* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Changeset 1152


Ignore:
Timestamp:
2011-03-06 03:01:07 (3 years ago)
Author:
julian.reschke@gmx.de
Message:

use RFC2119 keywords when discussing handling the filename parameter (see #278)

Location:
draft-ietf-httpbis-content-disp/latest
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis-content-disp/latest/draft-ietf-httpbis-content-disp.html

    r1145 r1152  
    371371  }  
    372372  @bottom-center { 
    373        content: "Expires September 2, 2011";  
     373       content: "Expires September 7, 2011";  
    374374  }  
    375375  @bottom-right { 
     
    412412      <meta name="dct.creator" content="Reschke, J. F."> 
    413413      <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-content-disp-latest"> 
    414       <meta name="dct.issued" scheme="ISO8601" content="2011-03-01"> 
     414      <meta name="dct.issued" scheme="ISO8601" content="2011-03-06"> 
    415415      <meta name="dct.abstract" content="RFC 2616 defines the Content-Disposition response header field, but points out that it is not part of the HTTP/1.1 Standard. This specification takes over the definition and registration of Content-Disposition, as used in HTTP, and clarifies internationalization aspects."> 
    416416      <meta name="description" content="RFC 2616 defines the Content-Disposition response header field, but points out that it is not part of the HTTP/1.1 Standard. This specification takes over the definition and registration of Content-Disposition, as used in HTTP, and clarifies internationalization aspects."> 
     
    430430               <td class="left">Updates: <a href="http://tools.ietf.org/html/rfc2616">2616</a> (if approved) 
    431431               </td> 
    432                <td class="right">March 1, 2011</td> 
     432               <td class="right">March 6, 2011</td> 
    433433            </tr> 
    434434            <tr> 
     
    437437            </tr> 
    438438            <tr> 
    439                <td class="left">Expires: September 2, 2011</td> 
     439               <td class="left">Expires: September 7, 2011</td> 
    440440               <td class="right"></td> 
    441441            </tr> 
     
    466466         in progress”. 
    467467      </p> 
    468       <p>This Internet-Draft will expire on September 2, 2011.</p> 
     468      <p>This Internet-Draft will expire on September 7, 2011.</p> 
    469469      <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1> 
    470470      <p>Copyright © 2011 IETF Trust and the persons identified as the document authors. All rights reserved.</p> 
     
    638638         <li> 
    639639            <p>Many platforms do not use Internet Media Types (<a href="#RFC2046" id="rfc.xref.RFC2046.1"><cite title="Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types">[RFC2046]</cite></a>) to hold type information in the file system, but rely on filename extensions instead. Trusting the server-provided file 
    640                extension could introduce a privilege escalation when the saved file is later opened (consider ".exe"). Thus, recipients need 
    641                to ensure that a file extension is used that is safe, optimally matching the media type of the received payload. 
     640               extension could introduce a privilege escalation when the saved file is later opened (consider ".exe"). Thus, recipients <em class="bcp14">SHOULD</em> ensure that a file extension is used that is safe, optimally matching the media type of the received payload. 
    642641            </p> 
    643642         </li> 
    644643         <li> 
    645             <p>Recipients are advised to strip or replace character sequences that are known to cause confusion both in user interfaces and 
    646                in filenames, such as control characters and leading and trailing whitespace. 
     644            <p>Recipients <em class="bcp14">SHOULD</em> strip or replace character sequences that are known to cause confusion both in user interfaces and in filenames, such as control 
     645               characters and leading and trailing whitespace. 
    647646            </p> 
    648647         </li> 
    649648         <li> 
    650649            <p>Other aspects recipients need to be aware of are names that have a special meaning in the file system or in shell commands, 
    651                such as "." and "..", "~", "|", and also device names. 
     650               such as "." and "..", "~", "|", and also device names. Recipients <em class="bcp14">SHOULD</em> ignore or substitute names like these. 
    652651            </p> 
    653652         </li> 
     
    10191018      <p id="rfc.section.E.10.p.2">Added appendix "Advice on Generating Content-Disposition Header Fields".</p> 
    10201019      <h2 id="rfc.section.E.11"><a href="#rfc.section.E.11">E.11</a>&nbsp;<a id="changes.since.06" href="#changes.since.06">Since draft-ietf-httpbis-content-disp-06</a></h2> 
    1021       <p id="rfc.section.E.11.p.1">None yet.</p> 
     1020      <p id="rfc.section.E.11.p.1">Closed issues: </p> 
     1021      <ul> 
     1022         <li> &lt;<a href="http://trac.tools.ietf.org/wg/httpbis/trac/ticket/278">http://trac.tools.ietf.org/wg/httpbis/trac/ticket/278</a>&gt;: "conformance language" 
     1023         </li> 
     1024      </ul> 
    10221025      <h1 id="rfc.index"><a href="#rfc.index">Index</a></h1> 
    10231026      <p class="noprint"><a href="#rfc.index.C">C</a> <a href="#rfc.index.H">H</a> <a href="#rfc.index.I">I</a> <a href="#rfc.index.R">R</a>  
  • draft-ietf-httpbis-content-disp/latest/draft-ietf-httpbis-content-disp.xml

    r1145 r1152  
    262262      extensions instead. Trusting the server-provided file extension could 
    263263      introduce a privilege escalation when the saved file is later opened  
    264       (consider ".exe"). Thus, recipients need to ensure that a file extension 
     264      (consider ".exe"). Thus, recipients &SHOULD; ensure that a file extension 
    265265      is used that is safe, optimally matching the media type of the received 
    266266      payload. 
    267267    </t></x:lt> 
    268268    <x:lt><t> 
    269       Recipients are advised to strip or replace character sequences that are 
     269      Recipients &SHOULD; strip or replace character sequences that are 
    270270      known to cause confusion both in user interfaces and in filenames, such as 
    271271      control characters and leading and trailing whitespace. 
     
    274274      Other aspects recipients need to be aware of are names that have a  
    275275      special meaning in the file system or in shell commands, such as "." and "..", 
    276       "~", "|", and also device names. 
     276      "~", "|", and also device names. Recipients &SHOULD; ignore or substitute 
     277      names like these. 
    277278    </t></x:lt> 
    278279  </list> 
     
    10401041<section title="Since draft-ietf-httpbis-content-disp-06" anchor="changes.since.06"> 
    10411042<t> 
    1042   None yet. 
     1043  Closed issues: 
     1044  <list style="symbols"> 
     1045     <t> 
     1046      <eref target="http://trac.tools.ietf.org/wg/httpbis/trac/ticket/278"/>: 
     1047      "conformance language" 
     1048    </t> 
     1049  </list> 
    10431050</t> 
    10441051</section> 
Note: See TracChangeset for help on using the changeset viewer.