* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Ticket #123: i123.diff

File i123.diff, 7.8 KB (added by julian.reschke@gmx.de, 4 years ago)

proposed patch for part 3

  • p3-payload.xml

     
    303303</t> 
    304304 
    305305<section title="Core Rules" anchor="core.rules"> 
    306   <x:anchor-alias value="quoted-string"/> 
    307306  <x:anchor-alias value="token"/> 
    308307  <x:anchor-alias value="word"/> 
    309308  <x:anchor-alias value="OWS"/> 
     
    311310  The core rules below are defined in &basic-rules;: 
    312311</t> 
    313312<figure><artwork type="abnf2616"> 
    314   <x:ref>quoted-string</x:ref>  = &lt;quoted-string, defined in &basic-rules;&gt; 
    315313  <x:ref>token</x:ref>          = &lt;token, defined in &basic-rules;&gt; 
    316314  <x:ref>word</x:ref>           = &lt;word, defined in &basic-rules;&gt; 
    317315  <x:ref>OWS</x:ref>            = &lt;OWS, defined in &basic-rules;&gt; 
     
    16381636   <c> 
    16391637      <xref target="header.accept-language"/> 
    16401638   </c> 
    1641    <c>Content-Disposition</c> 
    1642    <c>http</c> 
    1643    <c>standard</c> 
    1644    <c> 
    1645       <xref target="content-disposition"/> 
    1646    </c> 
    16471639   <c>Content-Encoding</c> 
    16481640   <c>http</c> 
    16491641   <c>standard</c> 
     
    17761768</t> 
    17771769</section> 
    17781770 
    1779 <section title="Content-Disposition Issues" anchor="content-disposition.issues"> 
    1780 <t> 
    1781    <xref target="RFC2183"/>, from which the often implemented Content-Disposition 
    1782    (see <xref target="content-disposition"/>) header in HTTP is derived, has a number of very 
    1783    serious security considerations. Content-Disposition is not part of 
    1784    the HTTP standard, but since it is widely implemented, we are 
    1785    documenting its use and risks for implementors. See <xref target="RFC2183" x:fmt="of" x:sec="5"/> 
    1786    for details. 
    1787 </t> 
    17881771</section> 
    17891772 
    1790 </section> 
    1791  
    17921773<section title="Acknowledgments" anchor="ack"> 
    17931774</section> 
    17941775</middle> 
     
    23032284  <seriesInfo name="RFC" value="2076"/> 
    23042285</reference> 
    23052286 
    2306 <reference anchor="RFC2183"> 
    2307   <front> 
    2308     <title abbrev="Content-Disposition">Communicating Presentation Information in Internet Messages: The Content-Disposition Header Field</title> 
    2309     <author initials="R." surname="Troost" fullname="Rens Troost"> 
    2310       <organization>New Century Systems</organization> 
    2311       <address><email>rens@century.com</email></address> 
    2312     </author> 
    2313     <author initials="S." surname="Dorner" fullname="Steve Dorner"> 
    2314       <organization>QUALCOMM Incorporated</organization> 
    2315       <address><email>sdorner@qualcomm.com</email></address> 
    2316     </author> 
    2317     <author initials="K." surname="Moore" fullname="Keith Moore"> 
    2318       <organization>Department of Computer Science</organization> 
    2319       <address><email>moore@cs.utk.edu</email></address> 
    2320     </author> 
    2321     <date month="August" year="1997"/> 
    2322   </front> 
    2323   <seriesInfo name="RFC" value="2183"/> 
    2324 </reference> 
    2325  
    23262287<reference anchor="RFC2277"> 
    23272288  <front> 
    23282289    <title abbrev="Charset Policy">IETF Policy on Character Sets and Languages</title> 
     
    26882649   A number of other headers, such as Content-Disposition and Title, 
    26892650   from SMTP and MIME are also often implemented (see <xref target="RFC2076"/>). 
    26902651</t> 
    2691  
    2692 <section title="Content-Disposition" anchor="content-disposition"> 
    2693 <iref item="Headers" subitem="Content-Disposition" primary="true" x:for-anchor=""/> 
    2694 <iref item="Content-Disposition header" primary="true" x:for-anchor=""/> 
    2695   <x:anchor-alias value="content-disposition"/> 
    2696   <x:anchor-alias value="content-disposition-v"/> 
    2697   <x:anchor-alias value="disposition-type"/> 
    2698   <x:anchor-alias value="disposition-parm"/> 
    2699   <x:anchor-alias value="disp-extension-parm"/> 
    2700   <x:anchor-alias value="disp-extension-token"/> 
    2701   <x:anchor-alias value="filename-parm"/> 
    2702 <t> 
    2703    The "Content-Disposition" response-header field has been proposed as a 
    2704    means for the origin server to suggest a default filename if the user 
    2705    requests that the content is saved to a file. This usage is derived 
    2706    from the definition of Content-Disposition in <xref target="RFC2183"/>. 
    2707 </t> 
    2708 <figure><artwork type="abnf2616"><iref primary="true" item="Grammar" subitem="content-disposition"/><iref primary="true" item="Grammar" subitem="content-disposition-v"/><iref primary="true" item="Grammar" subitem="disposition-type"/><iref primary="true" item="Grammar" subitem="disposition-parm"/><iref primary="true" item="Grammar" subitem="filename-parm"/><iref primary="true" item="Grammar" subitem="disp-extension-token"/><iref primary="true" item="Grammar" subitem="disp-extension-parm"/> 
    2709   <x:ref>content-disposition</x:ref> = "Content-Disposition" ":" <x:ref>OWS</x:ref> 
    2710                         <x:ref>content-disposition-v</x:ref> 
    2711   <x:ref>content-disposition-v</x:ref> = <x:ref>disposition-type</x:ref> 
    2712                           *( <x:ref>OWS</x:ref> ";" <x:ref>OWS</x:ref> <x:ref>disposition-parm</x:ref> ) 
    2713   <x:ref>disposition-type</x:ref> = "attachment" / <x:ref>disp-extension-token</x:ref> 
    2714   <x:ref>disposition-parm</x:ref> = <x:ref>filename-parm</x:ref> / <x:ref>disp-extension-parm</x:ref> 
    2715   <x:ref>filename-parm</x:ref> = "filename" "=" <x:ref>quoted-string</x:ref> 
    2716   <x:ref>disp-extension-token</x:ref> = <x:ref>token</x:ref> 
    2717   <x:ref>disp-extension-parm</x:ref> = <x:ref>token</x:ref> "=" <x:ref>word</x:ref> 
    2718 </artwork></figure> 
    2719 <t> 
    2720    An example is 
    2721 </t> 
    2722 <figure><artwork type="example"> 
    2723   Content-Disposition: attachment; filename="fname.ext" 
    2724 </artwork></figure> 
    2725 <t> 
    2726    The receiving user agent &SHOULD-NOT;  respect any directory path 
    2727    information present in the filename-parm parameter, which is the only 
    2728    parameter believed to apply to HTTP implementations at this time. The 
    2729    filename &SHOULD; be treated as a terminal component only. 
    2730 </t> 
    2731 <t> 
    2732    If this header is used in a response with the application/octet-stream 
    2733    content-type, the implied suggestion is that the user agent 
    2734    should not display the response, but directly enter a "save response 
    2735    as..." dialog. 
    2736 </t> 
    2737 <t> 
    2738    See <xref target="content-disposition.issues"/> for Content-Disposition security issues. 
    2739 </t> 
    27402652</section> 
    2741 </section> 
    27422653 
    27432654<section title="Changes from RFC 2616" anchor="changes.from.rfc.2616"> 
    27442655<t> 
     
    28092720<x:ref>charset</x:ref> = token 
    28102721<x:ref>codings</x:ref> = ( content-coding / "*" ) 
    28112722<x:ref>content-coding</x:ref> = token 
    2812 <x:ref>content-disposition</x:ref> = "Content-Disposition:" OWS 
    2813  content-disposition-v 
    2814 <x:ref>content-disposition-v</x:ref> = disposition-type *( OWS ";" OWS 
    2815  disposition-parm ) 
    28162723 
    2817 <x:ref>disp-extension-parm</x:ref> = token "=" word 
    2818 <x:ref>disp-extension-token</x:ref> = token 
    2819 <x:ref>disposition-parm</x:ref> = filename-parm / disp-extension-parm 
    2820 <x:ref>disposition-type</x:ref> = "attachment" / disp-extension-token 
    2821  
    2822 <x:ref>filename-parm</x:ref> = "filename=" quoted-string 
    2823  
    28242724<x:ref>language-range</x:ref> = &lt;language-range, defined in [RFC4647], Section 2.1&gt; 
    28252725<x:ref>language-tag</x:ref> = &lt;Language-Tag, defined in [RFC5646], Section 2.1&gt; 
    28262726 
     
    28312731<x:ref>parameter</x:ref> = attribute "=" value 
    28322732<x:ref>partial-URI</x:ref> = &lt;partial-URI, defined in [Part1], Section 2.6&gt; 
    28332733 
    2834 <x:ref>quoted-string</x:ref> = &lt;quoted-string, defined in [Part1], Section 1.2.2&gt; 
    28352734<x:ref>qvalue</x:ref> = &lt;qvalue, defined in [Part1], Section 6.4&gt; 
    28362735 
    28372736<x:ref>subtype</x:ref> = token 
     
    28592758; Expires defined but not used 
    28602759; Last-Modified defined but not used 
    28612760; MIME-Version defined but not used 
    2862 ; content-disposition defined but not used 
    28632761</artwork></figure></section> 
    28642762<?ENDINC p3-payload.abnf-appendix ?> 
    28652763 
     
    32153113 
    32163114<section title="Since draft-ietf-httpbis-p3-payload-11" anchor="changes.since.11"> 
    32173115<t> 
    3218   None yet. 
     3116  Closed issues: 
     3117  <list style="symbols">  
     3118    <t> 
     3119      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/123"/>: 
     3120      "Factor out Content-Disposition" 
     3121    </t> 
     3122  </list> 
    32193123</t> 
    32203124</section> 
    32213125