draft-ietf-httpbis-header-structure-08.txt   draft-ietf-httpbis-header-structure-latest.txt 
HTTP Working Group M. Nottingham HTTP Working Group M. Nottingham
Internet-Draft Fastly Internet-Draft Fastly
Intended status: Standards Track P-H. Kamp Intended status: Standards Track P-H. Kamp
Expires: April 26, 2019 The Varnish Cache Project Expires: May 21, 2019 The Varnish Cache Project
October 23, 2018 November 17, 2018
Structured Headers for HTTP Structured Headers for HTTP
draft-ietf-httpbis-header-structure-08 draft-ietf-httpbis-header-structure-latest
Abstract Abstract
This document describes a set of data types and algorithms associated This document describes a set of data types and algorithms associated
with them that are intended to make it easier and safer to define and with them that are intended to make it easier and safer to define and
handle HTTP header fields. It is intended for use by new handle HTTP header fields. It is intended for use by new
specifications of HTTP header fields as well as revisions of existing specifications of HTTP header fields as well as revisions of existing
header field specifications when doing so does not cause header field specifications when doing so does not cause
interoperability issues. interoperability issues.
skipping to change at page 2, line 10 skipping to change at page 2, line 10
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 26, 2019. This Internet-Draft will expire on May 21, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Notational Conventions . . . . . . . . . . . . . . . . . 4 1.1. Intentionally Strict Processing . . . . . . . . . . . . . 4
2. Defining New Structured Headers . . . . . . . . . . . . . . . 4 1.2. Notational Conventions . . . . . . . . . . . . . . . . . 4
2. Defining New Structured Headers . . . . . . . . . . . . . . . 5
3. Structured Header Data Types . . . . . . . . . . . . . . . . 7 3. Structured Header Data Types . . . . . . . . . . . . . . . . 7
3.1. Dictionaries . . . . . . . . . . . . . . . . . . . . . . 7 3.1. Dictionaries . . . . . . . . . . . . . . . . . . . . . . 7
3.2. Lists . . . . . . . . . . . . . . . . . . . . . . . . . . 7 3.2. Lists . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3.3. Parameterised Lists . . . . . . . . . . . . . . . . . . . 8 3.3. Parameterised Lists . . . . . . . . . . . . . . . . . . . 8
3.4. Items . . . . . . . . . . . . . . . . . . . . . . . . . . 8 3.4. Items . . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.5. Integers . . . . . . . . . . . . . . . . . . . . . . . . 9 3.5. Integers . . . . . . . . . . . . . . . . . . . . . . . . 9
3.6. Floats . . . . . . . . . . . . . . . . . . . . . . . . . 9 3.6. Floats . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.7. Strings . . . . . . . . . . . . . . . . . . . . . . . . . 9 3.7. Strings . . . . . . . . . . . . . . . . . . . . . . . . . 10
3.8. Identifiers . . . . . . . . . . . . . . . . . . . . . . . 10 3.8. Identifiers . . . . . . . . . . . . . . . . . . . . . . . 10
3.9. Byte Sequences . . . . . . . . . . . . . . . . . . . . . 10 3.9. Byte Sequences . . . . . . . . . . . . . . . . . . . . . 11
3.10. Booleans . . . . . . . . . . . . . . . . . . . . . . . . 11 3.10. Booleans . . . . . . . . . . . . . . . . . . . . . . . . 11
4. Structured Headers in HTTP/1 . . . . . . . . . . . . . . . . 11 4. Structured Headers in HTTP/1 . . . . . . . . . . . . . . . . 11
4.1. Serialising Structured Headers into HTTP/1 . . . . . . . 11 4.1. Serialising Structured Headers into HTTP/1 . . . . . . . 11
4.2. Parsing HTTP/1 Header Fields into Structured Headers . . 16 4.2. Parsing HTTP/1 Header Fields into Structured Headers . . 17
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 24 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 25
6. Security Considerations . . . . . . . . . . . . . . . . . . . 24 6. Security Considerations . . . . . . . . . . . . . . . . . . . 25
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 25 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 26
7.1. Normative References . . . . . . . . . . . . . . . . . . 25 7.1. Normative References . . . . . . . . . . . . . . . . . . 26
7.2. Informative References . . . . . . . . . . . . . . . . . 25 7.2. Informative References . . . . . . . . . . . . . . . . . 26
7.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 26 7.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Appendix A. Frequently Asked Questions . . . . . . . . . . . . . 26
A.1. Why not JSON? . . . . . . . . . . . . . . . . . . . . . . 26 Appendix A. Frequently Asked Questions . . . . . . . . . . . . . 27
A.2. Structured Headers don't "fit" my data. . . . . . . . . . 27 A.1. Why not JSON? . . . . . . . . . . . . . . . . . . . . . . 27
Appendix B. Changes . . . . . . . . . . . . . . . . . . . . . . 28 A.2. Structured Headers don't "fit" my data. . . . . . . . . . 28
B.1. Since draft-ietf-httpbis-header-structure-07 . . . . . . 28 Appendix B. Changes . . . . . . . . . . . . . . . . . . . . . . 29
B.2. Since draft-ietf-httpbis-header-structure-06 . . . . . . 28 B.1. Since draft-ietf-httpbis-header-structure-08 . . . . . . 29
B.3. Since draft-ietf-httpbis-header-structure-05 . . . . . . 28 B.2. Since draft-ietf-httpbis-header-structure-07 . . . . . . 29
B.4. Since draft-ietf-httpbis-header-structure-04 . . . . . . 28 B.3. Since draft-ietf-httpbis-header-structure-06 . . . . . . 29
B.5. Since draft-ietf-httpbis-header-structure-03 . . . . . . 29 B.4. Since draft-ietf-httpbis-header-structure-05 . . . . . . 30
B.6. Since draft-ietf-httpbis-header-structure-02 . . . . . . 29 B.5. Since draft-ietf-httpbis-header-structure-04 . . . . . . 30
B.7. Since draft-ietf-httpbis-header-structure-01 . . . . . . 29 B.6. Since draft-ietf-httpbis-header-structure-03 . . . . . . 30
B.8. Since draft-ietf-httpbis-header-structure-00 . . . . . . 29 B.7. Since draft-ietf-httpbis-header-structure-02 . . . . . . 30
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 29 B.8. Since draft-ietf-httpbis-header-structure-01 . . . . . . 30
B.9. Since draft-ietf-httpbis-header-structure-00 . . . . . . 31
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 31
1. Introduction 1. Introduction
Specifying the syntax of new HTTP header fields is an onerous task; Specifying the syntax of new HTTP header fields is an onerous task;
even with the guidance in [RFC7231], Section 8.3.1, there are many even with the guidance in [RFC7231], Section 8.3.1, there are many
decisions - and pitfalls - for a prospective HTTP header field decisions - and pitfalls - for a prospective HTTP header field
author. author.
Once a header field is defined, bespoke parsers and serialisers often Once a header field is defined, bespoke parsers and serialisers often
need to be written, because each header has slightly different need to be written, because each header has slightly different
skipping to change at page 4, line 9 skipping to change at page 4, line 12
To specify a header field that is a Structured Header, see Section 2. To specify a header field that is a Structured Header, see Section 2.
Section 3 defines a number of abstract data types that can be used in Section 3 defines a number of abstract data types that can be used in
Structured Headers. Structured Headers.
Those abstract types can be serialised into and parsed from textual Those abstract types can be serialised into and parsed from textual
headers - such as those used in HTTP/1 - using the algorithms headers - such as those used in HTTP/1 - using the algorithms
described in Section 4. described in Section 4.
1.1. Notational Conventions 1.1. Intentionally Strict Processing
This specification intentionally defines strict parsing and
serialisation behaviours using step-by-step algorithms; the only
error handling defined is to fail the operation altogether.
This is designed to encourage faithful implementation and therefore
good interoperability. Therefore, implementations that try to be
"helpful" by being more tolerant of input are doing a disservice to
the overall community, since it will encourage other implementations
to implement similar (but likely subtly different) workarounds.
In other words, strict processing is an intentional feature of this
specification; it allows non-conformant input to be discovered and
corrected early, and avoids both interoperability and security issues
that might otherwise result.
Note that as a result of this strictness, if a header field is
appended to by multiple parties (e.g., intermediaries, or different
components in the sender), it could be that an error in one party's
value causes the entire header field to fail parsing.
1.2. Notational Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
This document uses the Augmented Backus-Naur Form (ABNF) notation of This document uses the Augmented Backus-Naur Form (ABNF) notation of
[RFC5234], including the VCHAR, SP, DIGIT, ALPHA and DQUOTE rules [RFC5234], including the VCHAR, SP, DIGIT, ALPHA and DQUOTE rules
from that document. It also includes the OWS rule from [RFC7230]. from that document. It also includes the OWS rule from [RFC7230].
skipping to change at page 5, line 14 skipping to change at page 5, line 37
o Specify any additional constraints upon the syntax of the o Specify any additional constraints upon the syntax of the
structured used, as well as the consequences when those structured used, as well as the consequences when those
constraints are violated. When Structured Headers parsing fails, constraints are violated. When Structured Headers parsing fails,
the header is discarded (see Section 4.2); in most situations, the header is discarded (see Section 4.2); in most situations,
header-specific constraints should do likewise. header-specific constraints should do likewise.
Note that a header field definition cannot relax the requirements of Note that a header field definition cannot relax the requirements of
a structure or its processing because doing so would preclude a structure or its processing because doing so would preclude
handling by generic software; they can only add additional handling by generic software; they can only add additional
constraints. constraints. Likewise, header field definitions should use
Structured Headers for the entire header field value, not a portion
thereof.
For example: For example:
# Foo-Example Header # Foo-Example Header
The Foo-Example HTTP header field conveys information about how The Foo-Example HTTP header field conveys information about how
much Foo the message has. much Foo the message has.
Foo-Example is a Structured Header [RFCxxxx]. Its value MUST be a Foo-Example is a Structured Header [RFCxxxx]. Its value MUST be a
dictionary ([RFCxxxx], Section Y.Y). Its ABNF is: dictionary ([RFCxxxx], Section Y.Y). Its ABNF is:
skipping to change at page 7, line 25 skipping to change at page 7, line 25
There can be one or more members, and keys are required to be unique. There can be one or more members, and keys are required to be unique.
Implementations MUST provide access to dictionaries both by index and Implementations MUST provide access to dictionaries both by index and
by key. Specifications MAY use either means of accessing the by key. Specifications MAY use either means of accessing the
members. members.
The ABNF for dictionaries in HTTP/1 headers is: The ABNF for dictionaries in HTTP/1 headers is:
sh-dictionary = dict-member *( OWS "," OWS dict-member ) sh-dictionary = dict-member *( OWS "," OWS dict-member )
dict-member = member-name "=" member-value dict-member = member-name "=" member-value
member-name = sh-identifier member-name = key
member-value = sh-item member-value = sh-item
key = lcalpha *( lcalpha / DIGIT / "_" / "-" )
lcalpha = %x61-7A ; a-z
In HTTP/1, keys and values are separated by "=" (without whitespace), In HTTP/1, keys and values are separated by "=" (without whitespace),
and key/value pairs are separated by a comma with optional and key/value pairs are separated by a comma with optional
whitespace. For example: whitespace. For example:
Example-DictHeader: en="Applepie", da=*w4ZibGV0w6ZydGU=* Example-DictHeader: en="Applepie", da=*w4ZibGV0w6ZydGU=*
Typically, a header field specification will define the semantics of Typically, a header field specification will define the semantics of
individual keys, as well as whether their presence is required or individual keys, as well as whether their presence is required or
optional. Recipients MUST ignore keys that are undefined or unknown, optional. Recipients MUST ignore keys that are undefined or unknown,
skipping to change at page 8, line 17 skipping to change at page 8, line 17
Example-StrListHeader: "foo", "bar", "It was the best of times." Example-StrListHeader: "foo", "bar", "It was the best of times."
Header specifications can constrain the types of individual values if Header specifications can constrain the types of individual values if
necessary. necessary.
Parsers MUST support lists containing at least 1024 members. Parsers MUST support lists containing at least 1024 members.
3.3. Parameterised Lists 3.3. Parameterised Lists
Parameterised Lists are arrays of a parameterised identifiers. Parameterised Lists are arrays of a parameterised identifiers with
one or more members.
A parameterised identifier is an identifier (Section 3.8) with an A parameterised identifier is a primary identifier (Section 3.8) with
optional set of parameters, each parameter having an identifier and an optional set of parameters, each parameter having a name and an
an optional value that is an item (Section 3.4). Ordering between optional value that is an item (Section 3.4). Ordering between
parameters is not significant, and duplicate parameters MUST cause parameters is not significant, and duplicate parameters MUST cause
parsing to fail. parsing to fail.
The ABNF for parameterised lists in HTTP/1 headers is: The ABNF for parameterised lists in HTTP/1 headers is:
sh-param-list = param-id *( OWS "," OWS param-id ) sh-param-list = param-item *( OWS "," OWS param-item )
param-id = sh-identifier *parameter param-item = primary-id *parameter
primary-id = sh-identifier
parameter = OWS ";" OWS param-name [ "=" param-value ] parameter = OWS ";" OWS param-name [ "=" param-value ]
param-name = sh-identifier param-name = key
param-value = sh-item param-value = sh-item
In HTTP/1, each param-id is separated by a comma and optional In HTTP/1, each param-id is separated by a comma and optional
whitespace (as in Lists), and the parameters are separated by whitespace (as in Lists), and the parameters are separated by
semicolons. For example: semicolons. For example:
Example-ParamListHeader: abc_123;a=1;b=2; cdef_456, ghi;q="9";r="w" Example-ParamListHeader: abc_123;a=1;b=2; cdef_456, ghi;q="9";r="w"
Parsers MUST support parameterised lists containing at least 1024 Parsers MUST support parameterised lists containing at least 1024
members, and support members with at least 256 parameters. members, and support members with at least 256 parameters.
skipping to change at page 10, line 38 skipping to change at page 10, line 46
Parsers MUST support strings with at least 1024 characters. Parsers MUST support strings with at least 1024 characters.
3.8. Identifiers 3.8. Identifiers
Identifiers are short textual identifiers; their abstract model is Identifiers are short textual identifiers; their abstract model is
identical to their expression in the textual HTTP serialisation. identical to their expression in the textual HTTP serialisation.
Parsers MUST support identifiers with at least 64 characters. Parsers MUST support identifiers with at least 64 characters.
The ABNF for identifiers in HTTP/1 headers is: The ABNF for identifiers in HTTP/1 headers is:
sh-identifier = lcalpha *( lcalpha / DIGIT / "_" / "-"/ "*" / "/" ) sh-identifier = lcalpha *( lcalpha / DIGIT / "_" / "-" / "." / ":" / "%" / "*" / "/" )
lcalpha = %x61-7A ; a-z
Note that identifiers can only contain lowercase letters. Note that identifiers can only contain lowercase letters.
3.9. Byte Sequences 3.9. Byte Sequences
Byte sequences can be conveyed in Structured Headers. Byte sequences can be conveyed in Structured Headers.
The ABNF for a byte sequence in HTTP/1 headers is: The ABNF for a byte sequence in HTTP/1 headers is:
sh-binary = "*" *(base64) "*" sh-binary = "*" *(base64) "*"
skipping to change at page 11, line 4 skipping to change at page 11, line 13
Note that identifiers can only contain lowercase letters. Note that identifiers can only contain lowercase letters.
3.9. Byte Sequences 3.9. Byte Sequences
Byte sequences can be conveyed in Structured Headers. Byte sequences can be conveyed in Structured Headers.
The ABNF for a byte sequence in HTTP/1 headers is: The ABNF for a byte sequence in HTTP/1 headers is:
sh-binary = "*" *(base64) "*" sh-binary = "*" *(base64) "*"
base64 = ALPHA / DIGIT / "+" / "/" / "=" base64 = ALPHA / DIGIT / "+" / "/" / "="
In HTTP/1 headers, a byte sequence is delimited with asterisks and In HTTP/1 headers, a byte sequence is delimited with asterisks and
encoded using base64 ([RFC4648], Section 4). For example: encoded using base64 ([RFC4648], Section 4). For example:
Example-BinaryHdr: *cHJldGVuZCB0aGlzIGlzIGJpbmFyeSBjb250ZW50Lg==* Example-BinaryHdr: *cHJldGVuZCB0aGlzIGlzIGJpbmFyeSBjb250ZW50Lg==*
Parsers MUST support byte sequences with at least 16384 octets after Parsers MUST support byte sequences with at least 16384 octets after
decoding. decoding.
3.10. Booleans 3.10. Booleans
Boolean values can be conveyed in Structured Headers. Boolean values can be conveyed in Structured Headers.
The ABNF for a Boolean in HTTP/1 headers is: The ABNF for a Boolean in HTTP/1 headers is:
sh-boolean = "!" boolean sh-boolean = "?" boolean
boolean = "T" / "F" boolean = "T" / "F"
In HTTP/1 headers, a byte sequence is delimited with a "!" character. In HTTP/1 headers, a byte sequence is indicated with a leading "?"
For example: character. For example:
Example-BoolHdr: !T Example-BoolHdr: !T
4. Structured Headers in HTTP/1 4. Structured Headers in HTTP/1
This section defines how to serialise and parse Structured Headers in This section defines how to serialise and parse Structured Headers in
HTTP/1 textual header fields, and protocols compatible with them HTTP/1 textual header fields, and protocols compatible with them
(e.g., in HTTP/2 [RFC7540] before HPACK [RFC7541] is applied). (e.g., in HTTP/2 [RFC7540] before HPACK [RFC7541] is applied).
4.1. Serialising Structured Headers into HTTP/1 4.1. Serialising Structured Headers into HTTP/1
Given a structured defined in this specification: Given a structured defined in this specification:
1. If the structure is a dictionary, return the result of 1. If the structure is a dictionary, return the result of
Serialising a Dictionary {#ser-dictionary}. Serialising a Dictionary (Section 4.1.1).
2. If the structure is a list, return the result of Serialising a 2. If the structure is a list, return the result of Serialising a
List {#ser-list}. List Section 4.1.2.
3. If the structure is a parameterised list, return the result of 3. If the structure is a parameterised list, return the result of
Serialising a Parameterised List {#ser-param-list}. Serialising a Parameterised List (Section 4.1.3).
4. If the structure is an item, return the result of Serialising an 4. If the structure is an item, return the result of Serialising an
Item {#ser-item}. Item (Section 4.1.4).
5. Otherwise, fail serialisation. 5. Otherwise, fail serialisation.
4.1.1. Serialising a Dictionary 4.1.1. Serialising a Dictionary
Given a dictionary as input: Given a dictionary as input:
1. Let output be an empty string. 1. Let output be an empty string.
2. For each member mem of input: 2. For each member mem of input:
1. Let name be the result of applying Serialising an Identifier 1. Let name be the result of applying Serialising an Identifier
Section 4.1.8 to mem's member-name. (Section 4.1.8) to mem's member-name.
2. Append name to output. 2. Append name to output.
3. Append "=" to output. 3. Append "=" to output.
4. Let value be the result of applying Serialising an Item 4. Let value be the result of applying Serialising a Key
Section 4.1.4 to mem's member-value. (Section 4.1.1.1) to mem's member-value.
5. Append value to output. 5. Append value to output.
6. If more members remain in input: 6. If more members remain in input:
1. Append a COMMA to output. 1. Append a COMMA to output.
2. Append a single WS to output. 2. Append a single WS to output.
3. Return output. 3. Return output.
4.1.1.1. Serialising a Key
Given a key as input:
1. If input is not a sequence of characters, or contains characters
not allowed in the ABNF for key, fail serialisation.
2. Let output be an empty string.
3. Append input to output, using ASCII encoding [RFC0020].
4. Return output.
4.1.2. Serialising a List 4.1.2. Serialising a List
Given a list as input: Given a list as input:
1. Let output be an empty string. 1. Let output be an empty string.
2. For each member mem of input: 2. For each member mem of input:
1. Let value be the result of applying Serialising an Item 1. Let value be the result of applying Serialising an Item
Section 4.1.4 to mem. (Section 4.1.4) to mem.
2. Append value to output. 2. Append value to output.
3. If more members remain in input: 3. If more members remain in input:
1. Append a COMMA to output. 1. Append a COMMA to output.
2. Append a single WS to output. 2. Append a single WS to output.
3. Return output. 3. Return output.
4.1.3. Serialising a Parameterised List 4.1.3. Serialising a Parameterised List
Given a parameterised list as input: Given a parameterised list as input:
1. Let output be an empty string. 1. Let output be an empty string.
2. For each member mem of input: 2. For each member mem of input:
1. Let id be the result of applying Serialising an Identifier 1. Let id be the result of applying Serialising an Identifier
Section 4.1.8 to mem's identifier. (Section 4.1.8) to mem's identifier.
2. Append id to output. 2. Append id to output.
3. For each parameter in mem's parameters: 3. For each parameter in mem's parameters:
1. Append ";" to output. 1. Append ";" to output.
2. Let name be the result of applying Serialising an 2. Let name be the result of applying Serialising an
Identifier Section 4.1.8 to parameter's param-name. Identifier (Section 4.1.8) to parameter's param-name.
3. Append name to output. 3. Append name to output.
4. If parameter has a param-value: 4. If parameter has a param-value:
1. Let value be the result of applying Serialising an 1. Let value be the result of applying Serialising a Key
Item Section 4.1.4 to parameter's param-value. (Section 4.1.1.1) to parameter's param-value.
2. Append "=" to output. 2. Append "=" to output.
3. Append value to output. 3. Append value to output.
4. If more members remain in input: 4. If more members remain in input:
1. Append a COMMA to output. 1. Append a COMMA to output.
2. Append a single WS to output. 2. Append a single WS to output.
skipping to change at page 13, line 52 skipping to change at page 14, line 25
3. Return output. 3. Return output.
4.1.4. Serialising an Item 4.1.4. Serialising an Item
Given an item as input: Given an item as input:
1. If input is a type other than an integer, float, string, 1. If input is a type other than an integer, float, string,
identifier, byte sequence, or Boolean, fail serialisation. identifier, byte sequence, or Boolean, fail serialisation.
2. If input is an integer, return the result of applying Serialising 2. If input is an integer, return the result of applying Serialising
an Integer Section 4.1.5 to input. an Integer (Section 4.1.5) to input.
3. If input is a float, return the result of applying Serialising a 3. If input is a float, return the result of applying Serialising a
Float Section 4.1.6 to input. Float (Section 4.1.6) to input.
4. If input is a string, return the result of applying Serialising a 4. If input is a string, return the result of applying Serialising a
String Section 4.1.7 to input. String (Section 4.1.7) to input.
5. If input is an identifier, return the result of Serialising an 5. If input is an identifier, return the result of Serialising an
Identifier {#ser-identifier}. Identifier (Section 4.1.8).
6. If input is a Boolean, return the result of applying Serialising 6. If input is a Boolean, return the result of applying Serialising
a Boolean Section 4.1.10 to input. a Boolean (Section 4.1.10) to input.
7. Otherwise, return the result of applying Serialising a Byte 7. Otherwise, return the result of applying Serialising a Byte
Sequence Section 4.1.9 to input. Sequence (Section 4.1.9) to input.
4.1.5. Serialising an Integer 4.1.5. Serialising an Integer
Given an integer as input: Given an integer as input:
1. If input is not an integer in the range of 1. If input is not an integer in the range of
-9,223,372,036,854,775,808 to 9,223,372,036,854,775,807 -9,223,372,036,854,775,808 to 9,223,372,036,854,775,807
inclusive, fail serialisation. inclusive, fail serialisation.
2. Let output be an empty string. 2. Let output be an empty string.
skipping to change at page 16, line 29 skipping to change at page 16, line 50
implementation constraints. implementation constraints.
4.1.10. Serialising a Boolean 4.1.10. Serialising a Boolean
Given a Boolean as input: Given a Boolean as input:
1. If input is not a boolean, fail serialisation. 1. If input is not a boolean, fail serialisation.
2. Let output be an empty string. 2. Let output be an empty string.
3. Append "!" to output. 3. Append "?" to output.
4. If input is true, append "T" to output. 4. If input is true, append "T" to output.
5. If input is false, append "F" to output. 5. If input is false, append "F" to output.
6. Return output. 6. Return output.
4.2. Parsing HTTP/1 Header Fields into Structured Headers 4.2. Parsing HTTP/1 Header Fields into Structured Headers
When a receiving implementation parses textual HTTP header fields When a receiving implementation parses textual HTTP header fields
skipping to change at page 17, line 6 skipping to change at page 17, line 27
Given an ASCII string input_string that represents the chosen Given an ASCII string input_string that represents the chosen
header's field-value, and header_type, one of "dictionary", "list", header's field-value, and header_type, one of "dictionary", "list",
"param-list", or "item", return the parsed header value. "param-list", or "item", return the parsed header value.
1. Discard any leading OWS from input_string. 1. Discard any leading OWS from input_string.
2. If header_type is "dictionary", let output be the result of 2. If header_type is "dictionary", let output be the result of
Parsing a Dictionary from Text (Section 4.2.1). Parsing a Dictionary from Text (Section 4.2.1).
3. If header_type is "list", let output be the result of Parsing a 3. If header_type is "list", let output be the result of Parsing a
List from Text (Section 4.2.2). List from Text (Section 4.2.3).
4. If header_type is "param-list", let output be the result of 4. If header_type is "param-list", let output be the result of
Parsing a Parameterised List from Text (Section 4.2.3). Parsing a Parameterised List from Text (Section 4.2.4).
5. Otherwise, let output be the result of Parsing an Item from Text 5. Otherwise, let output be the result of Parsing an Item from Text
(Section 4.2.5). (Section 4.2.6).
6. Discard any leading OWS from input_string. 6. Discard any leading OWS from input_string.
7. If input_string is not empty, fail parsing. 7. If input_string is not empty, fail parsing.
8. Otherwise, return output. 8. Otherwise, return output.
When generating input_string, parsers MUST combine all instances of When generating input_string, parsers MUST combine all instances of
the target header field into one comma-separated field-value, as per the target header field into one comma-separated field-value, as per
[RFC7230], Section 3.2.2; this assures that the header is processed [RFC7230], Section 3.2.2; this assures that the header is processed
skipping to change at page 18, line 7 skipping to change at page 18, line 29
4.2.1. Parsing a Dictionary from Text 4.2.1. Parsing a Dictionary from Text
Given an ASCII string input_string, return an ordered map of Given an ASCII string input_string, return an ordered map of
(identifier, item). input_string is modified to remove the parsed (identifier, item). input_string is modified to remove the parsed
value. value.
1. Let dictionary be an empty, ordered map. 1. Let dictionary be an empty, ordered map.
2. While input_string is not empty: 2. While input_string is not empty:
1. Let this_key be the result of running Parse Identifier from 1. Let this_key be the result of running Parse a Key from Text
Text (Section 4.2.8) with input_string. (Section 4.2.2) with input_string.
2. If dictionary already contains this_key, fail parsing. 2. If dictionary already contains this_key, fail parsing.
3. Consume the first character of input_string; if it is not 3. Consume the first character of input_string; if it is not
"=", fail parsing. "=", fail parsing.
4. Let this_value be the result of running Parse Item from Text 4. Let this_value be the result of running Parse Item from Text
(Section 4.2.5) with input_string. (Section 4.2.6) with input_string.
5. Add key this_key with value this_value to dictionary. 5. Add key this_key with value this_value to dictionary.
6. Discard any leading OWS from input_string. 6. Discard any leading OWS from input_string.
7. If input_string is empty, return dictionary. 7. If input_string is empty, return dictionary.
8. Consume the first character of input_string; if it is not 8. Consume the first character of input_string; if it is not
COMMA, fail parsing. COMMA, fail parsing.
9. Discard any leading OWS from input_string. 9. Discard any leading OWS from input_string.
10. If input_string is empty, fail parsing. 10. If input_string is empty, fail parsing.
3. No structured data has been found; fail parsing. 3. No structured data has been found; fail parsing.
4.2.2. Parsing a List from Text 4.2.2. Parsing a Key from Text
Given an ASCII string input_string, return a key. input_string is
modified to remove the parsed value.
1. If the first character of input_string is not lcalpha, fail
parsing.
2. Let output_string be an empty string.
3. While input_string is not empty:
1. Let char be the result of removing the first character of
input_string.
2. If char is not one of lcalpha, DIGIT, "_", or "-":
1. Prepend char to input_string.
2. Return output_string.
3. Append char to output_string.
4. Return output_string.
4.2.3. Parsing a List from Text
Given an ASCII string input_string, return a list of items. Given an ASCII string input_string, return a list of items.
input_string is modified to remove the parsed value. input_string is modified to remove the parsed value.
1. Let items be an empty array. 1. Let items be an empty array.
2. While input_string is not empty: 2. While input_string is not empty:
1. Let item be the result of running Parse Item from Text 1. Let item be the result of running Parse Item from Text
(Section 4.2.5) with input_string. (Section 4.2.6) with input_string.
2. Append item to items. 2. Append item to items.
3. Discard any leading OWS from input_string. 3. Discard any leading OWS from input_string.
4. If input_string is empty, return items. 4. If input_string is empty, return items.
5. Consume the first character of input_string; if it is not 5. Consume the first character of input_string; if it is not
COMMA, fail parsing. COMMA, fail parsing.
6. Discard any leading OWS from input_string. 6. Discard any leading OWS from input_string.
7. If input_string is empty, fail parsing. 7. If input_string is empty, fail parsing.
3. No structured data has been found; fail parsing. 3. No structured data has been found; fail parsing.
4.2.3. Parsing a Parameterised List from Text 4.2.4. Parsing a Parameterised List from Text
Given an ASCII string input_string, return a list of parameterised Given an ASCII string input_string, return a list of parameterised
identifiers. input_string is modified to remove the parsed value. identifiers. input_string is modified to remove the parsed value.
1. Let items be an empty array. 1. Let items be an empty array.
2. While input_string is not empty: 2. While input_string is not empty:
1. Let item be the result of running Parse Parameterised 1. Let item be the result of running Parse Parameterised
Identifier from Text (Section 4.2.4) with input_string. Identifier from Text (Section 4.2.5) with input_string.
2. Append item to items. 2. Append item to items.
3. Discard any leading OWS from input_string. 3. Discard any leading OWS from input_string.
4. If input_string is empty, return items. 4. If input_string is empty, return items.
5. Consume the first character of input_string; if it is not 5. Consume the first character of input_string; if it is not
COMMA, fail parsing. COMMA, fail parsing.
6. Discard any leading OWS from input_string. 6. Discard any leading OWS from input_string.
7. If input_string is empty, fail parsing. 7. If input_string is empty, fail parsing.
3. No structured data has been found; fail parsing. 3. No structured data has been found; fail parsing.
4.2.4. Parsing a Parameterised Identifier from Text 4.2.5. Parsing a Parameterised Identifier from Text
Given an ASCII string input_string, return an identifier with an Given an ASCII string input_string, return an identifier with an
unordered map of parameters. input_string is modified to remove the unordered map of parameters. input_string is modified to remove the
parsed value. parsed value.
1. Let primary_identifier be the result of Parsing an Identifier 1. Let primary_identifier be the result of Parsing an Identifier
from Text (Section 4.2.8) from input_string. from Text (Section 4.2.9) from input_string.
2. Let parameters be an empty, unordered map. 2. Let parameters be an empty, unordered map.
3. In a loop: 3. In a loop:
1. If the first character of input_string is not ";", exit the 1. Discard any leading OWS from input_string.
2. If the first character of input_string is not ";", exit the
loop. loop.
2. Consume a ";" character from the beginning of input_string. 3. Consume a ";" character from the beginning of input_string.
3. Discard any leading OWS from input_string. 4. Discard any leading OWS from input_string.
4. let param_name be the result of Parsing an Identifier from 5. let param_name be the result of Parsing a key from Text
Text (Section 4.2.8) from input_string. (Section 4.2.2) from input_string.
5. If param_name is already present in parameters, fail parsing. 6. If param_name is already present in parameters, fail parsing.
6. Let param_value be a null value. 7. Let param_value be a null value.
7. If the first character of input_string is "=": 8. If the first character of input_string is "=":
1. Consume the "=" character at the beginning of 1. Consume the "=" character at the beginning of
input_string. input_string.
2. Let param_value be the result of Parsing an Item from 2. Let param_value be the result of Parsing an Item from
Text (Section 4.2.5) from input_string. Text (Section 4.2.6) from input_string.
8. Insert (param_name, param_value) into parameters. 9. Insert (param_name, param_value) into parameters.
4. Return the tuple (primary_identifier, parameters). 4. Return the tuple (primary_identifier, parameters).
4.2.5. Parsing an Item from Text 4.2.6. Parsing an Item from Text
Given an ASCII string input_string, return an item. input_string is Given an ASCII string input_string, return an item. input_string is
modified to remove the parsed value. modified to remove the parsed value.
1. Discard any leading OWS from input_string. 1. If the first character of input_string is a "-" or a DIGIT,
process input_string as a number (Section 4.2.7) and return the
2. If the first character of input_string is a "-" or a DIGIT,
process input_string as a number (Section 4.2.6) and return the
result. result.
3. If the first character of input_string is a DQUOTE, process 2. If the first character of input_string is a DQUOTE, process
input_string as a string (Section 4.2.7) and return the result. input_string as a string (Section 4.2.8) and return the result.
4. If the first character of input_string is "*", process 3. If the first character of input_string is "*", process
input_string as a byte sequence (Section 4.2.9) and return the input_string as a byte sequence (Section 4.2.10) and return the
result. result.
5. If the first character of input_string is "!", process 4. If the first character of input_string is "?", process
input_string as a Boolean (Section 4.2.10) and return the result. input_string as a Boolean (Section 4.2.11) and return the result.
6. If the first character of input_string is a lcalpha, process 5. If the first character of input_string is a lcalpha, process
input_string as an identifier (Section 4.2.8) and return the input_string as an identifier (Section 4.2.9) and return the
result. result.
7. Otherwise, fail parsing. 6. Otherwise, fail parsing.
4.2.6. Parsing a Number from Text 4.2.7. Parsing a Number from Text
NOTE: This algorithm parses both Integers Section 3.5 and Floats NOTE: This algorithm parses both Integers Section 3.5 and Floats
Section 3.6, and returns the corresponding structure. Section 3.6, and returns the corresponding structure.
1. Let type be "integer". 1. Let type be "integer".
2. Let sign be 1. 2. Let sign be 1.
3. Let input_number be an empty string. 3. Let input_number be an empty string.
skipping to change at page 22, line 12 skipping to change at page 23, line 12
9. Otherwise: 9. Otherwise:
1. If the final character of input_number is ".", fail parsing. 1. If the final character of input_number is ".", fail parsing.
2. Parse input_number as a float and let output_number be the 2. Parse input_number as a float and let output_number be the
product of the result and sign. product of the result and sign.
10. Return output_number. 10. Return output_number.
4.2.7. Parsing a String from Text 4.2.8. Parsing a String from Text
Given an ASCII string input_string, return an unquoted string. Given an ASCII string input_string, return an unquoted string.
input_string is modified to remove the parsed value. input_string is modified to remove the parsed value.
1. Let output_string be an empty string. 1. Let output_string be an empty string.
2. If the first character of input_string is not DQUOTE, fail 2. If the first character of input_string is not DQUOTE, fail
parsing. parsing.
3. Discard the first character of input_string. 3. Discard the first character of input_string.
skipping to change at page 23, line 5 skipping to change at page 24, line 5
3. Else, if char is DQUOTE, return output_string. 3. Else, if char is DQUOTE, return output_string.
4. Else, if char is in the range %x00-1f or %x7f (i.e., is not 4. Else, if char is in the range %x00-1f or %x7f (i.e., is not
in VCHAR or SP), fail parsing. in VCHAR or SP), fail parsing.
5. Else, append char to output_string. 5. Else, append char to output_string.
5. Reached the end of input_string without finding a closing DQUOTE; 5. Reached the end of input_string without finding a closing DQUOTE;
fail parsing. fail parsing.
4.2.8. Parsing an Identifier from Text 4.2.9. Parsing an Identifier from Text
Given an ASCII string input_string, return an identifier. Given an ASCII string input_string, return an identifier.
input_string is modified to remove the parsed value. input_string is modified to remove the parsed value.
1. If the first character of input_string is not lcalpha, fail 1. If the first character of input_string is not lcalpha, fail
parsing. parsing.
2. Let output_string be an empty string. 2. Let output_string be an empty string.
3. While input_string is not empty: 3. While input_string is not empty:
1. Let char be the result of removing the first character of 1. Let char be the result of removing the first character of
input_string. input_string.
2. If char is not one of lcalpha, DIGIT, "_", "-", "*" or "/": 2. If char is not one of lcalpha, DIGIT, "_", "-", ".", ":",
"%", "*" or "/":
1. Prepend char to input_string. 1. Prepend char to input_string.
2. Return output_string. 2. Return output_string.
3. Append char to output_string. 3. Append char to output_string.
4. Return output_string. 4. Return output_string.
4.2.9. Parsing a Byte Sequence from Text 4.2.10. Parsing a Byte Sequence from Text
Given an ASCII string input_string, return a byte sequence. Given an ASCII string input_string, return a byte sequence.
input_string is modified to remove the parsed value. input_string is modified to remove the parsed value.
1. If the first character of input_string is not "*", fail parsing. 1. If the first character of input_string is not "*", fail parsing.
2. Discard the first character of input_string. 2. Discard the first character of input_string.
3. Let b64_content be the result of removing content of input_string 3. Let b64_content be the result of removing content of input_string
up to but not including the first instance of the character "*". up to but not including the first instance of the character "*".
skipping to change at page 24, line 21 skipping to change at page 25, line 21
Because some implementations of base64 do not allow rejection of Because some implementations of base64 do not allow rejection of
encoded data that has non-zero pad bits (see [RFC4648], Section 3.5), encoded data that has non-zero pad bits (see [RFC4648], Section 3.5),
parsers SHOULD NOT fail when it is present, unless they cannot be parsers SHOULD NOT fail when it is present, unless they cannot be
configured to do so. configured to do so.
This specification does not relax the requirements in [RFC4648], This specification does not relax the requirements in [RFC4648],
Section 3.1 and 3.3; therefore, parsers MUST fail on characters Section 3.1 and 3.3; therefore, parsers MUST fail on characters
outside the base64 alphabet, and on line feeds in encoded data. outside the base64 alphabet, and on line feeds in encoded data.
4.2.10. Parsing a Boolean from Text 4.2.11. Parsing a Boolean from Text
Given an ASCII string input_string, return a Boolean. input_string is Given an ASCII string input_string, return a Boolean. input_string is
modified to remove the parsed value. modified to remove the parsed value.
1. If the first character of input_string is not "!", fail parsing. 1. If the first character of input_string is not "?", fail parsing.
2. Discard the first character of input_string. 2. Discard the first character of input_string.
3. If the first character of input_string case-sensitively matches 3. If the first character of input_string case-sensitively matches
"T", discard the first character, and return true. "T", discard the first character, and return true.
4. If the first character of input_string case-sensitively matches 4. If the first character of input_string case-sensitively matches
"F", discard the first character, and return false. "F", discard the first character, and return false.
5. No value has matched; fail parsing. 5. No value has matched; fail parsing.
skipping to change at page 28, line 9 skipping to change at page 29, line 9
describe what a processor's behaviour should be when one of the describe what a processor's behaviour should be when one of the
headers is missing. headers is missing.
If you need to fit arbitrarily complex data into a header, Structured If you need to fit arbitrarily complex data into a header, Structured
Headers is probably a poor fit for your use case. Headers is probably a poor fit for your use case.
Appendix B. Changes Appendix B. Changes
_RFC Editor: Please remove this section before publication._ _RFC Editor: Please remove this section before publication._
B.1. Since draft-ietf-httpbis-header-structure-07 B.1. Since draft-ietf-httpbis-header-structure-08
o Disallow whitespace before items properly (#703).
o Created "key" for use in dictionaries and parameters, rather than
relying on identifier (#702).
o Expanded the range of special characters allowed in identifier to
include ".", ":", and "%" (#702).
o Use "?" instead of "!" to indicate a Boolean (#719).
o Added "Intentionally Strict Processing" (#684).
o Gave better names for referring specs to use in Parameterised
Lists (#720).
B.2. Since draft-ietf-httpbis-header-structure-07
o Make Dictionaries ordered mappings (#659). o Make Dictionaries ordered mappings (#659).
o Changed "binary content" to "byte sequence" to align with Infra o Changed "binary content" to "byte sequence" to align with Infra
specification (#671). specification (#671).
o Changed "mapping" to "map" for #671. o Changed "mapping" to "map" for #671.
o Don't fail if byte sequences aren't "=" padded (#658). o Don't fail if byte sequences aren't "=" padded (#658).
o Add Booleans (#683). o Add Booleans (#683).
o Allow identifiers in items again (#629). o Allow identifiers in items again (#629).
o Disallowed whitespace before items (#703). o Disallowed whitespace before items (#703).
o Explain the consequences of splitting a string across multiple o Explain the consequences of splitting a string across multiple
headers (#686). headers (#686).
B.2. Since draft-ietf-httpbis-header-structure-06 B.3. Since draft-ietf-httpbis-header-structure-06
o Add a FAQ. o Add a FAQ.
o Allow non-zero pad bits. o Allow non-zero pad bits.
o Explicitly check for integers that violate constraints. o Explicitly check for integers that violate constraints.
B.3. Since draft-ietf-httpbis-header-structure-05 B.4. Since draft-ietf-httpbis-header-structure-05
o Reorganise specification to separate parsing out. o Reorganise specification to separate parsing out.
o Allow referencing specs to use ABNF. o Allow referencing specs to use ABNF.
o Define serialisation algorithms. o Define serialisation algorithms.
o Refine relationship between ABNF, parsing and serialisation o Refine relationship between ABNF, parsing and serialisation
algorithms. algorithms.
B.4. Since draft-ietf-httpbis-header-structure-04 B.5. Since draft-ietf-httpbis-header-structure-04
o Remove identifiers from item. o Remove identifiers from item.
o Remove most limits on sizes. o Remove most limits on sizes.
o Refine number parsing. o Refine number parsing.
B.5. Since draft-ietf-httpbis-header-structure-03 B.6. Since draft-ietf-httpbis-header-structure-03
o Strengthen language around failure handling. o Strengthen language around failure handling.
B.6. Since draft-ietf-httpbis-header-structure-02 B.7. Since draft-ietf-httpbis-header-structure-02
o Split Numbers into Integers and Floats. o Split Numbers into Integers and Floats.
o Define number parsing. o Define number parsing.
o Tighten up binary parsing and give it an explicit end delimiter. o Tighten up binary parsing and give it an explicit end delimiter.
o Clarify that mappings are unordered. o Clarify that mappings are unordered.
o Allow zero-length strings. o Allow zero-length strings.
o Improve string parsing algorithm. o Improve string parsing algorithm.
o Improve limits in algorithms. o Improve limits in algorithms.
o Require parsers to combine header fields before processing. o Require parsers to combine header fields before processing.
o Throw an error on trailing garbage. o Throw an error on trailing garbage.
B.7. Since draft-ietf-httpbis-header-structure-01 B.8. Since draft-ietf-httpbis-header-structure-01
o Replaced with draft-nottingham-structured-headers. o Replaced with draft-nottingham-structured-headers.
B.8. Since draft-ietf-httpbis-header-structure-00 B.9. Since draft-ietf-httpbis-header-structure-00
o Added signed 64bit integer type. o Added signed 64bit integer type.
o Drop UTF8, and settle on BCP137 ::EmbeddedUnicodeChar for h1- o Drop UTF8, and settle on BCP137 ::EmbeddedUnicodeChar for h1-
unicode-string. unicode-string.
o Change h1_blob delimiter to ":" since "'" is valid t_char o Change h1_blob delimiter to ":" since "'" is valid t_char
Authors' Addresses Authors' Addresses
 End of changes. 79 change blocks. 
113 lines changed or deleted 200 lines changed or added

This html diff was produced by rfcdiff 1.44jr. The latest version is available from http://tools.ietf.org/tools/rfcdiff/