draft-ietf-httpbis-header-structure-03.txt   draft-ietf-httpbis-header-structure-latest.txt 
HTTP Working Group M. Nottingham HTTP Working Group M. Nottingham
Internet-Draft Fastly Internet-Draft Fastly
Intended status: Standards Track P-H. Kamp Intended status: Standards Track P-H. Kamp
Expires: August 5, 2018 The Varnish Cache Project Expires: August 26, 2018 The Varnish Cache Project
February 1, 2018 February 22, 2018
Structured Headers for HTTP Structured Headers for HTTP
draft-ietf-httpbis-header-structure-03 draft-ietf-httpbis-header-structure-latest
Abstract Abstract
This document describes a set of data types and parsing algorithms This document describes a set of data types and parsing algorithms
associated with them that are intended to make it easier and safer to associated with them that are intended to make it easier and safer to
define and handle HTTP header fields. It is intended for use by new define and handle HTTP header fields. It is intended for use by new
specifications of HTTP header fields as well as revisions of existing specifications of HTTP header fields as well as revisions of existing
header field specifications when doing so does not cause header field specifications when doing so does not cause
interoperability issues. interoperability issues.
skipping to change at page 1, line 49 skipping to change at page 1, line 49
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 5, 2018. This Internet-Draft will expire on August 26, 2018.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Notational Conventions . . . . . . . . . . . . . . . . . 3 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 4
2. Specifying Structured Headers . . . . . . . . . . . . . . . . 4 2. Specifying Structured Headers . . . . . . . . . . . . . . . . 4
3. Parsing Text into Structured Headers . . . . . . . . . . . . 5 3. Parsing Text into Structured Headers . . . . . . . . . . . . 5
4. Structured Header Data Types . . . . . . . . . . . . . . . . 6 4. Structured Header Data Types . . . . . . . . . . . . . . . . 6
4.1. Dictionaries . . . . . . . . . . . . . . . . . . . . . . 6 4.1. Dictionaries . . . . . . . . . . . . . . . . . . . . . . 6
4.2. Lists . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4.2. Lists . . . . . . . . . . . . . . . . . . . . . . . . . . 8
4.3. Parameterised Labels . . . . . . . . . . . . . . . . . . 9 4.3. Parameterised Labels . . . . . . . . . . . . . . . . . . 9
4.4. Items . . . . . . . . . . . . . . . . . . . . . . . . . . 10 4.4. Items . . . . . . . . . . . . . . . . . . . . . . . . . . 10
4.5. Integers . . . . . . . . . . . . . . . . . . . . . . . . 11 4.5. Integers . . . . . . . . . . . . . . . . . . . . . . . . 11
4.6. Floats . . . . . . . . . . . . . . . . . . . . . . . . . 11 4.6. Floats . . . . . . . . . . . . . . . . . . . . . . . . . 12
4.7. Strings . . . . . . . . . . . . . . . . . . . . . . . . . 12 4.7. Strings . . . . . . . . . . . . . . . . . . . . . . . . . 12
4.8. Labels . . . . . . . . . . . . . . . . . . . . . . . . . 14 4.8. Identifiers . . . . . . . . . . . . . . . . . . . . . . . 14
4.9. Binary Content . . . . . . . . . . . . . . . . . . . . . 15 4.9. Binary Content . . . . . . . . . . . . . . . . . . . . . 15
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16
6. Security Considerations . . . . . . . . . . . . . . . . . . . 16 6. Security Considerations . . . . . . . . . . . . . . . . . . . 16
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 16
7.1. Normative References . . . . . . . . . . . . . . . . . . 16 7.1. Normative References . . . . . . . . . . . . . . . . . . 16
7.2. Informative References . . . . . . . . . . . . . . . . . 17 7.2. Informative References . . . . . . . . . . . . . . . . . 17
7.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 17 7.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . 17 Appendix A. Changes . . . . . . . . . . . . . . . . . . . . . . 17
A.1. Since draft-ietf-httpbis-header-structure-02 . . . . . . 17 A.1. Since draft-ietf-httpbis-header-structure-03 . . . . . . 17
A.2. Since draft-ietf-httpbis-header-structure-01 . . . . . . 18 A.2. Since draft-ietf-httpbis-header-structure-02 . . . . . . 17
A.3. Since draft-ietf-httpbis-header-structure-00 . . . . . . 18 A.3. Since draft-ietf-httpbis-header-structure-01 . . . . . . 18
A.4. Since draft-ietf-httpbis-header-structure-00 . . . . . . 18
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18
1. Introduction 1. Introduction
Specifying the syntax of new HTTP header fields is an onerous task; Specifying the syntax of new HTTP header fields is an onerous task;
even with the guidance in [RFC7231], Section 8.3.1, there are many even with the guidance in [RFC7231], Section 8.3.1, there are many
decisions - and pitfalls - for a prospective HTTP header field decisions - and pitfalls - for a prospective HTTP header field
author. author.
Once a header field is defined, bespoke parsers for it often need to Once a header field is defined, bespoke parsers for it often need to
skipping to change at page 5, line 15 skipping to change at page 5, line 15
# FooExample Header # FooExample Header
The FooExample HTTP header field conveys a list of integers about how The FooExample HTTP header field conveys a list of integers about how
much Foo the sender has. much Foo the sender has.
FooExample is a Structured header [RFCxxxx]. Its value MUST be a FooExample is a Structured header [RFCxxxx]. Its value MUST be a
dictionary ([RFCxxxx], Section Y.Y). dictionary ([RFCxxxx], Section Y.Y).
The dictionary MUST contain: The dictionary MUST contain:
* A member whose key is "foo", and whose value is an integer * Exactly one member whose key is "foo", and whose value is an integer
([RFCxxxx], Section Y.Y), indicating the number of foos in ([RFCxxxx], Section Y.Y), indicating the number of foos in
the message. the message.
* A member whose key is "barUrls", and whose value is a string * Exactly one member whose key is "barUrls", and whose value is a string
([RFCxxxx], Section Y.Y), conveying the Bar URLs for the message. ([RFCxxxx], Section Y.Y), conveying the Bar URLs for the message.
See below for processing requirements. See below for processing requirements.
If the parsed header field does not contain both, it MUST be ignored. If the parsed header field does not contain both, it MUST be ignored.
"foo" MUST be between 0 and 10, inclusive; other values MUST be ignored.
"barUrls" contains a space-separated list of URI-references ([RFC3986], "barUrls" contains a space-separated list of URI-references ([RFC3986],
Section 4.1): Section 4.1):
barURLs = URI-reference *( 1*SP URI-reference ) barURLs = URI-reference *( 1*SP URI-reference )
If a member of barURLs is not a valid URI-reference, it MUST be ignored. If a member of barURLs is not a valid URI-reference, it MUST be ignored.
If a member of barURLs is a relative reference ([RFC3986], Section 4.2), If a member of barURLs is a relative reference ([RFC3986], Section 4.2),
it MUST be resolved ([RFC3986], Section 5) before being used. it MUST be resolved ([RFC3986], Section 5) before being used.
Note that empty header field values are not allowed by the syntax, Note that empty header field values are not allowed by the syntax,
and therefore will be considered errors. and therefore parsing for them will fail.
3. Parsing Text into Structured Headers 3. Parsing Text into Structured Headers
When a receiving implementation parses textual HTTP header fields When a receiving implementation parses textual HTTP header fields
(e.g., in HTTP/1 or HTTP/2) that are known to be Structured Headers, (e.g., in HTTP/1 or HTTP/2) that are known to be Structured Headers,
it is important that care be taken, as there are a number of edge it is important that care be taken, as there are a number of edge
cases that can cause interoperability or even security problems. cases that can cause interoperability or even security problems.
This section specifies the algorithm for doing so. This section specifies the algorithm for doing so.
Given an ASCII string input_string that represents the chosen Given an ASCII string input_string that represents the chosen
header's field-value, return the parsed header value. header's field-value, return the parsed header value. When
generating input_string, parsers MUST combine all instances of the
target header field into one comma-separated field-value, as per
[RFC7230], Section 3.2.2; this assures that the header is processed
correctly.
1. Discard any leading OWS from input_string. 1. Discard any leading OWS from input_string.
2. If the field-value is defined to be a dictionary, let output be 2. If the field-value is defined to be a dictionary, let output be
the result of Parsing a Dictionary from Textual headers the result of Parsing a Dictionary from Textual headers
(Section 4.1.1). (Section 4.1.1).
3. If the field-value is defined to be a list, let output be the 3. If the field-value is defined to be a list, let output be the
result of Parsing a List from Text (Section 4.2.1). result of Parsing a List from Text (Section 4.2.1).
4. If the field-value is defined to be a parameterised label, let 4. If the field-value is defined to be a parameterised label, let
output be the result of Parsing a Parameterised Label from output be the result of Parsing a Parameterised Label from
Textual headers (Section 4.3.1). Textual headers (Section 4.3.1).
5. Otherwise, let output be the result of Parsing an Item from Text 5. Otherwise, let output be the result of Parsing an Item from Text
(Section 4.4.1). (Section 4.4.1).
6. Discard any leading OWS from input_string. 6. Discard any leading OWS from input_string.
7. If input_string is not empty, throw an error. 7. If input_string is not empty, fail parsing.
8. Otherwise, return output. 8. Otherwise, return output.
When generating input_string for a given header field, parsers MUST
combine all instances of it into one comma-separated field-value, as
per [RFC7230], Section 3.2.2; this assures that the header is
processed correctly.
Note that in the case of lists and dictionaries, this has the effect Note that in the case of lists and dictionaries, this has the effect
of coalescing all of the values for that field. However, for of coalescing all of the values for that field. However, for
singular items and parameterised labels, it will result in an error singular items and parameterised labels, parsing will fail if more
being thrown. than instance of that header field is present.
Additionally, note that the effect of the parsing algorithms as If parsing fails, the entire header field's value MUST be discarded.
specified is generally intolerant of syntax errors; if one is This is intentionally strict, to improve interoperability and safety,
encountered, the typical response is to throw an error, thereby and specifications referencing this document MUST NOT loosen this
discarding the entire header field value. This includes any non- requirement.
ASCII characters in input_string.
Note that this has the effect of discarding any header field with
non-ASCII characters in input_string.
4. Structured Header Data Types 4. Structured Header Data Types
This section defines the abstract value types that can be composed This section defines the abstract value types that can be composed
into Structured Headers, along with the textual HTTP serialisations into Structured Headers, along with the textual HTTP serialisations
of them. of them.
4.1. Dictionaries 4.1. Dictionaries
Dictionaries are unordered maps of key-value pairs, where the keys Dictionaries are unordered maps of key-value pairs, where the keys
are labels (Section 4.8) and the values are items (Section 4.4). are identifiers (Section 4.8) and the values are items (Section 4.4).
There can be between 1 and 1024 members, and keys are required to be There can be between 1 and 1024 members, and keys are required to be
unique. unique.
In the textual HTTP serialisation, keys and values are separated by In the textual HTTP serialisation, keys and values are separated by
"=" (without whitespace), and key/value pairs are separated by a "=" (without whitespace), and key/value pairs are separated by a
comma with optional whitespace. Duplicate keys MUST be considered an comma with optional whitespace. Duplicate keys MUST cause parsing to
error. fail.
dictionary = label "=" item *1023( OWS "," OWS label "=" item ) dictionary = dictionary_member *1023( OWS "," OWS dictionary_member )
dictionary_member = identifier "=" item
For example, a header field whose value is defined as a dictionary For example, a header field whose value is defined as a dictionary
could look like: could look like:
ExampleDictHeader: foo=1.23, en="Applepie", da=*w4ZibGV0w6ZydGUK ExampleDictHeader: foo=1.23, en="Applepie", da=*w4ZibGV0w6ZydGUK
Typically, a header field specification will define the semantics of Typically, a header field specification will define the semantics of
individual keys, as well as whether their presence is required or individual keys, as well as whether their presence is required or
optional. Recipients MUST ignore keys that are undefined or unknown, optional. Recipients MUST ignore keys that are undefined or unknown,
unless the header field's specification specifically disallows them. unless the header field's specification specifically disallows them.
4.1.1. Parsing a Dictionary from Text 4.1.1. Parsing a Dictionary from Text
Given an ASCII string input_string, return a mapping of (label, Given an ASCII string input_string, return a mapping of (identifier,
item). input_string is modified to remove the parsed value. item). input_string is modified to remove the parsed value.
1. Let dictionary be an empty, unordered mapping. 1. Let dictionary be an empty, unordered mapping.
2. While input_string is not empty: 2. While input_string is not empty:
1. Let this_key be the result of running Parse Label from Text 1. Let this_key be the result of running Parse Identifier from
(Section 4.8.1) with input_string. If an error is Text (Section 4.8.1) with input_string.
encountered, throw it.
2. If dictionary already contains this_key, throw an error. 2. If dictionary already contains this_key, fail parsing.
3. Consume a "=" from input_string; if none is present, throw 3. Consume a "=" from input_string; if none is present, fail
an error. parsing.
4. Let this_value be the result of running Parse Item from Text 4. Let this_value be the result of running Parse Item from Text
(Section 4.4.1) with input_string. If an error is (Section 4.4.1) with input_string.
encountered, throw it.
5. Add key this_key with value this_value to dictionary. 5. Add key this_key with value this_value to dictionary.
6. If dictionary has more than 1024 members, throw an error. 6. If dictionary has more than 1024 members, fail parsing.
7. Discard any leading OWS from input_string. 7. Discard any leading OWS from input_string.
8. If input_string is empty, return dictionary. 8. If input_string is empty, return dictionary.
9. Consume a COMMA from input_string; if no comma is present, 9. Consume a COMMA from input_string; if no comma is present,
throw an error. fail parsing.
10. Discard any leading OWS from input_string. 10. Discard any leading OWS from input_string.
3. Return dictionary. 11. If input_string is empty, fail parsing.
3. If dictionary is empty, fail parsing.
4. Return dictionary.
4.2. Lists 4.2. Lists
Lists are arrays of items (Section 4.4) or parameterised labels Lists are arrays of items (Section 4.4) or parameterised labels
(Section 4.3), with one to 1024 members. (Section 4.3), with one to 1024 members.
In the textual HTTP serialisation, each member is separated by a In the textual HTTP serialisation, each member is separated by a
comma and optional whitespace. comma and optional whitespace.
list = list_member 0*1023( OWS "," OWS list_member ) list = list_member 0*1023( OWS "," OWS list_member )
list_member = item / parameterised list_member = item / parameterised
For example, a header field whose value is defined as a list of For example, a header field whose value is defined as a list of
labels could look like: identifiers could look like:
ExampleLabelListHeader: foo, bar, baz_45 ExampleIdListHeader: foo, bar, baz_45
and a header field whose value is defined as a list of parameterised and a header field whose value is defined as a list of parameterised
labels could look like: labels could look like:
ExampleParamListHeader: abc/def; g="hi";j, klm/nop ExampleParamListHeader: abc/def; g="hi";j, klm/nop
4.2.1. Parsing a List from Text 4.2.1. Parsing a List from Text
Given an ASCII string input_string, return a list of items. Given an ASCII string input_string, return a list of items.
input_string is modified to remove the parsed value. input_string is modified to remove the parsed value.
1. Let items be an empty array. 1. Let items be an empty array.
2. While input_string is not empty: 2. While input_string is not empty:
1. Let item be the result of running Parse Item from Text 1. Let item be the result of running Parse Item from Text
(Section 4.4.1) with input_string. If an error is (Section 4.4.1) with input_string.
encountered, throw it.
2. Append item to items. 2. Append item to items.
3. If items has more than 1024 members, throw an error. 3. If items has more than 1024 members, fail parsing.
4. Discard any leading OWS from input_string. 4. Discard any leading OWS from input_string.
5. If input_string is empty, return items. 5. If input_string is empty, return items.
6. Consume a COMMA from input_string; if no comma is present, 6. Consume a COMMA from input_string; if no comma is present,
throw an error. fail parsing.
7. Discard any leading OWS from input_string. 7. Discard any leading OWS from input_string.
3. Return items. 8. If input_string is empty, fail parsing.
3. If items is empty, fail parsing.
4. Return items.
4.3. Parameterised Labels 4.3. Parameterised Labels
Parameterised Labels are labels (Section 4.8) with up to 256 Parameterised Labels are identifiers (Section 4.8) with up to 256
parameters; each parameter has a label and an optional value that is parameters; each parameter has a identifier and an optional value
an item (Section 4.4). Ordering between parameters is not that is an item (Section 4.4). Ordering between parameters is not
significant, and duplicate parameters MUST be considered an error. significant, and duplicate parameters MUST cause parsing to fail.
The textual HTTP serialisation uses semicolons (";") to delimit the The textual HTTP serialisation uses semicolons (";") to delimit the
parameters from each other, and equals ("=") to delimit the parameter parameters from each other, and equals ("=") to delimit the parameter
name from its value. name from its value.
parameterised = label *256( OWS ";" OWS label [ "=" item ] ) parameterised = identifier *256( OWS ";" OWS identifier [ "=" item ] )
For example, For example,
ExampleParamHeader: abc_123;a=1;b=2; c ExampleParamHeader: abc_123;a=1;b=2; c
4.3.1. Parsing a Parameterised Label from Text 4.3.1. Parsing a Parameterised Label from Text
Given an ASCII string input_string, return a label with an mapping of Given an ASCII string input_string, return a identifier with an
parameters. input_string is modified to remove the parsed value. mapping of parameters. input_string is modified to remove the parsed
value.
1. Let primary_label be the result of Parsing a Label from Text 1. Let primary_identifier be the result of Parsing a Identifier from
(Section 4.8.1) from input_string. Text (Section 4.8.1) from input_string.
2. Let parameters be an empty, unordered mapping. 2. Let parameters be an empty, unordered mapping.
3. In a loop: 3. In a loop:
1. Discard any leading OWS from input_string. 1. Discard any leading OWS from input_string.
2. If the first character of input_string is not ";", exit the 2. If the first character of input_string is not ";", exit the
loop. loop.
3. Consume a ";" character from the beginning of input_string. 3. Consume a ";" character from the beginning of input_string.
4. Discard any leading OWS from input_string. 4. Discard any leading OWS from input_string.
5. let param_name be the result of Parsing a Label from Text 5. let param_name be the result of Parsing a Identifier from
(Section 4.8.1) from input_string. Text (Section 4.8.1) from input_string.
6. If param_name is already present in parameters, throw an 6. If param_name is already present in parameters, fail
error. parsing.
7. Let param_value be a null value. 7. Let param_value be a null value.
8. If the first character of input_string is "=": 8. If the first character of input_string is "=":
1. Consume the "=" character at the beginning of 1. Consume the "=" character at the beginning of
input_string. input_string.
2. Let param_value be the result of Parsing an Item from 2. Let param_value be the result of Parsing an Item from
Text (Section 4.4.1) from input_string. Text (Section 4.4.1) from input_string.
9. If parameters has more than 255 members, throw an error. 9. If parameters has more than 255 members, fail parsing.
10. Add param_name to parameters with the value param_value. 10. Add param_name to parameters with the value param_value.
4. Return the tuple (primary_label, parameters). 4. Return the tuple (primary_identifier, parameters).
4.4. Items 4.4. Items
An item is can be a integer (Section 4.5), float (Section 4.6), An item is can be a integer (Section 4.5), float (Section 4.6),
string (Section 4.7), label (Section 4.8) or binary content string (Section 4.7), identifier (Section 4.8) or binary content
(Section 4.9). (Section 4.9).
item = integer / float / string / label / binary item = integer / float / string / identifier / binary
4.4.1. Parsing an Item from Text 4.4.1. Parsing an Item from Text
Given an ASCII string input_string, return an item. input_string is Given an ASCII string input_string, return an item. input_string is
modified to remove the parsed value. modified to remove the parsed value.
1. Discard any leading OWS from input_string. 1. Discard any leading OWS from input_string.
2. If the first character of input_string is a "-" or a DIGIT, 2. If the first character of input_string is a "-" or a DIGIT,
process input_string as a number (Section 4.5.1) and return the process input_string as a number (Section 4.5.1) and return the
result, throwing any errors encountered. result.
3. If the first character of input_string is a DQUOTE, process 3. If the first character of input_string is a DQUOTE, process
input_string as a string (Section 4.7.1) and return the result, input_string as a string (Section 4.7.1) and return the result.
throwing any errors encountered.
4. If the first character of input_string is "*", process 4. If the first character of input_string is "*", process
input_string as binary content (Section 4.9.1) and return the input_string as binary content (Section 4.9.1) and return the
result, throwing any errors encountered. result.
5. If the first character of input_string is an lcalpha, process 5. If the first character of input_string is an lcalpha, process
input_string as a label (Section 4.8.1) and return the result, input_string as a identifier (Section 4.8.1) and return the
throwing any errors encountered. result.
6. Otherwise, throw an error. 6. Otherwise, fail parsing.
4.5. Integers 4.5. Integers
Abstractly, integers have a range of -9,223,372,036,854,775,808 to Abstractly, integers have a range of -9,223,372,036,854,775,808 to
9,223,372,036,854,775,807 inclusive (i.e., a 64-bit signed integer). 9,223,372,036,854,775,807 inclusive (i.e., a 64-bit signed integer).
integer = ["-"] 1*19DIGIT integer = ["-"] 1*19DIGIT
Parsers that encounter an integer outside the range defined above Parsers that encounter an integer outside the range defined above
MUST throw an error. Therefore, the value "9223372036854775809" MUST fail parsing. Therefore, the value "9223372036854775808" would
would be invalid. Likewise, values that do not conform to the ABNF be invalid. Likewise, values that do not conform to the ABNF above
above are invalid, and MUST throw an error. are invalid, and MUST fail parsing.
For example, a header whose value is defined as a integer could look For example, a header whose value is defined as a integer could look
like: like:
ExampleIntegerHeader: 42 ExampleIntegerHeader: 42
4.5.1. Parsing a Number from Text 4.5.1. Parsing a Number from Text
NOTE: This algorithm parses both Integers and Floats Section 4.6, and NOTE: This algorithm parses both Integers and Floats Section 4.6, and
returns the corresponding structure. returns the corresponding structure.
1. If the first character of input_string is not "-" or a DIGIT, 1. If the first character of input_string is not "-" or a DIGIT,
throw an error. fail parsing.
2. Let input_number be the result of consuming input_string up to 2. Let input_number be the result of consuming input_string up to
(but not including) the first character that is not in DIGIT, (but not including) the first character that is not in DIGIT,
"-", and ".". "-", and ".".
3. If input_number contains ".", parse it as a floating point number 3. If input_number contains ".", parse it as a floating point number
and let output_number be the result. and let output_number be the result.
4. Otherwise, parse input_number as an integer and let output_number 4. Otherwise, parse input_number as an integer and let output_number
be the result. be the result.
skipping to change at page 12, line 22 skipping to change at page 12, line 34
7DIGIT "." 1*8DIGIT / 7DIGIT "." 1*8DIGIT /
8DIGIT "." 1*7DIGIT / 8DIGIT "." 1*7DIGIT /
9DIGIT "." 1*6DIGIT / 9DIGIT "." 1*6DIGIT /
10DIGIT "." 1*5DIGIT / 10DIGIT "." 1*5DIGIT /
11DIGIT "." 1*4DIGIT / 11DIGIT "." 1*4DIGIT /
12DIGIT "." 1*3DIGIT / 12DIGIT "." 1*3DIGIT /
13DIGIT "." 1*2DIGIT / 13DIGIT "." 1*2DIGIT /
14DIGIT "." 1DIGIT ) 14DIGIT "." 1DIGIT )
Values that do not conform to the ABNF above are invalid, and MUST Values that do not conform to the ABNF above are invalid, and MUST
throw an error. fail parsing.
For example, a header whose value is defined as a float could look For example, a header whose value is defined as a float could look
like: like:
ExampleFloatHeader: 4.5 ExampleFloatHeader: 4.5
See Section 4.5.1 for the parsing algorithm for floats. See Section 4.5.1 for the parsing algorithm for floats.
4.7. Strings 4.7. Strings
Abstractly, strings are ASCII strings [RFC0020], excluding control Abstractly, strings are up to 1024 printable ASCII [RFC0020]
characters (i.e., the range 0x20 to 0x7E). Note that this excludes characters (i.e., the range 0x20 to 0x7E). Note that this excludes
tabs, newlines and carriage returns. They may be at most 1024 tabs, newlines and carriage returns.
characters long.
The textual HTTP serialisation of strings uses a backslash ("") to The textual HTTP serialisation of strings uses a backslash ("\") to
escape double quotes and backslashes in strings. escape double quotes and backslashes in strings.
string = DQUOTE 0*1024(char) DQUOTE string = DQUOTE 0*1024(char) DQUOTE
char = unescaped / escape ( DQUOTE / "\" ) char = unescaped / escape ( DQUOTE / "\" )
unescaped = %x20-21 / %x23-5B / %x5D-7E unescaped = %x20-21 / %x23-5B / %x5D-7E
escape = "\" escape = "\"
For example, a header whose value is defined as a string could look For example, a header whose value is defined as a string could look
like: like:
skipping to change at page 13, line 4 skipping to change at page 13, line 14
string = DQUOTE 0*1024(char) DQUOTE string = DQUOTE 0*1024(char) DQUOTE
char = unescaped / escape ( DQUOTE / "\" ) char = unescaped / escape ( DQUOTE / "\" )
unescaped = %x20-21 / %x23-5B / %x5D-7E unescaped = %x20-21 / %x23-5B / %x5D-7E
escape = "\" escape = "\"
For example, a header whose value is defined as a string could look For example, a header whose value is defined as a string could look
like: like:
ExampleStringHeader: "hello world" ExampleStringHeader: "hello world"
Note that strings only use DQUOTE as a delimiter; single quotes do Note that strings only use DQUOTE as a delimiter; single quotes do
not delimit strings. Furthermore, only DQUOTE and "" can be escaped; not delimit strings. Furthermore, only DQUOTE and "\" can be
other sequences MUST generate an error. escaped; other sequences MUST cause parsing to fail.
Unicode is not directly supported in Structured Headers, because it Unicode is not directly supported in Structured Headers, because it
causes a number of interoperability issues, and - with few exceptions causes a number of interoperability issues, and - with few exceptions
- header values do not require it. - header values do not require it.
When it is necessary for a field value to convey non-ASCII string When it is necessary for a field value to convey non-ASCII string
content, binary content (Section 4.9) SHOULD be specified, along with content, binary content (Section 4.9) SHOULD be specified, along with
a character encoding (most likely, UTF-8). a character encoding (preferably, UTF-8).
4.7.1. Parsing a String from Text 4.7.1. Parsing a String from Text
Given an ASCII string input_string, return an unquoted string. Given an ASCII string input_string, return an unquoted string.
input_string is modified to remove the parsed value. input_string is modified to remove the parsed value.
1. Let output_string be an empty string. 1. Let output_string be an empty string.
2. If the first character of input_string is not DQUOTE, throw an 2. If the first character of input_string is not DQUOTE, fail
error. parsing.
3. Discard the first character of input_string. 3. Discard the first character of input_string.
4. While input_string is not empty: 4. While input_string is not empty:
1. Let char be the result of removing the first character of 1. Let char be the result of removing the first character of
input_string. input_string.
2. If char is a backslash ("\"): 2. If char is a backslash ("\"):
1. If input_string is now empty, throw an error. 1. If input_string is now empty, fail parsing.
2. Else: 2. Else:
1. Let next_char be the result of removing the first 1. Let next_char be the result of removing the first
character of input_string. character of input_string.
2. If next_char is not DQUOTE or "\", throw an error. 2. If next_char is not DQUOTE or "\", fail parsing.
3. Append next_char to output_string. 3. Append next_char to output_string.
3. Else, if char is DQUOTE, return output_string. 3. Else, if char is DQUOTE, return output_string.
4. Else, append char to output_string. 4. Else, append char to output_string.
5. If output_string contains more than 1024 characters, throw an 5. If output_string contains more than 1024 characters, fail
error. parsing.
5. Otherwise, throw an error. 5. Otherwise, fail parsing.
4.8. Labels 4.8. Identifiers
Labels are short (up to 256 characters) textual identifiers; their Identifiers are short (up to 256 characters) textual identifiers;
abstract model is identical to their expression in the textual HTTP their abstract model is identical to their expression in the textual
serialisation. HTTP serialisation.
label = lcalpha *255( lcalpha / DIGIT / "_" / "-"/ "*" / "/" ) identifier = lcalpha *255( lcalpha / DIGIT / "_" / "-"/ "*" / "/" )
lcalpha = %x61-7A ; a-z lcalpha = %x61-7A ; a-z
Note that labels can only contain lowercase letters. Note that identifiers can only contain lowercase letters.
For example, a header whose value is defined as a label could look For example, a header whose value is defined as a identifier could
like: look like:
ExampleLabelHeader: foo/bar ExampleIdHeader: foo/bar
4.8.1. Parsing a Label from Text 4.8.1. Parsing a Identifier from Text
Given an ASCII string input_string, return a label. input_string is Given an ASCII string input_string, return a identifier. input_string
modified to remove the parsed value. is modified to remove the parsed value.
1. If the first character of input_string is not lcalpha, throw an 1. If the first character of input_string is not lcalpha, fail
error. parsing.
2. Let output_string be an empty string. 2. Let output_string be an empty string.
3. While input_string is not empty: 3. While input_string is not empty:
1. Let char be the result of removing the first character of 1. Let char be the result of removing the first character of
input_string. input_string.
2. If char is not one of lcalpha, DIGIT, "_", "-", "*" or "/": 2. If char is not one of lcalpha, DIGIT, "_", "-", "*" or "/":
1. Prepend char to input_string. 1. Prepend char to input_string.
2. Return output_string. 2. Return output_string.
3. Append char to output_string. 3. Append char to output_string.
4. If output_string contains more than 256 characters, throw an 4. If output_string contains more than 256 characters, fail
error. parsing.
4. Return output_string. 4. Return output_string.
4.9. Binary Content 4.9. Binary Content
Arbitrary binary content up to 16K in size can be conveyed in Arbitrary binary content up to 16384 bytes in size can be conveyed in
Structured Headers. Structured Headers.
The textual HTTP serialisation indicates their presence by a leading The textual HTTP serialisation encodes the data using Base 64
"*", with the data encoded using Base 64 Encoding [RFC4648], Encoding [RFC4648], Section 4, and surrounds it with a pair of
Section 4. asterisks ("*") to delimit from other content.
Parsers MUST consider encoded data that is padded an error, as "=" The encoded data is required to be padded with "=", as per [RFC4648],
might be confused with the use of dictionaries). See [RFC4648], Section 3.2. It is RECOMMENDED that parsers reject encoded data that
Section 3.2. is not properly padded, although this might not be possible with some
base64 implementations.
Likewise, parsers MUST consider encoded data that has non-zero pad Likewise, encoded data is required to have pad bits set to zero, as
bits an error. See [RFC4648], Section 3.5. per [RFC4648], Section 3.5. It is RECOMMENDED that parsers fail on
encoded data that has non-zero pad bits, although this might not be
possible with some base64 implementations.
This specification does not relax the requirements in [RFC4648], This specification does not relax the requirements in [RFC4648],
Section 3.1 and 3.3; therefore, parsers MUST consider characters Section 3.1 and 3.3; therefore, parsers MUST fail on characters
outside the base64 alphabet and line feeds in encoded data as errors. outside the base64 alphabet, and on line feeds in encoded data.
binary = "*" 0*21846(base64) "*" binary = "*" 0*21846(base64) "*"
base64 = ALPHA / DIGIT / "+" / "/" base64 = ALPHA / DIGIT / "+" / "/" / "="
For example, a header whose value is defined as binary content could For example, a header whose value is defined as binary content could
look like: look like:
ExampleBinaryHeader: *cHJldGVuZCB0aGlzIGlzIGJpbmFyeSBjb250ZW50Lg* ExampleBinaryHeader: *cHJldGVuZCB0aGlzIGlzIGJpbmFyeSBjb250ZW50Lg*
4.9.1. Parsing Binary Content from Text 4.9.1. Parsing Binary Content from Text
Given an ASCII string input_string, return binary content. Given an ASCII string input_string, return binary content.
input_string is modified to remove the parsed value. input_string is modified to remove the parsed value.
1. If the first character of input_string is not "*", throw an 1. If the first character of input_string is not "*", fail parsing.
error.
2. Discard the first character of input_string. 2. Discard the first character of input_string.
3. Let b64_content be the result of removing content of input_string 3. Let b64_content be the result of removing content of input_string
up to but not including the first instance of the character "_". up to but not including the first instance of the character "*".
If there is not a "_" character before the end of input_string, If there is not a "*" character before the end of input_string,
throw an error. fail parsing.
4. Consume the "*" character at the beginning of input_string. 4. Consume the "*" character at the beginning of input_string.
5. If b64_content is has more than 21846 characters, throw an error. 5. If b64_content is has more than 21846 characters, fail parsing.
6. Let binary_content be the result of Base 64 Decoding [RFC4648] 6. Let binary_content be the result of Base 64 Decoding [RFC4648]
b64_content, synthesising padding if necessary. If an error is b64_content, synthesising padding if necessary (note the
encountered, throw it (note the requirements about recipient requirements about recipient behaviour in Section 4.9).
behaviour in Section 4.9).
7. Return binary_content. 7. Return binary_content.
5. IANA Considerations 5. IANA Considerations
This draft has no actions for IANA. This draft has no actions for IANA.
6. Security Considerations 6. Security Considerations
TBD TBD
skipping to change at page 17, line 35 skipping to change at page 17, line 44
7.3. URIs 7.3. URIs
[1] https://lists.w3.org/Archives/Public/ietf-http-wg/ [1] https://lists.w3.org/Archives/Public/ietf-http-wg/
[2] https://httpwg.github.io/ [2] https://httpwg.github.io/
[3] https://github.com/httpwg/http-extensions/labels/header-structure [3] https://github.com/httpwg/http-extensions/labels/header-structure
Appendix A. Changes Appendix A. Changes
A.1. Since draft-ietf-httpbis-header-structure-02 A.1. Since draft-ietf-httpbis-header-structure-03
o Strengthen language around failure handling.
A.2. Since draft-ietf-httpbis-header-structure-02
o Split Numbers into Integers and Floats. o Split Numbers into Integers and Floats.
o Define number parsing. o Define number parsing.
o Tighten up binary parsing and give it an explicit end delimiter. o Tighten up binary parsing and give it an explicit end delimiter.
o Clarify that mappings are unordered. o Clarify that mappings are unordered.
o Allow zero-length strings. o Allow zero-length strings.
o Improve string parsing algorithm. o Improve string parsing algorithm.
o Improve limits in algorithms. o Improve limits in algorithms.
o Require parsers to combine header fields before processing. o Require parsers to combine header fields before processing.
o Throw an error on trailing garbage. o Throw an error on trailing garbage.
A.2. Since draft-ietf-httpbis-header-structure-01 A.3. Since draft-ietf-httpbis-header-structure-01
o Replaced with draft-nottingham-structured-headers. o Replaced with draft-nottingham-structured-headers.
A.3. Since draft-ietf-httpbis-header-structure-00 A.4. Since draft-ietf-httpbis-header-structure-00
o Added signed 64bit integer type. o Added signed 64bit integer type.
o Drop UTF8, and settle on BCP137 ::EmbeddedUnicodeChar for h1- o Drop UTF8, and settle on BCP137 ::EmbeddedUnicodeChar for h1-
unicode-string. unicode-string.
o Change h1_blob delimiter to ":" since "'" is valid t_char o Change h1_blob delimiter to ":" since "'" is valid t_char
Authors' Addresses Authors' Addresses
 End of changes. 85 change blocks. 
135 lines changed or deleted 150 lines changed or added

This html diff was produced by rfcdiff 1.44jr. The latest version is available from http://tools.ietf.org/tools/rfcdiff/