rfc7238.txt		draft-ietf-httpbis-rfc7238bis-latest.txt
	Internet Engineering Task Force (IETF) J. Reschke		HTTP Working Group J. Reschke
	Request for Comments: 7238 greenbytes		Internet-Draft greenbytes
	Category: Experimental June 2014		Obsoletes: 7238 (if approved) March 2015
	ISSN: 2070-1721		Intended status: Standards Track
			Expires: September 2, 2015
	The Hypertext Transfer Protocol Status Code 308 (Permanent Redirect)		The Hypertext Transfer Protocol Status Code 308 (Permanent Redirect)
			draft-ietf-httpbis-rfc7238bis-latest
	Abstract		Abstract
	This document specifies the additional Hypertext Transfer Protocol		This document specifies the additional Hypertext Transfer Protocol
	(HTTP) status code 308 (Permanent Redirect).		(HTTP) status code 308 (Permanent Redirect).
	Status of This Memo		Status of This Memo
	This document is not an Internet Standards Track specification; it is		This Internet-Draft is submitted in full conformance with the
	published for examination, experimental implementation, and		provisions of BCP 78 and BCP 79.
	evaluation.
	This document defines an Experimental Protocol for the Internet		Internet-Drafts are working documents of the Internet Engineering
	community. This document is a product of the Internet Engineering		Task Force (IETF). Note that other groups may also distribute
	Task Force (IETF). It represents the consensus of the IETF		working documents as Internet-Drafts. The list of current Internet-
	community. It has received public review and has been approved for		Drafts is at http://datatracker.ietf.org/drafts/current/.
	publication by the Internet Engineering Steering Group (IESG). Not
	all documents approved by the IESG are a candidate for any level of
	Internet Standard; see Section 2 of RFC 5741.
	Information about the current status of this document, any errata,		Internet-Drafts are draft documents valid for a maximum of six months
	and how to provide feedback on it may be obtained at		and may be updated, replaced, or obsoleted by other documents at any
	http://www.rfc-editor.org/info/rfc7238.		time. It is inappropriate to use Internet-Drafts as reference
			material or to cite them other than as "work in progress."
			This Internet-Draft will expire on September 2, 2015.
	Copyright Notice		Copyright Notice
	Copyright (c) 2014 IETF Trust and the persons identified as the		Copyright (c) 2015 IETF Trust and the persons identified as the
	document authors. All rights reserved.		document authors. All rights reserved.
	This document is subject to BCP 78 and the IETF Trust's Legal		This document is subject to BCP 78 and the IETF Trust's Legal
	Provisions Relating to IETF Documents		Provisions Relating to IETF Documents
	(http://trustee.ietf.org/license-info) in effect on the date of		(http://trustee.ietf.org/license-info) in effect on the date of
	publication of this document. Please review these documents		publication of this document. Please review these documents
	carefully, as they describe your rights and restrictions with respect		carefully, as they describe your rights and restrictions with respect
	to this document. Code Components extracted from this document must		to this document. Code Components extracted from this document must
	include Simplified BSD License text as described in Section 4.e of		include Simplified BSD License text as described in Section 4.e of
	the Trust Legal Provisions and are provided without warranty as		the Trust Legal Provisions and are provided without warranty as
	described in the Simplified BSD License.		described in the Simplified BSD License.
	Table of Contents		Table of Contents
	1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3		1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
	2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 3		2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 3
	3. 308 Permanent Redirect . . . . . . . . . . . . . . . . . . . . 3		3. 308 Permanent Redirect . . . . . . . . . . . . . . . . . . . . 3
	4. Deployment Considerations . . . . . . . . . . . . . . . . . . . 4		4. Deployment Considerations . . . . . . . . . . . . . . . . . . . 4
	5. Security Considerations . . . . . . . . . . . . . . . . . . . . 5		5. Security Considerations . . . . . . . . . . . . . . . . . . . . 5
	6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5		6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
	7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 5		7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6
	8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6		7.1. Normative References . . . . . . . . . . . . . . . . . . . 6
	8.1. Normative References . . . . . . . . . . . . . . . . . . . 6		7.2. Informative References . . . . . . . . . . . . . . . . . . 6
	8.2. Informative References . . . . . . . . . . . . . . . . . . 6		Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . . 6
	1. Introduction		1. Introduction
	HTTP defines a set of status codes for the purpose of redirecting a		HTTP defines a set of status codes for the purpose of redirecting a
	request to a different URI ([RFC3986]). The history of these status		request to a different URI ([RFC3986]). The history of these status
	codes is summarized in Section 6.4 of [RFC7231], which also		codes is summarized in Section 6.4 of [RFC7231], which also
	classifies the existing status codes into four categories.		classifies the existing status codes into four categories.
	The first of these categories contains the status codes 301 (Moved		The first of these categories contains the status codes 301 (Moved
	Permanently), 302 (Found), and 307 (Temporary Redirect), which can be		Permanently), 302 (Found), and 307 (Temporary Redirect), which can be
	skipping to change at page 3, line 25 ¶		skipping to change at page 3, line 25 ¶
	+-------------------------------------------+-----------+-----------+		+-------------------------------------------+-----------+-----------+
	| | Permanent | Temporary |		| | Permanent | Temporary |
	+-------------------------------------------+-----------+-----------+		+-------------------------------------------+-----------+-----------+
	| Allows changing the request method from | 301 | 302 |		| Allows changing the request method from | 301 | 302 |
	| POST to GET | | |		| POST to GET | | |
	| Does not allow changing the request | - | 307 |		| Does not allow changing the request | - | 307 |
	| method from POST to GET | | |		| method from POST to GET | | |
	+-------------------------------------------+-----------+-----------+		+-------------------------------------------+-----------+-----------+
	Section 6.4.7 of [RFC7231] states that HTTP does not define a		Section 6.4.7 of [RFC7231] states that it does not define a permanent
	permanent variant of status code 307; this specification adds the		variant of status code 307; this specification adds the status code
	status code 308, defining this missing variant (Section 3).		308, defining this missing variant (Section 3).
			This specification contains no technical changes from the
			Experimental RFC 7238, which it obsoletes.
	2. Notational Conventions		2. Notational Conventions
	The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",		The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
	"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this		"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
	document are to be interpreted as described in [RFC2119].		document are to be interpreted as described in [RFC2119].
	3. 308 Permanent Redirect		3. 308 Permanent Redirect
	The "308 (Permanent Redirect)" status code indicates that the target		The "308 (Permanent Redirect)" status code indicates that the target
	skipping to change at page 4, line 4 ¶		skipping to change at page 4, line 7 ¶
	The server SHOULD generate a Location header field ([RFC7231],		The server SHOULD generate a Location header field ([RFC7231],
	Section 7.1.2) in the response containing a preferred URI reference		Section 7.1.2) in the response containing a preferred URI reference
	for the new permanent URI. The user agent MAY use the Location field		for the new permanent URI. The user agent MAY use the Location field
	value for automatic redirection. The server's response payload		value for automatic redirection. The server's response payload
	usually contains a short hypertext note with a hyperlink to the new		usually contains a short hypertext note with a hyperlink to the new
	URI(s).		URI(s).
	A 308 response is cacheable by default; i.e., unless otherwise		A 308 response is cacheable by default; i.e., unless otherwise
	indicated by the method definition or explicit cache controls (see		indicated by the method definition or explicit cache controls (see
	[RFC7234], Section 4.2.2).		[RFC7234], Section 4.2.2).
	Note: This status code is similar to 301 (Moved Permanently)		Note: This status code is similar to 301 (Moved Permanently)
	([RFC7231], Section 6.4.2), except that it does not allow changing		([RFC7231], Section 6.4.2), except that it does not allow changing
	the request method from POST to GET.		the request method from POST to GET.
	4. Deployment Considerations		4. Deployment Considerations
	Section 6 of [RFC7231] requires recipients to treat unknown 3xx		Section 6 of [RFC7231] requires recipients to treat unknown 3xx
	status codes the same way as status code 300 Multiple Choices		status codes the same way as status code 300 (Multiple Choices)
	([RFC7231], Section 6.4.1). Thus, servers will not be able to rely		([RFC7231], Section 6.4.1). Thus, servers will not be able to rely
	on automatic redirection happening similar to status codes 301, 302,		on automatic redirection happening similar to status codes 301, 302,
	or 307.		or 307.
	Therefore, initial use of status code 308 will be restricted to cases		Therefore, the use of status code 308 is restricted to cases where
	where the server has sufficient confidence in the client's		the server has sufficient confidence in the client's understanding
	understanding the new code or when a fallback to the semantics of		the new code or when a fallback to the semantics of status code 300
	status code 300 is not problematic. Server implementers are advised		is not problematic. Server implementers are advised not to vary the
	not to vary the status code based on characteristics of the request,		status code based on characteristics of the request, such as the
	such as the User-Agent header field ("User-Agent Sniffing") -- doing		User-Agent header field ("User-Agent Sniffing") -- doing so usually
	so usually results in code that is both hard to maintain and hard to		results in code that is both hard to maintain and hard to debug and
	debug and would also require special attention to caching (i.e.,		would also require special attention to caching (i.e., setting a
	setting a "Vary" response header field, as defined in Section 7.1.4		"Vary" response header field, as defined in Section 7.1.4 of
	of [RFC7231]).		[RFC7231]).
	Note that many existing HTML-based user agents will emulate a refresh		Note that many existing HTML-based user agents will emulate a refresh
	when encountering an HTML <meta> refresh directive ([HTML]). This		when encountering an HTML <meta> refresh directive ([HTML], Section
	can be used as another fallback. For example:		4.2.5.3). This can be used as another fallback. For example:
	Client request:		Client request:
	GET / HTTP/1.1		GET / HTTP/1.1
	Host: example.com		Host: example.com
	Server response:		Server response:
	HTTP/1.1 308 Permanent Redirect		HTTP/1.1 308 Permanent Redirect
	Content-Type: text/html; charset=UTF-8		Content-Type: text/html; charset=UTF-8
	Location: http://example.com/new		Location: http://example.com/new
	Content-Length: 454		Content-Length: 356
	<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"		<!DOCTYPE HTML>
	"http://www.w3.org/TR/html4/strict.dtd">
	<html>		<html>
	<head>		<head>
	<title>Permanent Redirect</title>		<title>Permanent Redirect</title>
	<meta http-equiv="refresh"		<meta http-equiv="refresh"
	content="0; url=http://example.com/new">		content="0; url=http://example.com/new">
	</head>		</head>
	<body>		<body>
	<p>		<p>
	The document has been moved to		The document has been moved to
	<a href="http://example.com/new"		<a href="http://example.com/new"
	>http://example.com/new</a>.		>http://example.com/new</a>.
	</p>		</p>
	</body>		</body>
	</html>		</html>
	5. Security Considerations		5. Security Considerations
	All security considerations that apply to HTTP redirects apply to the		All security considerations that apply to HTTP redirects apply to the
	308 status code as well (see Section 9 of [RFC7231]).		308 status code as well (see Section 9 of [RFC7231]).
			Unsecured communication over the Internet is subject to man-in-the-
			middle modification of messages, including changing status codes or
			redirect targets. Use of Transport Layer Security (TLS) is one way
			to mitigate those attacks. See Section 9 of [RFC7230] for related
			attacks on authority and message integrity.
	6. IANA Considerations		6. IANA Considerations
	The registration below has been added to the "Hypertext Transfer		The "Hypertext Transfer Protocol (HTTP) Status Code Registry"
	Protocol (HTTP) Status Code Registry" (defined in Section 8.2 of		(defined in Section 8.2 of [RFC7231] and located at
	[RFC7231] and located at		<http://www.iana.org/assignments/http-status-codes>) has been updated
	<http://www.iana.org/assignments/http-status-codes>):		to reference this specification.
	+-------+--------------------+---------------------------------+		+-------+--------------------+---------------------------------+
	| Value | Description | Reference |		| Value | Description | Reference |
	+-------+--------------------+---------------------------------+		+-------+--------------------+---------------------------------+
	| 308 | Permanent Redirect | Section 3 of this specification |		| 308 | Permanent Redirect | Section 3 of this specification |
	+-------+--------------------+---------------------------------+		+-------+--------------------+---------------------------------+
	7. Acknowledgements		7. References
	The definition for the new status code 308 reuses text from the
	HTTP/1.1 definitions of status codes 301 and 307.
	Furthermore, thanks to Ben Campbell, Cyrus Daboo, Eran Hammer-Lahav,
	Bjoern Hoehrmann, Subramanian Moonesamy, Peter Saint-Andre, and
	Robert Sparks for feedback on this document.
	8. References
	8.1. Normative References		7.1. Normative References
	[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate		[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
	Requirement Levels", BCP 14, RFC 2119, March 1997.		Requirement Levels", BCP 14, RFC 2119, March 1997,
			<http://www.rfc-editor.org/info/rfc2119>.
	[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform		[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
	Resource Identifier (URI): Generic Syntax", STD 66,		Resource Identifier (URI): Generic Syntax", STD 66,
	RFC 3986, January 2005.		RFC 3986, January 2005,
			<http://www.rfc-editor.org/info/rfc3986>.
	[RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer		[RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
	Protocol (HTTP/1.1): Message Syntax and Routing",		Protocol (HTTP/1.1): Message Syntax and Routing",
	RFC 7230, June 2014.		RFC 7230, June 2014,
			<http://www.rfc-editor.org/info/rfc7230>.
	[RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer		[RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
	Protocol (HTTP/1.1): Semantics and Content", RFC 7231,		Protocol (HTTP/1.1): Semantics and Content", RFC 7231,
	June 2014.		June 2014, <http://www.rfc-editor.org/info/rfc7231>.
	[RFC7234] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,		[RFC7234] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
	Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",		Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",
	RFC 7234, June 2014.		RFC 7234, June 2014,
			<http://www.rfc-editor.org/info/rfc7234>.
	8.2. Informative References		7.2. Informative References
	[HTML] Raggett, D., Le Hors, A., and I. Jacobs, "HTML 4.01		[HTML] Hickson, I., Berjon, R., Faulkner, S., Leithead, T., Doyle
	Specification", W3C Recommendation REC-html401-19991224,		Navara, E., O'Connor, E., and S. Pfeiffer, "HTML5", W3C
	December 1999,		Recommendation REC-html5-20141028, October 2014,
	<http://www.w3.org/TR/1999/REC-html401-19991224>.		<http://www.w3.org/TR/2014/REC-html5-20141028/>.
	Latest version available at		Latest version available at <http://www.w3.org/TR/html5/>.
	<http://www.w3.org/TR/html401>.
			Appendix A. Acknowledgements
			The definition for the new status code 308 reuses text from the
			HTTP/1.1 definitions of status codes 301 and 307.
			Furthermore, thanks to Ben Campbell, Cyrus Daboo, Adrian Farrell,
			Eran Hammer-Lahav, Bjoern Hoehrmann, Barry Leiba, Subramanian
			Moonesamy, Kathleen Moriarty, Peter Saint-Andre, Robert Sparks, and
			Roy Fielding for feedback on this document.
	Author's Address		Author's Address
	Julian F. Reschke		Julian F. Reschke
	greenbytes GmbH		greenbytes GmbH
	Hafenweg 16		Hafenweg 16
	Muenster, NW 48155		Muenster, NW 48155
	Germany		Germany
	EMail: julian.reschke@greenbytes.de		EMail: julian.reschke@greenbytes.de
End of changes. 26 change blocks.
	69 lines changed or deleted		81 lines changed or added
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/