draft-ietf-httpbis-rfc7238bis-03.txt   rfc7538.txt 
HTTPbis Working Group J. Reschke Internet Engineering Task Force (IETF) J. Reschke
Internet-Draft greenbytes Request for Comments: 7538 greenbytes
Obsoletes: 7238 (if approved) February 5, 2015 Obsoletes: 7238 April 2015
Intended status: Standards Track Category: Standards Track
Expires: August 9, 2015 ISSN: 2070-1721
The Hypertext Transfer Protocol Status Code 308 (Permanent Redirect) The Hypertext Transfer Protocol Status Code 308 (Permanent Redirect)
draft-ietf-httpbis-rfc7238bis-03
Abstract Abstract
This document specifies the additional Hypertext Transfer Protocol This document specifies the additional Hypertext Transfer Protocol
(HTTP) status code 308 (Permanent Redirect). (HTTP) status code 308 (Permanent Redirect).
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
This Internet-Draft will expire on August 9, 2015. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7538.
Copyright Notice Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Notational Conventions . . . . . . . . . . . . . . . . . . . . 3 2. Notational Conventions . . . . . . . . . . . . . . . . . . . 2
3. 308 Permanent Redirect . . . . . . . . . . . . . . . . . . . . 3 3. 308 Permanent Redirect . . . . . . . . . . . . . . . . . . . 3
4. Deployment Considerations . . . . . . . . . . . . . . . . . . . 4 4. Deployment Considerations . . . . . . . . . . . . . . . . . . 3
5. Security Considerations . . . . . . . . . . . . . . . . . . . . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . 4
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 6 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 5
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 7.1. Normative References . . . . . . . . . . . . . . . . . . 5
8.1. Normative References . . . . . . . . . . . . . . . . . . . 6 7.2. Informative References . . . . . . . . . . . . . . . . . 5
8.2. Informative References . . . . . . . . . . . . . . . . . . 6 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 6
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6
1. Introduction 1. Introduction
HTTP defines a set of status codes for the purpose of redirecting a HTTP defines a set of status codes for the purpose of redirecting a
request to a different URI ([RFC3986]). The history of these status request to a different URI ([RFC3986]). The history of these status
codes is summarized in Section 6.4 of [RFC7231], which also codes is summarized in Section 6.4 of [RFC7231], which also
classifies the existing status codes into four categories. classifies the existing status codes into four categories.
The first of these categories contains the status codes 301 (Moved The first of these categories contains the status codes 301 (Moved
Permanently), 302 (Found), and 307 (Temporary Redirect), which can be Permanently), 302 (Found), and 307 (Temporary Redirect), which can be
skipping to change at page 3, line 30 skipping to change at page 2, line 44
| POST to GET | | | | POST to GET | | |
| Does not allow changing the request | - | 307 | | Does not allow changing the request | - | 307 |
| method from POST to GET | | | | method from POST to GET | | |
+-------------------------------------------+-----------+-----------+ +-------------------------------------------+-----------+-----------+
Section 6.4.7 of [RFC7231] states that it does not define a permanent Section 6.4.7 of [RFC7231] states that it does not define a permanent
variant of status code 307; this specification adds the status code variant of status code 307; this specification adds the status code
308, defining this missing variant (Section 3). 308, defining this missing variant (Section 3).
This specification contains no technical changes from the This specification contains no technical changes from the
experimental RFC 7238, which it obsoletes. Experimental RFC 7238, which it obsoletes.
2. Notational Conventions 2. Notational Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
3. 308 Permanent Redirect 3. 308 Permanent Redirect
The 308 (Permanent Redirect) status code indicates that the target The 308 (Permanent Redirect) status code indicates that the target
skipping to change at page 4, line 16 skipping to change at page 3, line 32
indicated by the method definition or explicit cache controls (see indicated by the method definition or explicit cache controls (see
[RFC7234], Section 4.2.2). [RFC7234], Section 4.2.2).
Note: This status code is similar to 301 (Moved Permanently) Note: This status code is similar to 301 (Moved Permanently)
([RFC7231], Section 6.4.2), except that it does not allow changing ([RFC7231], Section 6.4.2), except that it does not allow changing
the request method from POST to GET. the request method from POST to GET.
4. Deployment Considerations 4. Deployment Considerations
Section 6 of [RFC7231] requires recipients to treat unknown 3xx Section 6 of [RFC7231] requires recipients to treat unknown 3xx
status codes the same way as status code 300 Multiple Choices status codes the same way as status code 300 (Multiple Choices)
([RFC7231], Section 6.4.1). Thus, servers will not be able to rely ([RFC7231], Section 6.4.1). Thus, servers will not be able to rely
on automatic redirection happening similar to status codes 301, 302, on automatic redirection happening similar to status codes 301, 302,
or 307. or 307.
Therefore, the use of status code 308 is restricted to cases where Therefore, the use of status code 308 is restricted to cases where
the server has sufficient confidence in the client's understanding the server has sufficient confidence in the client's understanding
the new code or when a fallback to the semantics of status code 300 the new code or when a fallback to the semantics of status code 300
is not problematic. Server implementers are advised not to vary the is not problematic. Server implementers are advised not to vary the
status code based on characteristics of the request, such as the status code based on characteristics of the request, such as the
User-Agent header field ("User-Agent Sniffing") -- doing so usually User-Agent header field ("User-Agent Sniffing") -- doing so usually
results in code that is both hard to maintain and hard to debug and results in code that is both hard to maintain and hard to debug and
would also require special attention to caching (i.e., setting a would also require special attention to caching (i.e., setting a
"Vary" response header field, as defined in Section 7.1.4 of "Vary" response header field, as defined in Section 7.1.4 of
[RFC7231]). [RFC7231]).
Note that many existing HTML-based user agents will emulate a refresh Note that many existing HTML-based user agents will emulate a refresh
when encountering an HTML <meta> refresh directive ([HTML], Section when encountering an HTML <meta> refresh directive ([HTML],
4.2.5.3). This can be used as another fallback. For example: Section 4.2.5.3). This can be used as another fallback. For
example:
Client request: Client request:
GET / HTTP/1.1 GET / HTTP/1.1
Host: example.com Host: example.com
Server response: Server response:
HTTP/1.1 308 Permanent Redirect HTTP/1.1 308 Permanent Redirect
Content-Type: text/html; charset=UTF-8 Content-Type: text/html; charset=UTF-8
skipping to change at page 5, line 33 skipping to change at page 4, line 43
>http://example.com/new</a>. >http://example.com/new</a>.
</p> </p>
</body> </body>
</html> </html>
5. Security Considerations 5. Security Considerations
All security considerations that apply to HTTP redirects apply to the All security considerations that apply to HTTP redirects apply to the
308 status code as well (see Section 9 of [RFC7231]). 308 status code as well (see Section 9 of [RFC7231]).
Unsecured communication over the Internet is subject to man in the Unsecured communication over the Internet is subject to man-in-the-
middle modification of messages, including changing status codes or middle modification of messages, including changing status codes or
redirect targets. Use of TLS is one way to mitigate those attacks. redirect targets. Use of Transport Layer Security (TLS) is one way
See Section 9 of [RFC7230] for related attacks on authority and to mitigate those attacks. See Section 9 of [RFC7230] for related
message integrity. attacks on authority and message integrity.
6. IANA Considerations 6. IANA Considerations
The "Hypertext Transfer Protocol (HTTP) Status Code Registry" The "Hypertext Transfer Protocol (HTTP) Status Code Registry"
(defined in Section 8.2 of [RFC7231] and located at (defined in Section 8.2 of [RFC7231] and located at
<http://www.iana.org/assignments/http-status-codes>) needs to be <http://www.iana.org/assignments/http-status-codes>) has been updated
updated with the registration below: to reference this specification.
+-------+--------------------+---------------------------------+
| Value | Description | Reference |
+-------+--------------------+---------------------------------+
| 308 | Permanent Redirect | Section 3 of this specification |
+-------+--------------------+---------------------------------+
7. Acknowledgements
The definition for the new status code 308 reuses text from the
HTTP/1.1 definitions of status codes 301 and 307.
Furthermore, thanks to Ben Campbell, Cyrus Daboo, Adrian Farrell, +-------+--------------------+----------------------------------+
Eran Hammer-Lahav, Bjoern Hoehrmann, Barry Leiba, Subramanian | Value | Description | Reference |
Moonesamy, Kathleen Moriarty, Peter Saint-Andre, Robert Sparks, and +-------+--------------------+----------------------------------+
Roy Fielding for feedback on this document. | 308 | Permanent Redirect | Section 3 of this specification |
+-------+--------------------+----------------------------------+
8. References 7. References
8.1. Normative References 7.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66, Resource Identifier (URI): Generic Syntax", STD 66, RFC
RFC 3986, January 2005. 3986, January 2005,
<http://www.rfc-editor.org/info/rfc3986>.
[RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer [RFC7230] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
Protocol (HTTP/1.1): Message Syntax and Routing", Protocol (HTTP/1.1): Message Syntax and Routing", RFC
RFC 7230, June 2014. 7230, June 2014, <http://www.rfc-editor.org/info/rfc7230>.
[RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
Protocol (HTTP/1.1): Semantics and Content", RFC 7231, Protocol (HTTP/1.1): Semantics and Content", RFC 7231,
June 2014. June 2014, <http://www.rfc-editor.org/info/rfc7231>.
[RFC7234] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, [RFC7234] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching", Ed., "Hypertext Transfer Protocol (HTTP/1.1): Caching",
RFC 7234, June 2014. RFC 7234, June 2014,
<http://www.rfc-editor.org/info/rfc7234>.
8.2. Informative References 7.2. Informative References
[HTML] Hickson, I., Berjon, R., Faulkner, S., Leithead, T., Doyle [HTML] Hickson, I., Berjon, R., Faulkner, S., Leithead, T., Doyle
Navara, E., O'Connor, E., and S. Pfeiffer, "HTML5", W3C Navara, E., O'Connor, E., and S. Pfeiffer, "HTML5", W3C
Recommendation REC-html5-20141028, October 2014, Recommendation REC-html5-20141028, October 2014,
<http://www.w3.org/TR/2014/REC-html5-20141028/>. <http://www.w3.org/TR/2014/REC-html5-20141028/>.
Latest version available at <http://www.w3.org/TR/html5/>. Latest version available at <http://www.w3.org/TR/html5/>.
Acknowledgements
The definition for the new status code 308 reuses text from the
HTTP/1.1 definitions of status codes 301 and 307.
Furthermore, thanks to Ben Campbell, Cyrus Daboo, Adrian Farrell,
Eran Hammer-Lahav, Bjoern Hoehrmann, Barry Leiba, Subramanian
Moonesamy, Kathleen Moriarty, Peter Saint-Andre, Robert Sparks, and
Roy Fielding for feedback on this document.
Author's Address Author's Address
Julian F. Reschke Julian F. Reschke
greenbytes GmbH greenbytes GmbH
Hafenweg 16 Hafenweg 16
Muenster, NW 48155 Muenster, NW 48155
Germany Germany
EMail: julian.reschke@greenbytes.de EMail: julian.reschke@greenbytes.de
URI: http://greenbytes.de/tech/webdav/ URI: http://greenbytes.de/tech/webdav/
 End of changes. 22 change blocks. 
63 lines changed or deleted 64 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/