Network Working Group
Internet Engineering Task Force (IETF)                        J. Reschke
Internet-Draft
Request for Comments: 7238                                    greenbytes
Intended status:
Category: Experimental                             March 26, 2012
Expires: September 27, 2012                                         June 2014
ISSN: 2070-1721

  The Hypertext Transfer Protocol (HTTP) Status Code 308 (Permanent Redirect)
                    draft-reschke-http-status-308-07

Abstract

   This document specifies the additional HyperText Hypertext Transfer Protocol
   (HTTP) Status Code status code 308 (Permanent Redirect).

Editorial Note (To be removed by RFC Editor before publication)

   Distribution

Status of this This Memo

   This document is unlimited.  Although this is not a
   work item of the HTTPbis Working Group, comments should be sent to
   the Hypertext Transfer Protocol (HTTP) mailing list at
   ietf-http-wg@w3.org [1], which may be joined by sending a message
   with subject "subscribe" to ietf-http-wg-request@w3.org [2].

   Discussions of the HTTPbis Working Group are archived at
   <http://lists.w3.org/Archives/Public/ietf-http-wg/>.

   XML versions, latest edits, and the issues list an Internet Standards Track specification; it is
   published for this document are
   available from
   <http://greenbytes.de/tech/webdav/#draft-reschke-http-status-308>.

   Test cases related to redirection in general examination, experimental implementation, and the status code 308
   in particular can be found at
   <http://greenbytes.de/tech/tc/httpredirects/#l-308>.

Status of
   evaluation.

   This Memo document defines an Experimental Protocol for the Internet
   community.  This Internet-Draft document is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents a product of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list  It represents the consensus of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid the IETF
   community.  It has received public review and has been approved for
   publication by the Internet Engineering Steering Group (IESG).  Not
   all documents approved by the IESG are a maximum candidate for any level of
   Internet Standard; see Section 2 of RFC 5741.

   Information about the current status of six months this document, any errata,
   and how to provide feedback on it may be updated, replaced, or obsoleted by other documents obtained at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."
   This Internet-Draft will expire on September 27, 2012.
   http://www.rfc-editor.org/info/rfc7238.

Copyright Notice

   Copyright (c) 2012 2014 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
   2.  Notational Conventions  . . . . . . . . . . . . . . . . . . . . 3
   3.  308 Permanent Redirect  . . . . . . . . . . . . . . . . . . . . 3
   4.  Deployment Considerations . . . . . . . . . . . . . . . . . . . 4
   5.  Security Considerations . . . . . . . . . . . . . . . . . . . . 5
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
   7.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . 5
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . . . 6
     8.1.  Normative References  . . . . . . . . . . . . . . . . . . . 6
     8.2.  Informative References  . . . . . . . . . . . . . . . . . . 6
   Appendix A.  Implementations (to be removed by RFC Editor
                before publication)  . . . . . . . . Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . 7
   Appendix B.  Change Log (to be removed by RFC Editor before
                publication) . . . . . . . . . . . . . . . . 3
   2.  Notational Conventions  . . . . . 7
     B.1.  Since draft-reschke-http-status-308-00 . . . . . . . . . . 7
     B.2.  Since draft-reschke-http-status-308-01 . . . . . 3
   3.  308 Permanent Redirect  . . . . . 7
     B.3.  Since draft-reschke-http-status-308-02 . . . . . . . . . . 7
     B.4.  Since draft-reschke-http-status-308-03 . . . . . 3
   4.  Deployment Considerations . . . . . 7
     B.5.  Since draft-reschke-http-status-308-04 . . . . . . . . . . 7
     B.6.  Since draft-reschke-http-status-308-05 . . . . 4
   5.  Security Considerations . . . . . . 8
     B.7.  Since draft-reschke-http-status-308-06 . . . . . . . . . . 8
   Appendix C.  Resolved issues (to be removed by RFC Editor
                before publication) . . . . 5
   6.  IANA Considerations . . . . . . . . . . . . . 8
     C.1.  consistency307 . . . . . . . . . 5
   7.  Acknowledgements  . . . . . . . . . . . . . 8
     C.2.  sniffing . . . . . . . . . . 5
   8.  References  . . . . . . . . . . . . . . . 8
   Appendix D.  Open issues (to be removed by RFC Editor prior to
                publication) . . . . . . . . . . . 6
     8.1.  Normative References  . . . . . . . . . . 8
     D.1.  edit . . . . . . . . . 6
     8.2.  Informative References  . . . . . . . . . . . . . . . . . . 8 6

1.  Introduction

   HTTP defines a set of status codes for the purpose of redirecting a
   request to a different URI ([RFC3986]).  The history of these status
   codes is summarized in Section 7.3 6.4 of
   [draft-ietf-httpbis-p2-semantics], [RFC7231], which also
   classifies the existing status codes into four categories.

   The first of these categories contains the status codes 301 (Moved
   Permanently), 302 (Found), and 307 (Temporary Redirect), which can be
   classified as below:

   +-------------------------------------------+-----------+-----------+
   |                                           | Permanent | Temporary |
   +-------------------------------------------+-----------+-----------+
   | Allows changing the request method from   | 301       | 302       |
   | POST to GET                               |           |           |
   | Does not allow changing the request       | -         | 307       |
   | method from POST to GET                   |           |           |
   +-------------------------------------------+-----------+-----------+

   Section 7.3.7 6.4.7 of [draft-ietf-httpbis-p2-semantics] [RFC7231] states that HTTP does not define a
   permanent variant of status code 307; this specification adds the
   status code 308, defining this missing variant (Section 3).

2.  Notational Conventions

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

3.  308 Permanent Redirect

   The 308 (Permanent Redirect) status code indicates that the target
   resource has been assigned a new permanent URI and any future
   references to this resource SHOULD ought to use one of the returned enclosed URIs.

   Clients with link editing capabilities ought to automatically re-link
   references to the effective request URI (Section 5.5 of
   [draft-ietf-httpbis-p1-messaging]) [RFC7230]) to
   one or more of the new references returned sent by the server, where possible.

   Caches MAY use

   The server SHOULD generate a heuristic (see [draft-ietf-httpbis-p6-cache], Location header field ([RFC7231],
   Section 2.3.1.1) to determine freshness 7.1.2) in the response containing a preferred URI reference
   for 308 responses.

   The the new permanent URI SHOULD be given by URI.  The user agent MAY use the Location field in the
   response ([draft-ietf-httpbis-p2-semantics], Section 10.5).  A
   value for automatic redirection.  The server's response payload can contain
   usually contains a short hypertext note with a hyperlink to the new
   URI(s).

   A 308 response is cacheable by default; i.e., unless otherwise
   indicated by the method definition or explicit cache controls (see
   [RFC7234], Section 4.2.2).

      Note: This status code is similar to 301 Moved Permanently
      (Section 7.3.2 of [draft-ietf-httpbis-p2-semantics]), (Moved Permanently)
      ([RFC7231], Section 6.4.2), except that it does not allow rewriting changing
      the request method from POST to GET.

4.  Deployment Considerations

   Section 4 6 of [draft-ietf-httpbis-p2-semantics] [RFC7231] requires recipients to treat unknown 3xx
   status codes the same way as status code 300 Multiple Choices ([draft-ietf-httpbis-p2-semantics],
   ([RFC7231], Section 7.3.1). 6.4.1).  Thus, servers will not be able to rely
   on automatic redirection happening similar to status codes 301, 302,
   or 307.

   Therefore, initial use of status code 308 will be restricted to cases
   where the server has sufficient confidence in the clients client's
   understanding the new code, code or when a fallback to the semantics of
   status code 300 is not problematic.  Server implementers are advised
   not to vary the status code based on characteristics of the request,
   such as the User-Agent header field ("User-Agent Sniffing") -- doing
   so usually results in code that is both hard to maintain and hard to
   debug code and would also require special attention to caching (i.e.,
   setting a "Vary" response header field, as defined in Section 3.5 7.1.4
   of
   [draft-ietf-httpbis-p6-cache]). [RFC7231]).

   Note that many existing HTML-based user agents will emulate a refresh
   when encountering an HTML <meta> refresh directive ([HTML]).  This
   can be used as another fallback.  For example:

   Client request:

     GET / HTTP/1.1
     Host: example.com
   Server response:

     HTTP/1.1 308 Permanent Redirect
     Content-Type: text/html; charset=UTF-8
     Location: http://example.com/new
     Content-Length: 454

     <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
                           "http://www.w3.org/TR/html4/strict.dtd">
     <html>
        <head>
           <title>Permanent Redirect</title>
           <meta http-equiv="refresh"
                 content="0; url=http://example.com/new">
        </head>
        <body>
           <p>
              The document has been moved to
              <a href="http://example.com/new"
              >http://example.com/new</a>.
           </p>
        </body>
     </html>

5.  Security Considerations

   All security considerations that apply to HTTP redirects apply to the
   308 status code as well (see Section 12 9 of
   [draft-ietf-httpbis-p2-semantics]). [RFC7231]).

6.  IANA Considerations

   The registration below shall be has been added to the HTTP "Hypertext Transfer
   Protocol (HTTP) Status Code
   Registry Registry" (defined in Section 4.2 8.2 of [draft-ietf-httpbis-p2-semantics]
   [RFC7231] and located at
   <http://www.iana.org/assignments/http-status-codes>):

   +-------+--------------------+---------------------------------+
   | Value | Description        | Reference                       |
   +-------+--------------------+---------------------------------+
   | 308   | Permanent Redirect | Section 3 of this specification |
   +-------+--------------------+---------------------------------+

7.  Acknowledgements

   The definition for the new status code 308 re-uses reuses text from the
   HTTP/1.1 definitions of status codes 301 and 307.

   Furthermore, thanks to Ben Campbell, Cyrus Daboo, Eran Hammer-Lahav,
   Bjoern Hoehrmann, Subramanian Moonesamy, Peter Saint-Andre, and
   Robert Sparks for feedback on this document.

8.  References

8.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC3986]  Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
              Resource Identifier (URI): Generic Syntax", STD 66,
              RFC 3986, January 2005.

   [draft-ietf-httpbis-p1-messaging]

   [RFC7230]  Fielding, R., Ed., Lafon, Y., Ed., Ed. and J. Reschke, Ed., "HTTP/1.1,
                                      part 1: URIs, Connections, and "Hypertext Transfer
              Protocol (HTTP/1.1): Message Parsing",
                                      draft-ietf-httpbis-p1-messaging-19
                                      (work in progress), March 2012.

   [draft-ietf-httpbis-p2-semantics] Syntax and Routing",
              RFC 7230, June 2014.

   [RFC7231]  Fielding, R., Ed., Lafon, Y., Ed., Ed. and J. Reschke, Ed., "HTTP/1.1,
                                      part 2: Message Semantics",
                                      draft-ietf-httpbis-p2-semantics-19
                                      (work in progress), March 2012.

   [draft-ietf-httpbis-p6-cache] "Hypertext Transfer
              Protocol (HTTP/1.1): Semantics and Content", RFC 7231,
              June 2014.

   [RFC7234]  Fielding, R., Ed., Lafon, Y., Ed., Nottingham, M., Ed., and J. Reschke,
              Ed., "HTTP/1.1, part 6: "Hypertext Transfer Protocol (HTTP/1.1): Caching",
                                      draft-ietf-httpbis-p6-cache-19
                                      (work in progress), March 2012.
              RFC 7234, June 2014.

8.2.  Informative References

   [HTML]     Raggett, D., Le Hors, A., and I. Jacobs, "HTML 4.01
              Specification", W3C Recommendation REC-html401-
                                      19991224, REC-html401-19991224,
              December 1999, <http://
                                      www.w3.org/TR/1999/
                                      REC-html401-19991224>.
              <http://www.w3.org/TR/1999/REC-html401-19991224>.

              Latest version available at
              <http://www.w3.org/TR/html401>.

URIs

   [1]  <mailto:ietf-http-wg@w3.org>

   [2]  <mailto:ietf-http-wg-request@w3.org?subject=subscribe>

Appendix A.  Implementations (to be removed by RFC Editor before
             publication)

   Chrome: Feature requested in Chromium Issue 109012
   (<http://code.google.com/p/chromium/issues/detail?id=109012>).

   Curl (the library): no change was needed (test case:
   <https://github.com/bagder/curl/blob/master/tests/data/test1325>).

   Firefox: now in "nightly" builds, scheduled for release in Firefox 14
   (see <https://bugzilla.mozilla.org/show_bug.cgi?id=714302>).

   Safari: automatically redirects 3xx status codes when a Location
   header field is present, but does not preserve the request method.

Appendix B.  Change Log (to be removed by RFC Editor before publication)

B.1.  Since draft-reschke-http-status-308-00

   Updated HTTPbis reference.  Added Appendix A.  Added and resolved
   issue "refresh".

B.2.  Since draft-reschke-http-status-308-01

   Added URI spec reference.

B.3.  Since draft-reschke-http-status-308-02

   Tune HTML example.  Expand "Implementations" section.  Added and
   resolved issue "respformat" (align with new proposed text for 307 in
   HTTPbis P2).

B.4.  Since draft-reschke-http-status-308-03

   Added and resolved issue "uaconfirm".

B.5.  Since draft-reschke-http-status-308-04

   Added and resolved issue "missingconsiderations".  Added request
   message to example.  Updated the Safari implementation note.

B.6.  Since draft-reschke-http-status-308-05

   Add informative HTML reference.  Update HTTPbis references.

B.7.  Since draft-reschke-http-status-308-06

   Added and resolved issues "consistency307" and "sniffing".  Updated
   Firefox implementation status.

Appendix C.  Resolved issues (to be removed by RFC Editor before
             publication)

   Issues that were either rejected or resolved in this version of this
   document.

C.1.  consistency307

   In Section 3:

   Type: edit

   ben@nostrum.com (2012-03-16): The 307 definition includes an explicit
   post about that behavior not being allowed.  Section 3 of this doc
   does neither.

   Resolution: Import (part of the) note from status code 307
   description.

C.2.  sniffing

   In Section 4:

   Type: edit

   rjsparks@nostrum.com (2012-03-15): Would it be worth adding something
   to the draft explicitily discouraging UA sniffing?  A reference to
   something that already explores why that's not a good idea perhaps?

   Resolution: Add advice not to attempt UA sniffing.

Appendix D.  Open issues (to be removed by RFC Editor prior to
             publication)

D.1.  edit

   Type: edit

   julian.reschke@greenbytes.de (2011-04-15): Umbrella issue for
   editorial fixes/enhancements.

Author's Address

   Julian F. Reschke
   greenbytes GmbH
   Hafenweg 16
   Muenster, NW  48155
   Germany

   EMail: julian.reschke@greenbytes.de
   URI:   http://greenbytes.de/tech/webdav/