRED on redirect reference
+ resources. A PROPFIND/allprop request SHOULD NOT return any of the
+ properties defined in this document.
+
+13.1. DAV:redirect-lifetime (protected)
+
+ This property provides information about the lifetime of a redirect.
+ It can be either DAV:permanent (HTTP status 301) or DAV:temporary
+ (HTTP status 302). Future protocols may define additional values.
+
+ <!ELEMENT redirect-lifetime (permanent | temporary)>
+ <!ELEMENT permanent EMPTY>
+ <!ELEMENT temporary EMPTY>
+
+13.2. DAV:reftarget (protected)
+
+ This property provides an efficient way for clients to discover the
+ URI of the target resource. This is a read-only property after its
+ initial creation. Its value can only be set in a MKREDIRECTREF
+ request. The value is a DAV:href element containing the URI of the
+ target resource.
+
+ <!ELEMENT reftarget href >
+
+14. XML Elements
+
+14.1. redirectref XML Element
+
+ Name: redirectref
+
+ Namespace: DAV:
+
+
+
+
+
+Whitehead, et al. Experimental [Page 19]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ Purpose: Used as the value of the DAV:resourcetype property to
+ specify that the resource type is a redirect reference resource.
+
+ <!ELEMENT redirectref EMPTY >
+
+15. Extensions to the DAV:response XML Element for Multi-Status
+ Responses
+
+ As described in Section 8, the DAV:location element may be returned
+ in the DAV:response element of a 207 Multi-Status response, to allow
+ clients to resubmit their requests to the target resource of a
+ redirect reference resource.
+
+ Consequently, the definition of the DAV:response XML element changes
+ to the following:
+
+ <!ELEMENT response (href, ((href*, status)|(propstat+)),
+ responsedescription?, location?) >
+ <!ELEMENT location (href) >
+
+16. Capability Discovery
+
+ Sections 9.1 and 15 of [RFC2518] describe the use of compliance
+ classes with the DAV header in responses to OPTIONS, to indicate
+ which parts of the WebDAV Distributed Authoring protocols the
+ resource supports. This specification defines an OPTIONAL extension
+ to [RFC2518]. It defines a new compliance class, called
+ redirectrefs, for use with the DAV header in responses to OPTIONS
+ requests. If a resource does support redirect references, its
+ response to an OPTIONS request may indicate that it does, by listing
+ the new redirectrefs compliance class in the DAV header and by
+ listing the MKREDIRECTREF method as one it supports.
+
+ When responding to an OPTIONS request, any type of resource can
+ include redirectrefs in the value of the DAV header. Doing so
+ indicates that the server permits a redirect reference resource at
+ the Request-URI.
+
+16.1. Example: Discovery of Support for Redirect Reference Resources
+
+ >> Request:
+
+ OPTIONS /somecollection/someresource HTTP/1.1
+ Host: example.org
+
+
+
+
+
+
+
+Whitehead, et al. Experimental [Page 20]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ >> Response:
+
+ HTTP/1.1 200 OK
+ Allow: OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, COPY, MOVE
+ Allow: MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, MKREDIRECTREF
+ DAV: 1, 2, redirectrefs
+
+ The DAV header in the response indicates that the resource
+ /somecollection/someresource is level 1 and level 2 compliant, as
+ defined in [RFC2518]. In addition, /somecollection/someresource
+ supports redirect reference resources. The Allow header indicates
+ that MKREDIRECTREF requests can be submitted to
+ /somecollection/someresource.
+
+17. Security Considerations
+
+ This section is provided to make applications that implement this
+ protocol aware of the security implications of this protocol.
+
+ All of the security considerations of HTTP/1.1 and the WebDAV
+ Distributed Authoring Protocol specification also apply to this
+ protocol specification. In addition, redirect reference resources
+ introduce several new security concerns and increase the risk of some
+ existing threats. These issues are detailed below.
+
+17.1. Privacy Concerns
+
+ By creating redirect reference resources on a trusted server, it is
+ possible for a hostile agent to induce users to send private
+ information to a target on an unrelated system. This risk is
+ mitigated somewhat, since clients are required to notify the user of
+ the redirection for any request other than GET or HEAD. (See
+ [RFC2616], Section 10.3.3, 302 Found.)
+
+17.2. Redirect Loops
+
+ Although redirect loops were already possible in HTTP 1.1, the
+ introduction of the MKREDIRECTREF method creates a new avenue for
+ clients to create loops accidentally or maliciously. If the
+ reference resource and its target are on the same server, the server
+ may be able to detect MKREDIRECTREF requests that would create loops.
+ See also [RFC2616], Section 10.3, "Redirection 3xx."
+
+17.3. Redirect Reference Resources and Denial of Service
+
+ Denial of service attacks were already possible by posting URLs that
+ were intended for limited use at heavily used Web sites. The
+ introduction of MKREDIRECTREF creates a new avenue for similar denial
+
+
+
+Whitehead, et al. Experimental [Page 21]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ of service attacks. Clients can now create redirect reference
+ resources at heavily used sites to target locations that were not
+ designed for heavy usage.
+
+17.4. Revealing Private Locations
+
+ There are several ways that redirect reference resources may reveal
+ information about collection structures. First, the DAV:reftarget
+ property of every redirect reference resource contains the URI of the
+ target resource. Anyone who has access to the reference resource can
+ discover the collection path that leads to the target resource. The
+ owner of the target resource may have wanted to limit knowledge of
+ this collection structure.
+
+ Sufficiently powerful access control mechanisms can control this risk
+ to some extent. Property-level access control could prevent users
+ from examining the DAV:reftarget property. (The Location header
+ returned in responses to requests on redirect reference resources
+ reveals the same information, however.)
+
+ This risk is no greater than the similar risk posed by HTML links.
+
+18. Internationalization Considerations
+
+ All internationalization considerations mentioned in [RFC2518] also
+ apply to this document.
+
+19. IANA Considerations
+
+ All IANA considerations mentioned in [RFC2518] also apply to this
+ document.
+
+19.1. HTTP headers
+
+ This document specifies the two new HTTP headers listed below.
+
+19.1.1. Redirect-Ref
+
+ Header field name: Redirect-Ref
+
+ Applicable protocol: http
+
+ Status: standard
+
+ Author/Change controller: IETF
+
+ Specification document: this specification (Section 12.1)
+
+
+
+
+Whitehead, et al. Experimental [Page 22]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+19.1.2 Apply-To-Redirect-Ref
+
+ Header field name: Apply-To-Redirect-Ref
+
+ Applicable protocol: http
+
+ Status: standard
+
+ Author/Change controller: IETF
+
+ Specification document: this specification (Section 12.2)
+
+20. Contributors
+
+ Many thanks to Jason Crawford, Jim Davis, Chuck Fay, and Judith
+ Slein, who can take credit for big parts of the original design of
+ this specification.
+
+21. Acknowledgements
+
+ This document has benefited from thoughtful discussion by Jim Amsden,
+ Peter Carlson, Steve Carter, Tyson Chihaya, Ken Coar, Ellis Cohen,
+ Bruce Cragun, Spencer Dawkins, Mark Day, Rajiv Dulepet, David Durand,
+ Lisa Dusseault, Stefan Eissing, Roy Fielding, Yaron Goland, Fred
+ Hitt, Alex Hopmann, James Hunt, Marcus Jager, Chris Kaler, Manoj
+ Kasichainula, Rohit Khare, Daniel LaLiberte, Steve Martin, Larry
+ Masinter, Jeff McAffer, Joe Orton, Surendra Koduru Reddy, Juergen
+ Reuter, Max Rible, Sam Ruby, Bradley Sergeant, Nick Shelness, John
+ Stracke, John Tigue, John Turner, Kevin Wiggen, and others.
+
+22. Normative References
+
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", BCP 14, RFC 2119, March 1997.
+
+ [RFC2518] Goland, Y., Whitehead, E., Faizi, A., Carter, S., and D.
+ Jensen, "HTTP Extensions for Distributed Authoring --
+ WEBDAV", RFC 2518, February 1999.
+
+ [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
+ Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
+ Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
+
+ [RFC3253] Clemm, G., Amsden, J., Ellison, T., Kaler, C., and J.
+ Whitehead, "Versioning Extensions to WebDAV (Web
+ Distributed Authoring and Versioning)", RFC 3253, March
+ 2002.
+
+
+
+
+Whitehead, et al. Experimental [Page 23]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+ [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
+ Resource Identifier (URI): Generic Syntax", STD 66, RFC
+ 3986, January 2005.
+
+Authors' Addresses
+
+ Jim Whitehead
+ UC Santa Cruz, Dept. of Computer Science
+ 1156 High Street
+ Santa Cruz, CA 95064
+ US
+
+ EMail: ejw@cse.ucsc.edu
+
+
+ Geoff Clemm
+ IBM
+ 20 Maguire Road
+ Lexington, MA 02421
+ US
+
+ EMail: geoffrey.clemm@us.ibm.com
+
+
+ Julian F. Reschke (editor)
+ greenbytes GmbH
+ Hafenweg 16
+ Muenster, NW 48155
+ Germany
+
+ Phone: +49 251 2807760
+ Fax: +49 251 2807761
+ EMail: julian.reschke@greenbytes.de
+ URI: http://greenbytes.de/tech/webdav/
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Whitehead, et al. Experimental [Page 24]
+
+RFC 4437 WebDAV Redirect Reference Resources March 2006
+
+
+Full Copyright Statement
+
+ Copyright (C) The Internet Society (2006).
+
+ This document is subject to the rights, licenses and restrictions
+ contained in BCP 78, and except as set forth therein, the authors
+ retain all their rights.
+
+ This document and the information contained herein are provided on an
+ "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
+ OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
+ ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
+ INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
+ INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
+ WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+
+Intellectual Property
+
+ The IETF takes no position regarding the validity or scope of any
+ Intellectual Property Rights or other rights that might be claimed to
+ pertain to the implementation or use of the technology described in
+ this document or the extent to which any license under such rights
+ might or might not be available; nor does it represent that it has
+ made any independent effort to identify any such rights. Information
+ on the procedures with respect to rights in RFC documents can be
+ found in BCP 78 and BCP 79.
+
+ Copies of IPR disclosures made to the IETF Secretariat and any
+ assurances of licenses to be made available, or the result of an
+ attempt made to obtain a general license or permission for the use of
+ such proprietary rights by implementers or users of this
+ specification can be obtained from the IETF on-line IPR repository at
+ http://www.ietf.org/ipr.
+
+ The IETF invites any interested party to bring to its attention any
+ copyrights, patents or patent applications, or other proprietary
+ rights that may cover technology that may be required to implement
+ this standard. Please address the information to the IETF at
+ ietf-ipr@ietf.org.
+
+Acknowledgement
+
+ Funding for the RFC Editor function is provided by the IETF
+ Administrative Support Activity (IASA).
+
+
+
+
+
+
+
+Whitehead, et al. Experimental [Page 25]
+