WEBDAV Working Group J. Slein, Xerox INTERNET DRAFT J. Davis, Xerox T. Chihaya, DataChannel G. Clemm, Rational C. Fay, FileNet E.J. Whitehead Jr., UC Irvine April 5, 1999 Expires October 5, 1999 WebDAV Advanced Collections Protocol Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress". To view the list Internet-Draft Shadow Directories, see http://www.ietf.org/shadow.html. Distribution of this document is unlimited. Please send comments to the Distributed Authoring and Versioning (WebDAV) working group at , which may be joined by sending a message with subject "subscribe" to . Discussions of the WEBDAV working group are archived at URL: . Abstract The base WebDAV protocol [WebDAV] provides basic support for collections. It defines a MKCOL method for creating collections and specifies how other HTTP and WebDAV methods interact with collections. It supports internal members of collections, which it defines as URIs that are immediately relative to the URI of the collection. Many applications, however, need more powerful collections. There are two areas in particular where more powerful functionality is often needed: referential resources and ordering. This draft specifies extensions to the base WebDAV protocol to support these more powerful collections. Table of Contents 1 Notational Conventions......................................4 2 Terminology.................................................4 3 Introduction................................................5 4 Referential Resources.......................................6 4.1 Scope.......................................................6 Slein et al. Page 1 INTERNET-DRAFT WebDAV Collections Protocol April 1999 4.2 Overview....................................................6 4.3 Creating Referential Resources..............................8 4.3.1 The MKREF Method............................................8 4.3.2 Status Codes................................................8 4.3.3 Example: MKREF..............................................9 4.4 Listing Referential Members of a Collection.................9 4.4.1 Example: PROPFIND on a Collection with References..........10 4.4.2 Example: PROPFIND with No-Passthrough on a Collection with References.................................................12 4.5 Copying Referential Resources..............................15 4.5.1 COPY for Direct References.................................15 4.5.2 COPY for Redirect References...............................16 4.5.3 Example: COPY on a Direct Reference........................16 4.5.4 Example: COPY on a Redirect Reference......................16 4.5.5 Example: COPY on a Collection That Contains a Direct Reference and a Redirect Reference...................................17 4.6 Deleting and Moving Referential Resources..................17 4.7 Locking Referential Resources..............................18 4.7.1 LOCK on Direct References..................................19 4.7.2 LOCK on Redirect References................................19 4.7.3 Example: LOCK on a Direct Reference........................20 4.7.4 Example: LOCK on a Redirect Reference......................21 4.7.5 Example: LOCK on a Collection That Contains a Direct Reference and a Redirect Reference...................................21 4.8 Other WebDAV Operations on Redirect Referential Resources..22 4.8.1 Example: PROPPATCH on a Redirect Reference.................23 4.9 Other WebDAV Operations on Direct Referential Resources....23 4.9.1 Example: PROPPATCH on a Direct Reference...................23 4.10 HTTP Operations on Redirect Referential Resources..........23 4.10.1 Example: GET on a Redirect Reference.......................24 4.10.2 Example: GET on a Redirect Reference with No-Passthrough...24 4.11 HTTP Operations on Direct Referential Resources............24 4.11.1 Example: GET on a Direct Reference.........................25 4.11.2 Example: GET on a Direct Reference with No-Passthrough.....25 4.12 Operations on Targets of Referential Resources.............25 4.13 Discovering a Target's References..........................25 4.14 Behavior of Dangling Direct References.....................26 4.14.1 Example: PROPFIND on a Collection with a Dangling Direct Reference..................................................27 4.15 Chains of Direct References................................27 4.16 Relative URIs in Ref-Target and DAV:reftarget..............28 4.16.1 Example: Resolving a Relative URI in Ref-Target............28 4.16.2 Example: Resolving a Relative URI in DAV:reftarget.........29 4.17 URIs and References........................................30 5 Ordered Collections........................................30 5.1 Overview...................................................31 5.2 Creating an Ordered Collection.............................31 5.2.1 Overview...................................................31 5.2.2 Example: Creating an Ordered Collection....................32 Slein et al. Page 2 INTERNET-DRAFT WebDAV Collections Protocol April 1999 5.3 Setting the Position of a Collection Member................32 5.3.1 Overview...................................................32 5.3.2 Status Codes...............................................32 5.3.3 Examples: Setting the Position of a Collection Member......32 5.4 Changing the Semantics of a Collection Ordering............33 5.5 Changing the Position of a Collection Member...............33 5.5.1 The ORDERPATCH Method......................................33 5.5.2 Status Codes...............................................34 5.5.3 Example: Changing the Positions of Collection Members in the Ordering...................................................34 6 Headers....................................................35 6.1 Ref-Target Entity Header...................................35 6.2 Ref-Type Entity Header.....................................36 6.3 Ref-Integrity Request Header...............................36 6.4 No-Passthrough Request Header..............................37 6.5 Ordered Entity Header......................................37 6.6 Position Request Header....................................38 7 Properties.................................................38 7.1 reftarget Property.........................................38 7.2 refintegrity Property......................................39 7.3 reftype Property...........................................39 7.4 location Property..........................................39 7.5 references Property........................................40 7.6 orderingtype Property......................................40 8 XML Elements...............................................40 8.1 reference XML Element......................................40 8.2 direct XML Element.........................................40 8.3 redirect XML Element.......................................41 8.4 weak XML Element...........................................41 8.5 unordered XML Element......................................41 8.6 custom XML Element.........................................41 8.7 order XML Element..........................................41 8.8 ordermember XML Element....................................42 8.9 position XML Element.......................................42 8.10 first XML Element..........................................42 8.11 last XML Element...........................................42 8.12 before XML Element.........................................42 8.13 after XML Element..........................................43 8.14 options XML Element........................................43 8.15 refintegrityoptions XML Element............................43 8.16 orderingoptions XML Element................................43 8.17 do-not-enforce XML Element.................................44 9 Extensions to the DAV:response XML Element for Multi-Status Responses..................................................44 10 Capability Discovery.......................................44 10.1 Compliance Classes.........................................44 10.2 Example: Discovery of Compliance Classes...................45 10.3 Additional Advanced Collections Capabilities...............45 10.4 Example: Discovery of Referential Integrity Options........46 11 Dependencies on Other Specifications.......................47 12 Security Considerations....................................47 12.1 Privacy Concerns...........................................47 12.2 Redirect Loops.............................................47 12.3 References and Denial of Service...........................47 12.4 References May Reveal Private Locations....................47 Slein et al. Page 3 INTERNET-DRAFT WebDAV Collections Protocol April 1999 12.5 DAV:references and Denial of Service.......................48 12.6 DAV:references and Malicious Deletion of Resources.........48 12.7 Denial of Service and DAV:orderingtype.....................48 13 Internationalization Considerations........................48 14 IANA Considerations........................................49 15 Copyright..................................................49 16 Intellectual Property......................................49 17 Acknowledgements...........................................49 18 References.................................................49 18.1 Normative References.......................................49 18.2 Informational References...................................50 19 Authors' Addresses.........................................50 20 Appendices.................................................51 20.1 Appendix 1: Extensions to the WebDAV Document Type Definition.................................................51 20.2 Appendix 2: Summary of Method Semantics for References.....51 1 Notational Conventions Since this document describes a set of extensions to the HTTP/1.1 protocol, the augmented BNF used here to describe protocol elements is exactly the same as described in Section 2.1 of [HTTP]. Since this augmented BNF uses the basic production rules provided in Section 2.2 of [HTTP], these rules apply to this document as well. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2 Terminology The terminology used here follows and extends that in the base WebDAV protocol specification [WebDAV]. Collection A resource that contains a set of URIs, termed member URIs, which identify member resources Member URI A URI which is a member of the set of URIs contained by a collection Referential Resource (or Reference) A resource that has no body of its own (though it does have properties), but rather is a reference to another resource Ordinary Resource A resource that is not a reference to another resource Target Resource The resource referenced by a referential resource Direct Reference A reference that is resolved by the server without any client action, giving the client the illusion that it is operating directly on the target resource Slein et al. Page 4 INTERNET-DRAFT WebDAV Collections Protocol April 1999 Redirect Reference A reference that requires client action before it can be resolved, so that the client is aware that a reference is mediating between it and the target resource Strong Reference A reference whose referential integrity is enforced by the server Weak Reference A reference whose referential integrity is not enforced by the server Referential Integrity The integrity of a reference is preserved as long as it points to the same resource it pointed to when it was created. Its integrity may be destroyed if the target resource is moved without updating the reference to reflect its new location, or if the target resource is deleted. 3 Introduction The simple collections that the base WebDAV specification supports are powerful enough to be widely useful. They provide for the hierarchical organization of resources, with mechanisms for creating and deleting collections, copying and moving them, locking them, adding members to them and removing members from them, and getting listings of their members. Delete, copy, move, list, and lock operations can be applied recursively, so that a client can operate on whole hierarchies with a single request. Many applications, however, need more powerful collections. There are two areas in particular where more powerful functionality is often needed: references and ordering. References make it possible for many collections, on the same or different servers, to share the same resource. Because the collections share the resource by referencing it, only one physical copy of the resource need exist, and any changes made in the resource are visible from all the collections that reference it. It is useful for many applications to be able to impose an ordering on a collection. Orderings may be based on property values, but they may be completely independent of any properties on the resources identified by the collection's member URIs. Orderings based on properties can be obtained using a search protocol [DASL], but orderings not based on properties need some other mechanism. These orderings generally need to be maintained by a human user. The ordering protocol defined here focuses on support for such human-maintained orderings, but also allows for server-maintained orderings. Since these two areas are independent of each other, servers may elect to comply with the Referential Resources section of this specification or with the Ordered Collections section or both. A server that supports referencing MUST support redirect references, and MAY support direct Slein et al. Page 5 INTERNET-DRAFT WebDAV Collections Protocol April 1999 references. A server MUST advertise its compliance with particular parts of this specification through its response to an OPTIONS request, as specified in Section 10 below. 4 Referential Resources 4.1 Scope [CollReq] states requirements for 4 different kinds of references: weak references, strong references, redirect references, and direct references. This specification supports weak references, direct references, and redirect references, and is designed so that it can be extended to support strong references in the future. Strong references are references whose integrity is enforced by the server; weak references are those whose integrity is not enforced by the server. Strong references and weak references are both useful in different contexts. Some applications cannot tolerate broken links. A software development application, for example, must be able to rely on the integrity of references to component modules. Such applications must be able to request strong references. Other applications may want to reference target resources on multiple servers, where referential integrity cannot be enforced, and may be less concerned about possible broken references. Several considerations led to the decision not to support strong references in the current specification. First, there are many possible policies that applications and services might use in enforcing referential integrity. Some examples are: o Delete strong references when their targets are deleted. o Decline to delete targets of strong references. o Notify strong references when their targets have been deleted. o Replace strong references with copies of their targets before deleting the targets. There appears to be no common practice in this area. Moreover, some of the policies have significant security risks. o Moving a target of strong references could be a security risk to the owner of the target by revealing secret locations on the target's server. o A strong reference could be a security risk to the owner of the reference by revealing secret locations on his server. o The presence of strong references to resources on a server could make it impossible to reclaim space on that server by moving or deleting those target resources. These considerations together led to the decision not to support strong references in the short term. 4.2 Overview A referential resource is a resource that has no body of its own, but instead references another resource. The resource it references may Slein et al. Page 6 INTERNET-DRAFT WebDAV Collections Protocol April 1999 have a URI in the same collection as the reference, or in any other collection. This target resource may be a collection or a simple resource or another reference, or any other sort of resource that may be defined in the future. A resource may be the target of any number of referential resources. To make it possible to distinguish references from ordinary resources, a new value of the DAV:resourcetype property (defined in [WebDAV]) is added here. The DAV:resourcetype property of all references MUST have the new value DAV:reference (defined in Section 8.1 below). Redirect references are references that require action by the client before they can be resolved. They are simple for servers to implement, straightforward for clients to use, and have only limited security implications. Any server that complies with WebDAV referencing MUST provide redirect references. If the client is aware that it is operating on a redirect reference, it can resolve the reference by retrieving the reference's DAV:reftarget property (defined in Section 7.1 below), whose value is the URI of the target resource. It can then submit requests to the target resource. Otherwise, the client submits a request to the redirect reference. For most operations, the response is a 302 (Moved Temporarily), accompanied by the Ref-Type header (defined in Section 6.2 below) with the value "DAV:redirect" and the Location header with the URI of the target resource. The client can then resubmit the request to the URI of the target resource. A few operations, for reasons that will be explained, are exceptions to this general behavior. These exceptional operations are applied to the reference itself and do not result in a 302 response. Direct references, in contrast, are resolved automatically by the server. They give the client the illusion that it is operating directly on the target resource. These references are more complex for the server to implement, and raise additional security issues. Consequently, servers are not required to provide direct references in order to be compliant with WebDAV referencing. The default behavior of a direct reference is to apply most operations directly to its target, so that the client is not aware that a reference is mediating between it and the target resource. The exceptions are operations that affect membership in a collection rather than the state of the target resource. At present, the operations that fall into this category are DELETE and MOVE. These operations are applied to the reference itself rather than to its target, so that only the collection containing the reference is affected. The No-Passthrough request header (defined in Section 6.4 below) is also provided, to force an operation to be applied to the reference itself rather than its target. It can be used with most requests to direct or redirect references. This header is particularly useful with PROPFIND, to allow clients to view the reference's own properties. Ideally, non-referencing clients should be able to use both direct and redirect references. This goal is more difficult to meet for redirect references, since client action is required to resolve them. The Slein et al. Page 7 INTERNET-DRAFT WebDAV Collections Protocol April 1999 strategy of having redirect references respond to most requests with a 302 (Moved Temporarily), accompanied by the URI of the target resource in the Location header, fulfills this goal in most cases. To distinguish between direct and redirect references, a new property called DAV:reftype is defined in Section 7.3, with the values DAV:direct and DAV:redirect. Every referential resource MUST have the DAV:reftype property. The DAV:reftype property of a direct reference MUST have the value DAV:direct. The DAV:reftype property of a redirect reference MUST have the value DAV:redirect. Every referential resource MUST have the DAV:reftarget property (defined in Section 7.1), whose value is the URI of the reference’s target resource. Although strong references are not currently supported, a new property called DAV:refintegrity is defined in Section 7.2 in anticipation of future support for strong references. DAV:refintegrity will allow clients to distinguish between weak and strong references. All referential resources MUST have this property. Although the only value currently defined for DAV:refintegrity is DAV:weak, other values may be defined in the future, and servers MAY use extension values to identify their policy for enforcing referential integrity for that resource. 4.3 Creating Referential Resources 4.3.1 The MKREF Method Referential resources are created using the MKREF method. The request- URI of the MKREF request identifies the resource to be created. Several new headers are defined in this specification for use in MKREF requests: o The Ref-Target header (defined in Section 6.1) MUST be included in every MKREF request to identify the target resource of the new reference. o The Ref-Integrity header (defined in Section 6.3) MUST be included in every MKREF request to indicate whether and how referential integrity should be enforced for the new reference. o The Ref-Type header (defined in Section 6.2) MAY be included in MKREF requests to indicate whether a direct reference or a redirect reference is being created. o The Position request header (defined in Section 6.6) MAY be used in MKREF requests to indicate where the new reference is to be placed in its parent collection's ordering. MKREF requests MAY include an entity body. This specification does not define the body, but allows it for extensibility. If a MKREF request has a request-URI that identifies an existing resource, the request MUST fail. This behavior is analogous to the behavior of the MKCOL method [WebDAV]. 4.3.2 Status Codes Slein et al. Page 8 INTERNET-DRAFT WebDAV Collections Protocol April 1999 Client errors, and the appropriate response status codes, for MKREF include: 400 (Bad Request): The client attempted to send content with the request, or set an invalid value for the Ref-Target, Ref-Integrity, Ref- Type, or Position header. 405 (Method Not Allowed): A resource already exists at the request-URI. 409 (Conflict): Several conditions may produce this response. There may be no resource at the location specified in Ref-Target, on a server that prohibits dangling references. The request may be attempting to create the reference in a collection that does not exist. The request may be attempting to position the reference before or after a resource that is not in the collection, or before or after itself. The request may be attempting to position the reference in an unordered collection. Xxx: The server does not support the Ref-Integrity value "DAV:do-not- enforce" for the request-URI. 4.3.3 Example: MKREF Request: MKREF /~whitehead/dav/spec08.ref HTTP/1.1 HOST: www.ics.uci.edu Ref-Target: /i-d/draft-webdav-protocol-08.txt Ref-Integrity: do-not-enforce Response: HTTP/1.1 201 Created This request resulted in the creation of a new referential resource at www.ics.uci.edu/~whitehead/dav/spec08.ref, which points to the resource identified by the Ref-Target header. Its DAV:resourcetype property is set to DAV:reference. Its DAV:reftarget property is set to the URI of its target resource. Since the Ref-Integrity header asks the server not to enforce referential integrity for the new reference, the server sets its DAV:refintegrity property to the value of DAV:weak, indicating that the server will not enforce referential integrity for the new reference. Its DAV:reftype property is set to the default value of DAV:redirect. 4.4 Listing Referential Members of a Collection A URI of a referential resource can be a member of a collection just as the URI of an ordinary resource can. A listing of the members of a collection shows all of the URIs in the collection, whether they identify references or ordinary resources. That is, a WebDAV PROPFIND request on a collection resource with Depth = 1 or infinity MUST return a response XML element for each URI in the collection, whether it identifies an ordinary resource or a referential resource. For each direct reference, the properties returned by the PROPFIND MUST Slein et al. Page 9 INTERNET-DRAFT WebDAV Collections Protocol April 1999 be the properties of the target resource unless the No-Passthrough header is included with the PROPFIND request. For each redirect reference, the response element MUST contain a 302 (Moved Temporarily) status code unless the No-Passthrough header is included with the PROPFIND request. The DAV:location and DAV:reftype properties MUST be included with the 302 status code, extending the syntax of the DAV:response element that was defined in [WebDAV] as described in Section 9 below. A referencing-aware client can tell from the DAV:reftype property that the collection contains a redirect reference. The DAV:location property contains the absolute URI of the target resource. A referencing-aware client can either use the URI value of the DAV:location property to retrieve the properties of the target resource, or it can submit a PROPFIND to the redirect reference with the No-Passthrough header to retrieve its properties. It is recommended that future editors of [WebDAV] define the DAV:location property in [WebDAV], so that non-referencing clients will also be able to use the response to retrieve the properties of the target resource. If Depth = infinity in the PROPFIND request, the server MUST NOT follow redirect references into any collections to which they may refer. If Depth = infinity in the PROPFIND request, the server MUST follow direct references into any collections to which they may refer unless the No-Passthrough header is used with the request. That is, if the target resource is a collection, the server MUST list the members of that collection. The No-Passthrough header (defined in Section 6.4) MAY be used with a PROPFIND request on a collection. If present, it indicates that the client wants to see the properties of the references contained in the collection, not the properties of their target resources. 4.4.1 Example: PROPFIND on a Collection with References Suppose a PROPFIND request with Depth = infinity is submitted to the following collection, with the members shown here: http://www.svr.com/MyCollection/ (ordinary resource) diary.html (direct reference) tuva (redirect reference) nunavut The target of http://www.svr.com/MyCollection/tuva is the following collection: http://www.svr.com/feynman/tuva/ (ordinary resource) history.html (ordinary resource) music.html Request: PROPFIND /MyCollection/ HTTP/1.1 Host: www.svr.com Depth: infinity Slein et al. Page 10 INTERNET-DRAFT WebDAV Collections Protocol April 1999 Content-Type: text/xml Content-Length: xxxx Response: HTTP/1.1 207 Multi-Status Content-Type: text/xml Content-Length: xxxx http://www.svr.com/MyCollection/ diary, interests, hobbies HTTP/1.1 200 OK http://www.svr.com/MyCollection/diary.html diary, travel, family, history HTTP/1.1 200 OK http://www.svr.com/MyCollection/tuva history, music, throat-singing HTTP/1.1 200 OK http://www.svr.com/MyCollection/tuva/history.html Slein et al. Page 11 INTERNET-DRAFT WebDAV Collections Protocol April 1999 history, language, culture HTTP/1.1 200 OK http://www.svr.com/MyCollection/tuva/music.html music, throat-singing HTTP/1.1 200 OK http://www.svr.com/MyCollection/nunavut HTTP/1.1 302 Moved Temporarily http://www.inac.gc.ca/art/inuit/ redirect In this example, Depth = infinity and the No-Passthrough header is not used. The collection contains one URI that identifies a redirect reference. The response element for the redirect reference has a status of 302 (Moved Temporarily), and includes a DAV:prop element with the DAV:location and DAV:reftype properties to allow clients to retrieve the properties of its target resource. (The response element for the redirect reference does not include the requested properties. The client can submit another PROPFIND request to the URI in the DAV:location property to retrieve those properties.) The collection also contains one URI that identifies a direct reference. The response element for the direct reference contains the properties of its target collection. There are also response elements for each member of its target collection. 4.4.2 Example: PROPFIND with No-Passthrough on a Collection with References Suppose a PROPFIND request with a No-Passthrough header and Depth = infinity is submitted to the following collection, with the members shown here: /MyCollection/ (collection) photos/ (ordinary resource) family.gif (ordinary resource) trip.gif (ordinary resource) diary.html (direct reference) tuva (redirect reference) nunavut Slein et al. Page 12 INTERNET-DRAFT WebDAV Collections Protocol April 1999 Request: PROPFIND /MyCollection/ HTTP/1.1 Host: www.svr.com Depth: infinity No-Passthrough: Content-Type: text/xml Content-Length: xxxx Response: HTTP/1.1 207 Multi-Status Content-Type: text/xml Content-Length: xxxx http://www.svr.com/MyCollection/ HTTP/1.1 200 OK HTTP/1.1 404 Not Found http://www.svr.com/MyCollection/photos/ HTTP/1.1 200 OK HTTP/1.1 404 Not Found http://www.svr.com/MyCollection/photos/family.gif Slein et al. Page 13 INTERNET-DRAFT WebDAV Collections Protocol April 1999 HTTP/1.1 200 OK HTTP/1.1 404 Not Found http://www.svr.com/MyCollection/photos/trip.gif HTTP/1.1 200 OK HTTP/1.1 404 Not Found http://www.svr.com/MyCollection/diary.html HTTP/1.1 200 OK HTTP/1.1 404 Not Found http://www.svr.com/MyCollection/tuva direct http://www.feynman.com/tuva/ HTTP/1.1 200 OK http://www.svr.com/MyCollection/nunavut Slein et al. Page 14 INTERNET-DRAFT WebDAV Collections Protocol April 1999 redirect http://www.inac.gc.ca/art/inuit/ HTTP/1.1 200 OK Since the No-Passthrough header is present, the response shows the properties of the references in the collection rather than the properties of their targets. Even though Depth = infinity, the No- Passthrough header prevents the server from listing the members of the collection that is the target of the direct reference. No-Passthrough also prevents a 302 response from being returned for the redirect reference. 4.5 Copying Referential Resources In determining the semantics of COPY, the desire to provide intuitively correct behavior was weighed against consistency considerations. A client's intent in performing a COPY operation is to create a new resource that is similar to the original resource and behaves like the original resource, and that can be modified without affecting the original resource. For references to ordinary resources, the expectation would be that the target resource be copied. This would yield an independent resource that could be modified without affecting the original resource. For collections the situation is less clear. There is tension between two expectations. On the one hand, the client may expect the new copy of the collection to behave like the old one (which implies having references where the old one had references). On the other hand, the client may expect that it will be possible to modify the members of the new collection without affecting the members of the old collection (which implies having copies of the targets where the original collection had references). 4.5.1 COPY for Direct References COPY follows the general principle that operations on direct references are applied to the target resource unless the No-Passthrough header is used. A COPY on a direct reference MUST be applied to its target resource unless the No-Passthrough header is used. If the No- Passthrough header is used, then the COPY MUST be applied to the direct reference rather than to its target. For consistency, the same is true when a COPY request is sent to a collection, and direct references are encountered inside the collection. Unless the No-Passthrough header is present on the request, the targets of the direct references MUST be copied into the new collection. If the No-Passthrough header is used, then the direct references, and not their targets, MUST be copied into the new collection. These semantics yield intuitively correct results when a COPY request is Slein et al. Page 15 INTERNET-DRAFT WebDAV Collections Protocol April 1999 sent to an individual reference. It is less clear that the results are intuitive when a COPY request is sent to a collection containing direct references, but consistency dictates that we follow the same semantics for this case. A design principle that is followed throughout this specification is that a method behaves the same when it is sent to the URI of a reference as it does when it is sent to a the URI of a collection and encounters a reference inside that collection. 4.5.2 COPY for Redirect References For redirect references, the normal behavior would be to respond to a request with a 302 (Moved Temporarily) status code, allowing the client to resubmit the request to the target resource identified in the Location header. This would also yield intuitively correct behavior for COPY. However, it seems undesirable to respond to a COPY request on a collection with a Multi-Status including a 302 response for each redirect reference. To avoid this sort of response, the following rules apply when COPY is sent to redirect references: A COPY on a redirect reference MUST be applied to the reference itself, whether or not the No-Passthrough header is present. The same is true when a COPY request is sent to a collection, and redirect references are encountered inside the collection. Whether or not the No-Passthrough header is present on the request, the redirect references themselves are copied into the new collection, and 302 status codes are not returned for them. 4.5.3 Example: COPY on a Direct Reference Request: COPY /MyCollection/tuva HTTP/1.1 Host: www.svr.com Destination: http://www.svr.com/OtherCollection/tuva.html Response: HTTP/1.1 204 No Content In this example, the request-URI identifies a direct reference whose target resource is identified by http://www.svr.com/Asia/History/tuva.html. This target resource was copied to the destination location in the Destination header, http://www.svr.com/OtherCollection/tuva.html. 4.5.4 Example: COPY on a Redirect Reference Request: COPY /MyCollection/tuva HTTP/1.1 Host: www.svr.com Destination: http://www.svr.com/OtherCollection/tuva.html Response: Slein et al. Page 16 INTERNET-DRAFT WebDAV Collections Protocol April 1999 HTTP/1.1 204 No Content In this example, the request-URI identifies a redirect reference whose target resource is identified by http://www.svr.com/Asia/History/tuva.html. In this case, the redirect reference was copied to the destination location in the Destination header, http://www.svr.com/OtherCollection/tuva.html. The result would have been exactly the same, and the response would have been exactly the same, had the No-Passthrough header been used in the request. 4.5.5 Example: COPY on a Collection That Contains a Direct Reference and a Redirect Reference Suppose a COPY request is submitted to the following collection, with the members shown: /MyCollection/ (ordinary resource) diary.html (direct reference) tuva with target /Someplace/tuva.html (redirect reference) nunavut with target /Someplace/nunavut.map Request: COPY /MyCollection/ HTTP/1.1 Host: www.svr.com Destination: http://www.svr.com/OtherCollection/ Response: HTTP/1.1 201 Created In this case, since /MyCollection/tuva is a direct reference, its target resource was copied into the new collection. Since /MyCollection/nunavut is a redirect reference, the reference itself, and not its target, was copied into the new collection. So the resulting collection is as follows: /OtherCollection/ (ordinary resource) diary.html (ordinary resource) tuva.html (redirect reference) nunavut 4.6 Deleting and Moving Referential Resources The DELETE method is used to delete referential resources. For both direct and redirect references, DELETE MUST affect the reference itself, and not its target. Similarly, when a DELETE on a collection encounters a reference in the subtree under that collection, it MUST delete the reference, and not its target. A MOVE operation on a referential resource MUST move the referential resource to a different location, and MUST NOT change the location of Slein et al. Page 17 INTERNET-DRAFT WebDAV Collections Protocol April 1999 its target. The DAV:reftarget property is unchanged after a MOVE. Similarly, when a MOVE on a collection encounters a reference in the subtree under that collection, it MUST move the reference, and not its target. DELETE and MOVE differ from other methods in that they do not alter the resource that is being deleted or moved, but rather the collection that contains its URI. They change the membership of that collection. When a reference is added to a collection, the aim is to make it look as if the target resource were a member of that collection. When the reference is removed from that collection, the aim is to change the membership of that collection. Membership of the target in any other collections, either internally or by reference, should not be affected. Consequently, DELETE and MOVE do not follow the normal rules of behavior for references. Instead, they are always applied to the reference itself, not to its target, and they never result in 302 status codes. Although clients MAY use the No-Passthrough header with DELETE and MOVE requests, the header has no effect on their behavior. Whether the No- Passthrough header is present or not, they are always applied to the reference. [WebDAV] defines MOVE to be logically equivalent to COPY followed by DELETE. For direct references, MOVE is logically equivalent to COPY with the No-Passthrough header followed by DELETE. 4.7 Locking Referential Resources The semantics of LOCK described here resulted from balancing a set of incompatible considerations: o Ideally, a LOCK on a reference should lock both the reference and its target resource. The owner of an exclusive write lock, for example, would be surprised if anyone else could modify the content of the target resource while he held the lock. He would also be surprised if anyone else could delete the reference to it, or replace the reference with one pointing to a different target. o Non-referencing clients should be able to use both direct and redirect references without encountering surprising results. o Preserve the clear distinction between redirect and direct references. Redirect references should be simple for servers to implement. In particular, a server should never have to resolve a redirect reference. A server should not have to provide proxy capabilities in order to implement redirect references. Direct references rely on more sophisticated server capabilities to give clients the illusion of operating directly on the target resource. o There should be consistency between the behavior of LOCK on a single referential resource and the behavior of LOCK on a collection that contains referential resources. o Keep the behavior of all requests to references as consistent as possible. Try to adhere to the general rule that in the absence of a No-Passthrough header, all methods return a 302 when sent to a redirect reference and are applied to the target when sent to a direct reference. Slein et al. Page 18 INTERNET-DRAFT WebDAV Collections Protocol April 1999 o Be consistent with the LOCK semantics defined in [WebDAV]. We have compromised the intuitive locking behavior and support for non- referencing clients in order to preserve various sorts of consistency. 4.7.1 LOCK on Direct References LOCK follows the general principle that operations on direct references are applied to the target resource unless the No-Passthrough header is used. When a LOCK request is sent to a direct reference without the No- Passthrough header, the target resource MUST be locked. When a LOCK request with the No-Passthrough header is sent to a direct reference, the reference itself MUST be locked. A principle followed throughout this specification is that behavior when a reference is encountered during an operation on a collection must be the same as behavior when operating on an individual reference. When a LOCK request with Depth > 0 is sent to a collection, the targets of any direct references encountered MUST be locked, unless the No-Passthrough header is used. If the No-Passthrough header is present on a LOCK request with Depth > 0 to a collection, then any direct references encountered MUST themselves be locked. As was noted above, more intuitive results would have been obtained by requiring that both the reference and its target to be locked in response to a LOCK request. Reference-aware clients can obtain this result by performing two LOCK operations, one with the No-Passthrough header and one without. Non-referencing clients cannot do so. This means that for non-referencing clients there is always the risk that a referencing client may delete or replace the reference that was used to lock a target resource while the non-referencing client has the target locked. To insure intuitive results for non-referencing clients, referencing clients SHOULD be designed to check whether the target resource is locked before replacing, moving, or deleting a direct reference. UNLOCK behaves as specified in [WebDAV], unlocking all resources included in the lock identified by the Lock-Token header. 4.7.2 LOCK on Redirect References The behavior of LOCK for redirect references was determined by what is possible for the case of locking collections that contain redirect references. The expected behavior for any operation on a redirect reference is that a 302 (Moved Temporarily) response will be returned, unless the No- Passthrough header is used. However, this policy would have unacceptable consequences when locking a collection that contains redirect references. Since [WebDAV} requires LOCK on a collection to be an atomic operation, if a 302 response is received for any member of the collection, the entire LOCK must fail. This would make it impossible to lock any collection that contained a redirect reference. To avoid this result, a LOCK on a collection with Depth > 0 MUST lock Slein et al. Page 19 INTERNET-DRAFT WebDAV Collections Protocol April 1999 any redirect references it encounters, and not return 302 responses for them, whether or not the No-Passthrough header is used. This gives part of the expected lock behavior without forcing the server to resolve the redirect reference or become a proxy server in cases where the target resides on a different server. There will be no hint in any response code that there are redirect references whose targets need to be locked. The client will most likely not lock any targets until it attempts an operation on the target and gets a 302 response. Non-referencing clients cannot lock the targets of the redirect references and may never realize that the targets have not been locked. Clearly, a LOCK with Depth = infinity on a collection MUST NOT follow any redirect references whose targets are collections into the target collections; it MUST NOT cause any members of those target collections to be locked. The behavior of LOCK for individual redirect references is designed to be consistent with LOCK behavior for collections that contain redirect references. Whether or not a No-Passthrough header is present, a LOCK on a redirect reference MUST lock only the reference, not its target, and it MUST NOT return a 302 response. The response MUST include the Ref-Type and Ref-Target headers, so that a referencing client can lock the target resource if it wishes. UNLOCK behaves as specified in [WebDAV], unlocking all resources included in the lock identified by the Lock-Token header. 4.7.3 Example: LOCK on a Direct Reference Request: LOCK /MyCollection/tuva HTTP/1.1 Host: www.svr.com Content-Type: text/xml Content-Length: nnnn Authorizaton: Digest username="jas", realm=jas@webdav.sb.aol.com, nonce=". . . ", uri="/MyCollection/tuva", response=". . . ", opaque=". . . " http://www.svr.com/~jas/contact.html Response: HTTP/1.1 200 OK Slein et al. Page 20 INTERNET-DRAFT WebDAV Collections Protocol April 1999 Content-Type: text/xml Content-Length: nnnn 0 http://www.svr.com/~jas/contact.html opaquelocktoken:e71dfae-5dec-22d6-fea5-00a0c91e6be4 In this example, the request-URI identifies a direct reference whose target resource is identified by http://www.svr.com/Asia/History/tuva.html. This target resource was successfully locked. 4.7.4 Example: LOCK on a Redirect Reference In this example, the request and response would look identical to those in the previous section. However, the request-URI in this case identifies a redirect reference. Since the request-URI identifies a redirect reference, the reference itself, and not its target, was locked. 4.7.5 Example: LOCK on a Collection That Contains a Direct Reference and a Redirect Reference Suppose a LOCK request is submitted to the following collection, with the members shown: /MyCollection/ (ordinary resource) diary.html (direct reference) tuva (redirect reference) nunavut Request: LOCK /MyCollection/ HTTP/1.1 Host: www.svr.com Content-Type: text/xml Content-Length: nnnn Authorizaton: Digest username="jas", realm=jas@webdav.sb.aol.com, nonce=". . . ", uri="/MyCollection/tuva", response=". . . ", opaque=". . . " Slein et al. Page 21 INTERNET-DRAFT WebDAV Collections Protocol April 1999 http://www.svr.com/~jas/contact.html Response: HTTP/1.1 200 OK Content-Type: text/xml Content-Length: nnnn Infinity http://www.svr.com/~jas/contact.html opaquelocktoken:e71dfae-5dec-22d6-fea5-00a0c91e6be4 The collection was successfully locked. In this case, since /MyCollection/tuva is a direct reference, its target resource was locked. Since /MyCollection/nunavut is a redirect reference, the reference itself, and not its target, was locked. The ordinary resource /MyCollection/diary.html was successfully locked. 4.8 Other WebDAV Operations on Redirect Referential Resources Although non-referencing WebDAV clients cannot create referential resources, they should be able to use the references created by reference-aware WebDAV clients. They should be able to follow any references to their targets. To make this possible, a server that receives a PROPFIND, PROPPATCH, MKCOL, or MKREF request made via a redirect reference MUST return a 302 (Moved Temporarily) status code. The client and server MUST follow [HTTP] Section 10.3.3 "302 Moved Temporarily," but with these additional rules: o The Location response header MUST contain the target URI of the reference. o The response MUST include the Ref-Type header. This header allows reference-aware WebDAV clients to recognize the resource as a reference and understand the reason for the redirection. Slein et al. Page 22 INTERNET-DRAFT WebDAV Collections Protocol April 1999 A reference-aware WebDAV client can act on this response in one of two ways. It can, like a non-referencing client, resubmit the request to the URI in the Location header in order to operate on the target resource. Alternatively, it can resubmit the request to the URI of the redirect reference with the No-Passthrough header in order to operate on the reference itself. If the No-Passthrough header is present, the request MUST be applied to the reference itself, and a 302 response MUST NOT be returned. If a reference-aware client knows before submitting its request that the request-URI identifies a redirect reference, it can save the round trip caused by the 302 response by using No-Passthrough in its initial request to the URI. Since MKCOL and MKREF fail when applied to existing resources, if the client attempts to resubmit the request to the target resource, the request MUST fail (unless the reference is a dangling reference). Similarly, if the client attempts to resubmit the request to the reference with a No-Passthrough header, the request MUST fail. 4.8.1 Example: PROPPATCH on a Redirect Reference 4.9 Other WebDAV Operations on Direct Referential Resources With the exception of DELETE and MOVE, which were discussed above, operations on direct references affect the target resource, not the reference, unless the No-Passthrough header is used. Specifically: Unless the No-Passthrough header is used, a PROPPATCH on a direct reference MUST modify the properties of its target resource, not the properties of the reference itself. Unless the No-Passthrough header is used, a PROPFIND on a direct reference MUST return the properties of its target resource, not the properties of the reference itself. If the No-Passthrough header is used with a PROPPATCH or PROPFIND request on a direct reference, the operation MUST be applied to the reference itself rather than to its target resource. MKCOL and MKREF fail if their request-URI identifies an existing resource of any kind. Consequently, when submitted to a target resource via a direct reference, they MUST fail unless the reference is a dangling reference. If they are submitted to an existing direct reference with the No-Passthrough header, they MUST also fail. 4.9.1 Example: PROPPATCH on a Direct Reference 4.10 HTTP Operations on Redirect Referential Resources Although existing HTTP clients cannot create referential resources, they should be able to use collections created by reference-aware WebDAV clients. They should be able to follow any references identified by URIs in those collections to their targets. To enable existing HTTP Slein et al. Page 23 INTERNET-DRAFT WebDAV Collections Protocol April 1999 clients to use GET, HEAD, PUT, POST, or OPTIONS via redirect references, a server that receives any of these requests on a redirect reference MUST return a 302 (Moved Temporarily). The client and server MUST follow [HTTP] Section 10.3.3 "302 Moved Temporarily," but with these additional rules: o The Location response header MUST contain the target URI of the reference. o The response MUST include the Ref-Type header. This header allows reference-aware WebDAV clients to recognize the resource as a reference and understand the reason for the redirection. Reference-aware clients can act on a 302 response in either of two ways. Like plain HTTP clients, they can resubmit the request to the URI in the Location header (the URI of the target resource). They may, however, want to operate on the reference rather than on its target. In this case, they may resubmit the request to the URI of the reference and include the No-Passthrough header with the request. If the No- Passthrough header is present, the request MUST be applied to the reference itself, and a 302 response MUST NOT be returned. If a reference-aware client knows before submitting its request that the request-URI identifies a redirect reference, it can save the round trip caused by the 302 response by using No-Passthrough in its initial request to the URI. The No-Passthrough header can be used with GET or HEAD to retrieve the entity headers of a redirect reference. When No-Passthrough is used with GET or HEAD, the referencing entity headers (Ref-Type and Ref- Target) MUST be returned, along with all HTTP headers that make sense for references (at a minimum, Cache-Control, Age, ETag, Expires, and Last-Modified). The No-Passthrough header can be used with PUT to replace the redirect reference with an ordinary resource. It can be used with OPTIONS to retrieve the capabilities of a redirect reference. Clients MUST NOT, however, use the No-Passthrough header with POST. Since a reference cannot accept another entity as its subordinate, an attempt to POST to a reference with No-Passthrough will also fail. If a server receives a POST request with the No-Passthrough header on a redirect reference, it MUST fail the request with a 400 (Bad Request) status code. 4.10.1 Example: GET on a Redirect Reference 4.10.2 Example: GET on a Redirect Reference with No-Passthrough 4.11 HTTP Operations on Direct Referential Resources GET, HEAD, PUT, POST, and OPTIONS on direct references are automatically passed through to their target resources. GET MUST return the content and headers of the target resource, HEAD MUST return the headers of the target resource, PUT MUST replace the content of the target resource, Slein et al. Page 24 INTERNET-DRAFT WebDAV Collections Protocol April 1999 POST MUST perform the expected function at the target resource, and OPTIONS MUST report the communication options available at the target resource. The No-Passthrough request header MAY be used with GET, HEAD, PUT, or OPTIONS to view the headers or capabilities of the reference, rather than its target. The No-Passthrough request header MUST NOT be used with POST, which cannot be applied to references. If a server receives a POST request on a direct reference with the No-Passthrough header, it MUST fail the request with a 400 (Bad Request) status code. 4.11.1 Example: GET on a Direct Reference 4.11.2 Example: GET on a Direct Reference with No-Passthrough 4.12 Operations on Targets of Referential Resources In general, operations on targets of weak referential resources have no effect on the referential resource. However, servers that choose to maintain the integrity of references are free to make changes to the state of references when moving or deleting their targets. When moving a target resource, a server MAY insert an optional step into the semantics of MOVE as defined in [WebDAV] for the purpose of maintaining referential integrity. Between the copy step and the delete step of a MOVE, the server MAY perform an update step, which changes the DAV:reftarget property of any references to the target to reflect its new location. When deleting a target resource, a server MAY perform any internal operations necessary to implement its policy on preserving referential integrity. For example, it might delete any references to the deleted target, or it might flag them as having a deleted target, or it might replace references with copies of the target. 4.13 Discovering a Target's References An OPTIONAL DAV:references property on the target resource provides a list of referential resources whose DAV:reftarget property points to that target resource. By retrieving this property, a client can discover the URIs of the references that point to the target, and so can also discover the collections that contain those URIs as members. As for all DAV: properties, this specification is silent as to how the DAV:references property is implemented on the server. The DAV:references property is expected to be supported mainly by Document Management Systems (DMSs) and other servers that will maintain the property only for references within their own domain. It is not in general possible for a server to maintain the property for references on other servers. If a reference on a different server points to the target, the server where the target is located is unlikely to know about that reference. This protocol provides no mechanism for one server to notify another of the creation of a reference to one of its resources. Slein et al. Page 25 INTERNET-DRAFT WebDAV Collections Protocol April 1999 Consequently, the list of references in DAV:reftarget may be incomplete. Rationale: A number of scenarios require clients to navigate from a target resource to the references that point to it, and to the collections that contain the URIs of those references. This capability is particularly important for DMSs, which may populate their collections entirely by reference. Their clients may need to determine, for any object in the DMS, what collections contain URIs that identify references to that object. It is also important in other contexts. For example, some servers enforce referential integrity by refusing to delete any resource that is referenced by other resources. In such an environment, the client must be able to discover the references in order to delete them before attempting to delete the target. Risks: When deciding whether to support the DAV:references property, server implementers / administrators should balance the benefits it provides against the cost of maintaining the property and the security risks enumerated in Sections 12.4 and 12.5. 4.14 Behavior of Dangling Direct References Whenever the No-Passthrough header accompanies a request on a dangling direct reference, the request succeeds. Since No-Passthrough causes the request to be applied to the reference rather than to its target, it does not matter that the target resource does not exist. The client will not be informed that the reference points to a nonexistent target. In the absence of the No-Passthrough header, the responses MUST be as follows: GET, HEAD, OPTIONS, POST, PROPFIND, PROPPATCH, LOCK, UNLOCK, and COPY respond with 404 (Not Found), but the Ref-Type and Ref-Target headers are included in the response, so that the client can tell that it is the target, and not the reference, that was not found. If, however, a PROPFIND, LOCK, UNLOCK, or COPY with Depth header greater than 0 on a collection encounters a dangling direct reference inside the collection, the response is a 207 (Multi-Status). The DAV:response element for the dangling reference will have a status of 404 (Not Found). The DAV:reftype and DAV:reftarget properties of the references are included in the response. Their presence informs the client that it is the target, not the reference, that was not found. Including these two properties requires an extension to the DAV:response element as defined in {WEBDAV]. This extension is defined in Section 9 below. PUT succeeds, creating a new resource at the location specified by the reference's DAV:reftarget property. MKREF and MKCOL succeed, since there is no existing resource at the target URI. MOVE and DELETE succeed, since they always affect the reference rather than its target. For MOVE, the reference at the destination will be broken, just as the reference at the source was. Slein et al. Page 26 INTERNET-DRAFT WebDAV Collections Protocol April 1999 4.14.1 Example: PROPFIND on a Collection with a Dangling Direct Reference Request: PROPFIND /collection1/ HTTP/1.1 Host: www.somehost.com Depth: 1 Content-Type: text/xml Content-Length: xxxx Response: HTTP/1.1 207 Multi-Status Content-Type: text/xml Content-Length: xxxx http://www.somehost.com/collection1/ Smith, J.H. My Working Collection HTTP/1.1 200 OK http://www.somehost.com/collection1/directref7 HTTP/1.1 404 Not Found /collection2/file19 Target resource not found. 4.15 Chains of Direct References Unless a No-Passthrough header is present, any operation on a direct reference that is part of a chain of direct references MUST get passed Slein et al. Page 27 INTERNET-DRAFT WebDAV Collections Protocol April 1999 through to the target of the last reference in the chain. A server cannot tell whether a dangling reference once pointed to an ordinary resource or to another reference in a chain of direct references. When a break occurs before the end of a chain of direct references, the server's behavior will be the same as for any other dangling direct reference, as described in Section 4.13. For example, a PUT will create the new resource at the location specified by the DAV:reftarget property of the broken reference, even if that is in the middle of what was once a chain of direct references. 4.16 Relative URIs in Ref-Target and DAV:reftarget The Generic-Coded-url in a Ref-Target header MAY be a relative URI. Similarly, the href in a DAV:reftarget property MAY be a relative URI. In both cases, the base URI to be used for resolving the relative URI to absolute form is the URI of the reference to which the Ref-Target header or DAV:reftarget property belongs. In the case of a Ref-Target header in a request, the base URI is constructed as follows: Its scheme component is "http", its authority component is the value of the Host header in the request, and its path component is the request-URI in the request. See [URI] Section 5 for a discussion of relative URI references and how to resolve them. When a single Ref-Target header is included in a response, its base URI is constructed in the same way. However, if multiple Ref-Target headers are included, as in the chain of references in Section 4.15, the situation is more complicated. The base URI for the Ref-Target at hop 0 is constructed from the scheme component "http", the value of the Host header in the request, and the request-URI. But the base URI for the Ref-Target at each succeeding hop is the absolute-URI of the reference at the preceding hop. The DAV:reftarget property appears in the protocol only in the context of a Multi-Status response, in a response element that contains a single DAV:href element. The value of this DAV:href element serves as the base URI for resolving a relative URI in DAV:reftarget. (The value of DAV:href may itself be relative, in which case it must be resolved first in order to serve as the base URI for the relative URI in DAV:reftarget.) If the DAV:href element is relative, its base URI is constructed from the scheme component "http", the value of the Host header in the request, and the request-URI. 4.16.1 Example: Resolving a Relative URI in Ref-Target Request: MKREF /north/inuvik HTTP/1.1 Host: www.somehost.edu Ref-Type: direct Ref-Target: mapcollection/inuvik.gif Ref-Integrity: do-not-enforce Response: Slein et al. Page 28 INTERNET-DRAFT WebDAV Collections Protocol April 1999 HTTP/1.1 201 Created In this example, the base URI is http://www.somehost.edu/north/inuvik. Then, following the rules in [URI] Section 5, the relative URI in Ref- Target resolves to the absolute URI http://www.somehost.edu/north/mapcollection/inuvik.gif. 4.16.2 Example: Resolving a Relative URI in DAV:reftarget Request: PROPFIND /geog/ HTTP/1.1 Host: www.xxsvr.com No-Passthrough: Depth: 1 Content-Type: text/xml Content-Length: nnn Response: HTTP/1.1 207 Multi-Status Content-Type: text/xml Content-Length: nnn /geog/ HTTP/1.1 200 OK /D:prop> HTTP/1.1 404 Not Found /geog/stats.html direct Slein et al. Page 29 INTERNET-DRAFT WebDAV Collections Protocol April 1999 statistics/population/1997.html HTTP/1.1 200 ok In this example, the relative URI statistics/population/1997.html is returned as the value of reftarget for the reference identified by href /geog/stats.html. The href is itself a relative URI, which resolves to http://www.xxsrv.com/geog/stats.html. This is the base URI for resolving the relative URI in reftarget. The absolute URI of reftarget is http://www.xxsrv.com/geog/statistics/population/1997.html. 4.17 URIs and References In a request-URI /segment1/segment2/segment3, any of the three segments may identify a reference. (See [URI], Section 3.3, for definitions of "path" and "segment".) Servers will be unable to resolve such URIs unless certain constraints hold. If any segment of the path identifies a reference, that reference MUST ultimately resolve to a resource that behaves as a container. (Examples are WebDAV collections, tar files, and some CGI scripts.) The succeeding segment of the path MUST resolve to a resource that is immediately contained in that container. Consider request-URI /x/y/z.html. Suppose that /x/ is a reference whose target is collection /a/, which contains reference y whose target is collection /b/, which contains reference z.html whose target is /c/d.html. /x/ -----> /a/ /a/y/ -----> /b/ /b/z.html -----> /c/d.html The server is able to resolve the request-URI because each segment of the URI's path satisfies the constraints stated above. Except for the final segment, each segment that is a reference resolves to a collection that contains the next segment as an internal member. The final segment, which is a reference, does have a target resource. If the references are direct references, the server automatically applies the request to the ultimate target, /c/d.html. If the references are redirect references, the client must follow up three separate 302 responses before finally reaching the target resource. The server responds to the initial request with a 302 with Location: /a/y/z.html, and the client resubmits the request to /a/y/z.html. The server responds to this request with a 302 with Location: /b/z.html, and the client resubmits the request to /b/z.html. The server responds to this request with a 302 with Location: /c/d.html, and the client resubmits the request to /c/d.html. This final request succeeds. 5 Ordered Collections Slein et al. Page 30 INTERNET-DRAFT WebDAV Collections Protocol April 1999 5.1 Overview Collections on a compliant server may be ordered, but need not be. It is up to the client to decide whether a given collection is ordered and, if so, to specify the semantics to be used for ordering its members. If a collection is ordered, each of its members must be in the ordering exactly once, and the ordering must not include any resource that is not a member of the collection. Only one ordering can be attached to any collection. Multiple orderings of the same resources can be achieved by creating multiple collections referencing those resources, and attaching a different ordering to each collection. The server is responsible for enforcing these constraints on orderings. The server MUST remove a member URI from the ordering when it is removed from the collection. The server MUST add a member URI to the ordering when it is added to the collection. When responding to a PROPFIND on a collection, the server MUST order the response elements according to the ordering defined on the collection. Orderings may be client-maintained or server-maintained. This protocol provides support for both types of orderings. 5.2 Creating an Ordered Collection 5.2.1 Overview When a collection is created, the client MAY request that it be ordered and specify the semantics of the ordering by using the new Ordered header (defined in Section 6.5) in the MKCOL request. For collections that are ordered, the client SHOULD identify the semantics of the ordering with a URI in the Ordered header. This URI may identify a server-maintained ordering. Clients can discover the available server-maintained orderings using the mechanism defined in Section 10.3. The URI may identify a semantics for a client-maintained ordering, providing the information a human user or software package needs to insert new collection members into the ordering intelligently. Although the URI in the Ordered header MAY point to a resource that contains a definition of the semantics of the ordering, clients are discouraged from accessing that resource, in order to avoid overburdening its server. The client MAY set the header value to DAV:custom to indicate that the collection is ordered, but the semantics of the ordering are not being advertised. If the client does not want the collection to be ordered, it may omit the Ordered header, or use it with the value DAV:unordered. If the server does not recognize the value of the Ordered header as one of its server-maintained orderings, it MUST assume that a client- maintained ordering is intended. If the value of the Ordered header is one of the server-maintained orderings that the server supports, it MUST maintain the collection's ordering according to that ordering semantics as new members are added. Every collection MUST have the new DAV:orderingtype property (defined in Slein et al. Page 31 INTERNET-DRAFT WebDAV Collections Protocol April 1999 Section 7.6), which indicates whether the collection is ordered and, if so, identifies the semantics of the ordering. The server sets the initial value of this property based on the value of the Ordering header in the MKCOL request. If the collection is ordered, the server MUST respond to PROPFIND requests on the collection using the specified ordering. If the collection is unordered, the client cannot depend on the repeatability of the ordering of results from a PROPFIND request. 5.2.2 Example: Creating an Ordered Collection Request: MKCOL /theNorth/ HTTP/1.1 Host: www.server.org Ordered: http://www.server.org/orderings/compass.html Response: HTTP/1.1 201 Created In this example, a new, ordered collection was created. Its DAV:orderingtype property has as its value the URI from the Ordered header. In this case, the URI identifies the semantics governing a client-maintained ordering. As new members are added to the collection, clients or end users can use the semantics to determine where to position the new members in the ordering. 5.3 Setting the Position of a Collection Member 5.3.1 Overview When a new member is added to a collection with a client-maintained ordering (for example, with PUT, MKREF, or MKCOL), its position in the ordering can be set with the new Position header (defined in Section 6.6). The Position header allows the client to specify that the member should be first in the collection's ordering, last in the collection's ordering, before some other collection member in the collection's ordering, or after some other collection member in the collection's ordering. 5.3.2 Status Codes Some likely client errors and the corresponding response status codes include: 409 (Conflict): The request may be attempting to position the collection member before or after a URI that is not in the collection, or before or after itself, or it may be attempting to position the collection member in an unordered collection or in a collection with a server-maintained ordering. 5.3.3 Examples: Setting the Position of a Collection Member Slein et al. Page 32 INTERNET-DRAFT WebDAV Collections Protocol April 1999 Request: MKREF /~whitehead/dav/spec08.ref HTTP/1.1 HOST: www.ics.uci.edu Ref-Target: http://www.ics.uci.edu/i-d/draft-webdav-protocol-08.txt Position: After Response: HTTP/1.1 201 Created This request resulted in the creation of a new referential resource at www.ics.uci.edu/~whitehead/dav/spec08.ref, which points to the resource identified by the Ref-Target header. The Position header in this example caused the server to set its position in the ordering of the /~whitehead/dav/ collection immediately after requirements.html. Request: MOVE /i-d/draft-webdav-protocol-08.txt HTTP/1.1 Host: www.ics.uci.edu Destination: http://www.ics.uci.edu/~whitehead/dav/draft-webdav- protocol-08.txt Position: First Response: HTTP/1.1 409 Conflict In this case, the server returned a 409 Conflict status code because the /~whitehead/dav/ collection is an unordered collection. Consequently, the server was unable to satisfy the Position header. 5.4 Changing the Semantics of a Collection Ordering After a collection has been created, a client can change its ordering semantics, or change an ordered collection to an unordered collection or vice versa, by using PROPPATCH to change the value of its DAV:orderingtype property (defined in Section 7.6). If the new value identifies a client-maintained ordering, the client is then responsible for updating the ordering of the collection members according to the new semantics. If it identifies a server-maintained ordering, the server MUST reorder the collection according to the new semantics. PROPPATCH is defined in [WebDAV], Section 7.2. 5.5 Changing the Position of a Collection Member 5.5.1 The ORDERPATCH Method To change the positions of collection members in the collection's ordering, the client MUST use an ORDERPATCH request with a request body containing an order XML element. The request-URI of an ORDERPATCH request is the URI of the collection whose ordering is to be updated. The order XML element identifies the member URIs whose positions are to be changed, and describes their new positions in the ordering. Each new Slein et al. Page 33 INTERNET-DRAFT WebDAV Collections Protocol April 1999 position can be specified as first in the ordering, last in the ordering, before some other collection member in the ordering, or after some other collection member in the ordering. The server MUST apply the changes in the order they appear in the order element. 5.5.2 Status Codes Since multiple changes can be requested in a single ORDERPATCH request, the server MUST return a 207 (Multi-Status) response, as defined in [WebDAV]. The following are examples of response codes one would expect to be used in a 207 (Multi-Status) response for this method: 200 (OK): The change in ordering was successfully made. 409 (Conflict): An attempt was made to position the collection member before or after a URI that is not in the collection, or before or after itself, or an attempt was made to position the collection member in an unordered collection or in a collection with a server-maintained ordering. A request to reposition a collection member to the same place in the ordering is not an error. 5.5.3 Example: Changing the Positions of Collection Members in the Ordering Consider a collection /coll-1/ with members ordered as follows: nunavut.map nunavut.img baffin.map baffin.desc baffin.img iqaluit.map nunavut.desc iqaluit.img iqaluit.desc Request: ORDERPATCH /coll-1/ HTTP/1.1 Host: www.nunanet.com Content-Type: text/xml Content-Length: xxx nunavut.desc nunavut.map Slein et al. Page 34 INTERNET-DRAFT WebDAV Collections Protocol April 1999 iqaluit.img Response: HTTP/1.1 207 Multi-Status Content-Type: text/xml Content-Length: xxx http://www.nunanet.com/coll-1/nunavut.desc HTTP/1.1 200 OK http://www.nunanet.com/coll-1/iqaluit.img HTTP/1.1 200 OK If the href elements are relative URIs, as in this example, they are interpreted relative to the collection that is being reordered. In this example, after the request has been processed, the collection's ordering is as follows: nunavut.map nunavut.desc nunavut.img baffin.map baffin.desc baffin.img iqaluit.map iqaluit.desc iqaluit.img 6 Headers 6.1 Ref-Target Entity Header Ref-Target = "Ref-Target" ":" (absoluteURI | relativeURI) The Ref-Target header is used with MKREF requests to identify the target resource of the new referential resource being created. For an example, see Section 4.3.3. To comply with the rules specified in [HTTP] for responding to GET and HEAD requests, the Ref-Target entity header is also included in Slein et al. Page 35 INTERNET-DRAFT WebDAV Collections Protocol April 1999 responses to GET and HEAD that include the No-Passthrough header. (See Sections 4.10 and 4.11.) The Ref-Target header is also included in 404 error responses for dangling references. (See Section 4.14.) 6.2 Ref-Type Entity Header Ref-Type = "Ref-Type" ":" ("DAV:direct" | "DAV:redirect" | ext-ref-type) ext-ref-type = quoted-URL The Ref-Type header is defined to distinguish between direct and redirect references. The possible values of this header are DAV:direct, DAV:redirect, and ext-ref-type. The value ext-ref-type provides extensibility. This header may be included in MKREF requests to tell the server what sort of reference to create. If the header is not present on a MKREF request, the server MUST treat the request as if it has a Ref-Type header with the value DAV:redirect. To comply with the rules specified in [HTTP] for responding to GET and HEAD requests, the Ref-Type entity header is also included in responses to GET and HEAD that include the No-Passthrough header (see Sections 4.10 and 4.11). The Ref-Type header is also included in 404 error responses for dangling references (see Section 4.14) to distinguish this case from the case where the reference itself is not found. It is included in 302 responses for redirect references (see Sections 4.2, 4.8, and 4.10) to distinguish these responses from ordinary HTTP 1.1 redirects. 6.3 Ref-Integrity Request Header Ref-Integrity = "Ref-Integrity" ":" ("DAV:do-not-enforce" | ext-ref-integrity) ext-ref-integrity = quoted-URL The Ref-Integrity header is defined primarily to allow future support for strong references. It specifies whether and how the server should enforce referential integrity for a referential resource being created with MKREF. The value "DAV:do-not-enforce" means that the client wants the server not to enforce referential integrity for the newly created reference. A client might use this value if, for example, it wanted to populate a collection with references before their content was made available on the Web. If the server cannot honor a Ref-Integrity value of "DAV:do- not-enforce" in a MKREF request, it MUST fail the request with status code ???. Clients may use other values of the Ref-Integrity header, to specify the desired policy for enforcing referential integrity. Clients can discover the valid values for Ref-Integrity for a given request-URI by submitting an OPTIONS request to that URI and including the DAV:refintegrityoptions element in the request body (see Section 10). If a server receives an extension value that it does not understand, it Slein et al. Page 36 INTERNET-DRAFT WebDAV Collections Protocol April 1999 MUST fail the request with status code 400 (Bad Request). If the Ref-Integrity header is not present on a MKREF request, the server MUST fail the request with status code 400 (Bad Request). 6.4 No-Passthrough Request Header No-Passthrough = "No-Passthrough" ":" The optional No-Passthrough header can be used on any request to a reference except POST. For a direct reference, if the No-Passthrough header is present, the request MUST be applied to the reference itself rather than to its target. For a redirect reference, if the No- Passthrough header is present, the request MUST be applied to the reference itself, and a 302 response MUST NOT be returned. If the No- Passthrough header is used on a request to any other sort of resource besides a reference, the server SHOULD ignore it. If the No-Passthrough header is used with a POST request to a reference, the server MUST respond with a 400 (Bad Request). The No-Passthrough header can be used with PROPFIND requests on collections with Depth = infinity. When it is used in this way, the server MUST return the properties of any redirect references in the collection, and not return 302 (Moved Temporarily) status codes for them. It MUST also return the properties of any direct references in the collection (not the properties of their targets), and it MUST NOT follow any direct references to collections into their target collections. The No-Passthrough header can be used with LOCK requests on collections with Depth = infinity. When it is used in this way, the server MUST lock any redirect references in the collection, just as it would if the No-Passthrough header were absent. It MUST also lock any direct references in the collection (not their target resources), and it MUST NOT follow any direct references to collections into their target collections. The No-Passthrough header can be used with COPY requests on collections with Depth > 0. When it is used in this way, the server MUST copy any redirect references in the collection, just as it would if the No- Passthrough header were absent. It MUST also copy any direct references in the collection (not their target resources), and it MUST NOT follow any direct references to collections into their target collections. 6.5 Ordered Entity Header Ordered = "Ordered" ":" ("DAV:unordered" | "DAV:custom" | absoluteURI) The Ordered header may be used with MKCOL to request that the new collection be ordered and to specify its ordering semantics. A value of "DAV:unordered" indicates that the collection is not ordered. A value of "DAV:custom" indicates that the collection is to be ordered, but the semantics of the ordering is not being advertised. Any other absoluteURI value indicates that the collection is ordered, and identifies the semantics of the ordering. The absoluteURI MAY point to Slein et al. Page 37 INTERNET-DRAFT WebDAV Collections Protocol April 1999 a resource that contains a definition of the semantics of the ordering. If the Ordered header is present on a MKCOL request, the server MUST set the collection's DAV:orderingtype property to the value of the Ordered header. If the Ordered header is not present, the server MUST treat the request as if it had an Ordered header with the value "DAV:unordered". 6.6 Position Request Header Position = "Position" ":" ("First" | "Last" | (("Before" | "After") Generic-Coded-url)) Generic-Coded-url = "<" (absoluteURI | relativeURI) ">" absoluteURI and relativeURI are defined in [URI]. The Position header may be used with any method that adds a member to a collection with a client-maintained ordering, to tell the server where in the collection ordering to position the new member being added to the collection. It may be used for both ordinary and referential members. If the Coded-url is a relative URL, it is interpreted relative to the collection to which the new member is being added. The server MUST insert the new member into the ordering at the location specified in the Position header, if one is present (and if the collection has a client-maintained ordering). If the request is replacing an existing resource, and the Position header is present, the server MUST remove the member from its previous position, and then insert it at the requested position. If the Position request header is not used when adding a member to a collection with a client-maintained ordering, then: If the request is replacing an existing resource, the server MUST preserve the present ordering. If the request is adding a new member to the collection, the server MUST append the new member to the end of the ordering. If an attempt is made to use the Position header on a collection that is unordered or that has a server-maintained ordering, the server MUST fail the request with a 409 (Conflict) status code. 7 Properties 7.1 reftarget Property Name: reftarget Namespace: DAV: Purpose: A property of referential resources that provides an efficient way for clients to discover the URI of the target resource. This is a read-only property, whose value can only be set by using the Ref-Target header with a MKREF request. Value: URI of the target resource. This value MAY be a relative Slein et al. Page 38 INTERNET-DRAFT WebDAV Collections Protocol April 1999 URI. The reftarget property can occur in the entity bodies of responses to a variety of requests. It always occurs in the context of a Multi-Status response, inside a DAV:response element that has a single DAV:href element. 7.2 refintegrity Property Name: refintegrity Namespace: DAV: Purpose: A property of a referential resource that indicates whether and how the server enforces referential integrity for that reference. The refintegrity property is defined to allow future support for strong references. The only value currently defined for refintegrity is weak, which means that the server does not enforce referential integrity for the reference. A server may assign another value to identify its policy for enforcing referential integrity for the reference. This is a readonly property, set based on the value of the Ref-Integrity header in the MKREF request that created the reference. Value: weak or an extension value 7.3 reftype Property Name: reftype Namespace: DAV: Purpose: A property of a referential resource that identifies the reference as direct or redirect. This is a read-only property, whose value can only be set by using the Ref-Type header with a MKREF request. Value: direct, redirect, or an extension value 7.4 location Property Name: location Namespace: DAV: Purpose: For use with 302 (Moved Temporarily) response codes in Multi-Status responses. It contains the absolute URI of the temporary location of the resource. In the context of redirect references, this value is the absolute URI of the target resource. It is analogous to the Location header in HTTP 302 responses defined in [HTTP] Section 10.3.3 "302 Moved Temporarily." Including the location property in a Multi-Status response requires an extension to the syntax of the DAV:response element defined in [WebDAV], which is defined in Section 9 below. This property is not expected to be stored on the reference. It is modeled as a property only so that it can be returned inside a DAV:prop element in a Multi-Status response. Slein et al. Page 39 INTERNET-DRAFT WebDAV Collections Protocol April 1999 Value: href containing the absolute URI of the target resource. 7.5 references Property Name: references Namespace: DAV: Purpose: Enables clients to discover, for any target resource, what references point to it and what collections contain it by reference. This is an optional property. If present, it is a read-only property, maintained by the server. Value: List of the URIs of the references that point to the target resource. 7.6 orderingtype Property Name: orderingtype Namespace: DAV: Purpose: Indicates whether the collection is ordered and, if so, uniquely identifies the semantics of the ordering being used. May also point to an explanation of the semantics in human and / or machine-readable form. At a minimum, this allows human users who add members to the collection to understand where to position them in the ordering. Value: unordered for an unordered collection, or a URI that uniquely identifies the semantics of the collection's ordering. The value custom indicates that the collection is ordered, but the semantics are not being advertised. 8 XML Elements 8.1 reference XML Element Name: reference Namespace: DAV: Purpose: A new value of the DAV:resourcetype property that identifies its resource as a referential resource. Value: EMPTY 8.2 direct XML Element Name: direct Namespace: DAV: Purpose: A value for the DAV:reftype property that identifies its resource as a direct reference. Value: EMPTY Slein et al. Page 40 INTERNET-DRAFT WebDAV Collections Protocol April 1999 8.3 redirect XML Element Name: redirect Namespace: DAV: Purpose: A value for the DAV:reftype property that identifies its resource as a redirect reference. Value: EMPTY 8.4 weak XML Element Name: weak Namespace: DAV: Purpose: A value of the DAV:refintegrity property. It means that the server does not enforce referential integrity for the reference to which the property belongs. Value: EMPTY 8.5 unordered XML Element Name: unordered Namespace: DAV: Purpose: A value of the DAV:orderingtype property that indicates that the collection is not ordered. That is, the client cannot depend on the repeatability of the ordering of results from a PROPFIND request. Value: EMPTY 8.6 custom XML Element Name: custom Namespace: DAV: Purpose: A value of the DAV:orderingtype property that indicates that the collection is ordered, but the semantics of the ordering are not being advertised. Value: EMPTY 8.7 order XML Element Name: order Namespace: DAV: Purpose: For use with the new ORDERPATCH method. Describes a change to be made in a collection ordering. Value: A description of the new positions of collection members in the collection's ordering. Slein et al. Page 41 INTERNET-DRAFT WebDAV Collections Protocol April 1999 8.8 ordermember XML Element Name: ordermember Namespace: DAV: Purpose: Occurs in the order XML Element, and describes the new position of a single collection member in the collection's ordering. Value: An href containing a relative URI, and a description of its new position in the ordering. The href XML element is defined in [WebDAV], Section 11.3. 8.9 position XML Element Name: position Namespace: DAV: Purpose: Occurs in the member XML element. Describes the new position in a collection's ordering of one of the collection's members. Value: The new position can be described as first in the collection's ordering, last in the collection's ordering, before some other member of the collection, or after some other member of the collection. 8.10 first XML Element Name: first Namespace: DAV: Purpose: Occurs in the position XML element. Describes the collection member's position as first in the collection's ordering. Value: EMPTY 8.11 last XML Element Name: last Namespace: DAV: Purpose: Occurs in the position XML element. Describes the collection member's position as last in the collection's ordering. Value: EMPTY 8.12 before XML Element Name: before Namespace: DAV: Purpose: Occurs in the position XML element. Describes the Slein et al. Page 42 INTERNET-DRAFT WebDAV Collections Protocol April 1999 collection member's position as coming before some other collection member in the collection's ordering. Value: href of the member it precedes in the ordering 8.13 after XML Element Name: after Namespace: DAV: Purpose: Occurs in the position XML element. Describes the collection member's position as coming after some other collection member in the collection's ordering. Value: href of the member it follows in the ordering 8.14 options XML Element Name: options Namespace: DAV: Purpose: Used in OPTIONS requests to ask for more detailed information about capabilities than can be provided in the DAV: response header. Used in OPTIONS responses to provide that information. Value: List of elements identifying or providing the additional information desired. 8.15 refintegrityoptions XML Element Name: refintegrityoptions Namespace: DAV: Purpose: Used in OPTIONS requests to ask for the list of referential enforcement policies that can be supported at the request- URI. Used in OPTIONS responses to provide that information. This is the list of valid values for the Ref-Integrity Header for that request-URI. Value: EMPTY on requests. On responses, it is the list of valid values for Ref-Integrity. 8.16 orderingoptions XML Element Name: orderingoptions Namespace: DAV: Purpose: Used in OPTIONS requests to ask for the list server- maintained orderings that can be supported at the request- URI. Used in OPTIONS responses to provide that information. These values can be used in the Ordered header or the DAV:orderingtype property to request that a particular server-maintained ordering be applied to the collection. Value: EMPTY on requests. On responses, it is the list of server- Slein et al. Page 43 INTERNET-DRAFT WebDAV Collections Protocol April 1999 maintained orderings available for the request-URI. 8.17 do-not-enforce XML Element Name: do-not-enforce Namespace: DAV: Purpose: Used in responses to OPTIONS requests for refintegrityoptions, to indicate that the server can honor requests that referential integrity not be enforced for the request-URI. If it is included in an OPTIONS response, then the client can use it as a value of the Ref-Integrity header in a MKREF request to the same URI. Value: EMPTY. 9 Extensions to the DAV:response XML Element for Multi-Status Responses As described in Sections 4.5 and 4.6, the DAV:location property and the DAV:reftype property may be returned in the DAV:response element of a 207 Multi-Status response, to allow clients to resubmit their requests to the target resource of a redirect reference. As described in Section 4.13, the DAV:reftype and DAV:reftarget properties may be returned in the DAV:response element of a 207 Multi- Status response, to indicate that a problem is not with a direct reference, but with its target resource. Whenever these properties are included in a Multi-Status response, they will be placed in a DAV:prop element associated with the href to which they apply. This structure provides a framework for future extensions by other standards that may need to include additional properties in their responses. Consequently, the definition of the DAV:response XML element changes to the following: 10 Capability Discovery 10.1 Compliance Classes Since referencing and ordering are independent capabilities, a resource MAY support either or both. A resource that provides referencing MUST support redirect references, and MAY in addition support direct references. A response to an OPTIONS request MUST indicate which of these capabilities the resource supports. This specification defines two new methods: MKREF in support of referencing, and ORDERPATCH in support of ordering. The response MUST indicate which of these methods the resource allows. In addition, the Slein et al. Page 44 INTERNET-DRAFT WebDAV Collections Protocol April 1999 response MUST include the DAV header, as described in Sections 9.1 and 15 of [WebDAV]. Three new compliance classes are defined here for use with the DAV header: basicref, directref, and orderedcoll. When responding to an OPTIONS request, only a collection or a null resource can include orderedcoll in the value of the DAV header. By including orderedcoll, the resource indicates that its immediate member URIs can be ordered. It implies nothing about whether any collections identified by its member URIs can be ordered. When responding to an OPTIONS request, any type of resource can include basicref or directref in the value of the DAV header. Including basicref indicates that the server permits a redirect reference at the request URI. Including directref indicates that the server permits a direct reference at the request URI. 10.2 Example: Discovery of Compliance Classes Request: OPTIONS /somecollection/ HTTP/1.1 HOST: somehost.org Response: HTTP/1.1 200 OK Date: Tue, 20 Jan 1998 20:52:29 GMT Connection: close Accept-Ranges: none Allow: OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, MKREF, ORDERPATCH Public: OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, MKREF, ORDERPATCH DAV: 1, 2, basicref, directref, orderedcoll This response indicates that the resource /somecollection/ is level 1 and level 2 compliant, as defined in [WebDAV]. In addition, /somecollection/ supports ordering and is in a part of the server namespace that allows creation of redirect and direct references. (In light of the semantics of MKREF, the resource currently at /somecollection/ would have to be deleted before a reference could be created at that URI.) 10.3 Additional Advanced Collections Capabilities Clients may need detailed information about specific areas of advanced collections functionality. This information can be requested by sending an OPTIONS request with an XML body that includes a DAV:options element. The DAV:options element contains a list of empty elements identifying the information the client needs. As described in Section 4.3, clients are required to include the Ref- Integrity header in any MKREF request to specify the desired referential integrity enforcement policy for the new reference. The only value of Ref-Integrity defined in this specification is DAV:do-not-enforce. If Slein et al. Page 45 INTERNET-DRAFT WebDAV Collections Protocol April 1999 the client wants referential integrity to be enforced, it needs to know what other values of Ref-Integrity the server can support. To discover what values can be used for a particular request-URI, the client includes an empty DAV:refintegrityoptions element in the DAV:options element. The response will include a DAV:refintegrityoptions element with the list of supported referential integrity enforcement policies. Servers MUST advertise the referential integrity enforcement policies available at a URI using this mechanism. As described in Section xxx, servers may offer a set of server- maintained orderings on collections. Clients can discover the list of server-maintained orderings available for the request-URI by including an empty DAV:orderingoptions element in the DAV:options element. The response will include a DAV:orderingoptions element with the list of supported server-maintained orderings. Servers SHOULD advertise the server-maintained orderings available using this mechanism. 10.4 Example: Discovery of Referential Integrity Options Request: OPTIONS /somecollection/fooref HTTP/1.1 HOST: somehost.org Response: HTTP/1.1 200 OK Date: Tue, 20 Jan 1998 20:52:29 GMT Connection: close Accept-Ranges: none Allow: OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, MKREF Public: OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, MKREF DAV: 1, basicref This response indicates that the resource /somecollection/fooref is level 1 compliant, as defined in [WebDAV]. In addition, /somecollection/fooref is in a part of the server namespace that allows creation of redirect references. The client also asked for a list of the values of Ref-Integrity that are supported for /somecollection/fooref. The response indicates that the values DAV:do- Slein et al. Page 46 INTERNET-DRAFT WebDAV Collections Protocol April 1999 not-enforce and Xerox:block-deletes are supported. 11 Dependencies on Other Specifications TBD 12 Security Considerations This section is provided to detail issues concerning security implications of which WebDAV applications need to be aware. All of the security considerations of HTTP/1.1 and the base WebDAV protocol also apply to WebDAV collections. In addition, referential resources and ordered collections introduce several new security concerns and increase the risk of some existing threats. These issues are detailed below. 12.1 Privacy Concerns By creating references on a trusted server, it is possible for a hostile agent to induce users to send private information to a target on a different server. This risk is mitigated somewhat for redirect references, since clients are required to notify the user of the redirection for any request other than GET or HEAD. (See [HTTP], Section 10.3.3 Moved Temporarily.) For direct references, clients can determine the resource type, reference type, and target location before sending a request, but are not required to notify users if the target is on another server. 12.2 Redirect Loops Although redirect loops were already possible in HTTP 1.1, the introduction of referential resources creates a new avenue for clients to create loops accidentally or maliciously. If the referential resource and its target are on the same server, the server may be able to detect MKREF requests that would create loops. See also [HTTP], Section 10.3 "Redirection 3xx." 12.3 References and Denial of Service Denial of service attacks were already possible by posting URLs that were intended for limited use at heavily used Web sites. The introduction of referential resources creates a new avenue for similar denial of service attacks. Clients can now create references at heavily used sites to target locations that were not designed for heavy usage. 12.4 References May Reveal Private Locations There are several ways that the referencing mechanisms described here may reveal information about directory structures. First, the DAV:reftarget property of every reference contains the URI of the target resource. Anyone who has access to the reference can discover the directory path that leads to the target resource. The owner of the target resource may have wanted to limit knowledge of this directory structure. Slein et al. Page 47 INTERNET-DRAFT WebDAV Collections Protocol April 1999 Sufficiently powerful access control mechanisms can control this risk to some extent. Property-level access control could prevent users from examining the DAV:reftarget property. (The Ref-Target header, which is returned in most responses to requests on direct references, reveals the same information, however.) In some environments, the owner of a resource might be able to use access control to prevent others from creating references to that resource. Second, although this specification does not require servers to maintain referential integrity, it does not prevent them from doing so. If a server updates a reference’s DAV:reftarget property when its target resource is moved, there is the risk that a private location will be revealed in the new value of DAV:reftarget. Clients can avoid this risk by doing a COPY followed by a DELETE rather than a MOVE. Finally, if backpointers are maintained on the target resource, the owners of references face these same risks. The directory structures where references are located are revealed to anyone who has access to the DAV:references property on a target resource. Moving a reference may reveal its new location to anyone with access to DAV:references on its target resource. 12.5 DAV:references and Denial of Service If the server maintains the DAV:references property in response to references created in other administrative domains, it is exposed to hostile attempts to make it devote resources to adding references to the list. 12.6 DAV:references and Malicious Deletion of Resources Servers that support the DAV:references property should insure that clients cannot create editable properties with the name DAV:references. An editable DAV:references property would constitute a security risk on servers that enforce referential integrity by deleting references when their target is deleted. These servers could be tricked into deleting a resource by listing it in the DAV:references property of some target resource. 12.7 Denial of Service and DAV:orderingtype There may be some risk of denial of service at sites that are advertised in the DAV:orderingtype property of collections. However, it is anticipated that widely-deployed applications will use hard-coded values for frequently-used ordering semantics rather than looking up the semantics at the location specified by DAV:orderingtype. 13 Internationalization Considerations This specification follows the practices of [WebDAV] in encoding all human-readable content using XML [XML] and in the treatment of names. Consequently, this specification complies with the IETF Character Set Policy [Alvestrand]. Slein et al. Page 48 INTERNET-DRAFT WebDAV Collections Protocol April 1999 WebDAV applications MUST support the character set tagging, character set encoding, and the language tagging functionality of the XML specification. This constraint ensures that the human-readable content of this specification complies with [Alvestrand]. As in [WebDAV}, names in this specification fall into three categories: names of protocol elements such as methods and headers, names of XML elements, and names of properties. Naming of protocol elements follows the precedent of HTTP, using English names encoded in USASCII for methods and headers. The names of XML elements used in this specification are English names encoded in UTF-8. For error reporting, [WebDAV] follows the convention of HTTP/1.1 status codes, including with each status code a short, English description of the code (e.g., 423 Locked). Internationalized applications will ignore this message, and display an appropriate message in the user's language and character set. For rationales for these decisions and advice for application implementors, see [WebDAV]. 14 IANA Considerations This document uses the namespaces defined by [WebDAV] for properties and XML elements. All other IANA considerations mentioned in [WebDAV] also apply to this document. 15 Copyright To be supplied. 16 Intellectual Property To be supplied. 17 Acknowledgements This draft has benefited from thoughtful discussion by Jim Amsden, Steve Carter, Ken Coar, Ellis Cohen, Bruce Cragun, Spencer Dawkins, Mark Day, Rajiv Dulepet, David Durand, Roy Fielding, Yaron Goland, Fred Hitt, Alex Hopmann, Marcus Jager, Chris Kaler, Manoj Kasichainula, Rohit Khare, Daniel LaLiberte, Steve Martin, Larry Masinter, Jeff McAffer, Surendra Koduru Reddy, Max Rible, Sam Ruby, Bradley Sergeant, Nick Shelness, John Stracke, John Tigue, John Turner, and others. Ccjason, 18 References 18.1 Normative References [URI] T. Berners-Lee, R. Fielding, L. Masinter, "Uniform Resource Identifiers (URI): Generic Syntax." RFC 2396. MIT/LCS, U.C. Irvine, Xerox. August, 1998. Slein et al. Page 49 INTERNET-DRAFT WebDAV Collections Protocol April 1999 [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate Requirement Levels." RFC 2119, BCP 14. Harvard University. March, 1997. [XML] T. Bray, J. Paoli, C.M. Sperberg-McQueen, "Extensible Markup Language (XML)." World Wide Web Consortium Recommendation REC-xml- 19980210. http://www.w3.org/TR/1998/REC-xml-19980210. [HTTP] R. Fielding, J. Gettys, J. Mogul, H. Frystyk, T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1." RFC 2068. UC Irvine, DEC, MIT/LCS. January, 1997. [WebDAV] Y. Y. Goland, E. J. Whitehead, Jr., A. Faizi, S. R. Carter, D. Jensen, "HTTP Extensions for Distributed Authoring - WebDAV." RFC 2518. Microsoft, U.C. Irvine, Netscape, Novell. February, 1999. 18.2 Informational References [DASL] Saveen Reddy, D. Jensen, Surendra Reddy, R. Henderson, J. Davis, A. Babich, "DAV Searching & Locating." Draft-reddy-dasl-protocol-03. Internet Draft, work in progress. Microsoft, Novell, Oracle, Netscape, Xerox, Filenet. November, 1998. [CollReq] J. Slein, J. Davis, "Requirements for Advanced Collection Functionality in WebDAV." Draft-ietf-webdav-collection-reqts-02. Internet Draft, work in progress. Xerox. February, 1999. 19 Authors' Addresses J. Slein Xerox Corporation 800 Phillips Road, 105-50C Webster, NY 14580 Email: jslein@crt.xerox.com J. Davis CourseNet Systems 170 Capp Street San Francisco, CA 94110 Email: jrd3@alum.mit.edu T. Chihaya DataChannel, Inc. 155 108th Ave. N.E., Suite 400 Bellevue, WA 98004 Email: Tyson@DataChannel.com G. Clemm Rational Software Corporation 20 Maguire Road Lexington, MA 02173-3104 Email: gclemm@rational.com C. Fay FileNet Corporation 3565 Harbor Boulevard Slein et al. Page 50 INTERNET-DRAFT WebDAV Collections Protocol April 1999 Costa Mesa, CA 92626-1420 Email: cfay@filenet.com E.J. Whitehead Jr. Dept. of Information and Computer Science University of California, Irvine Irvine, CA 92697-3425 Email: ejw@ics.uci.edu 20 Appendices 20.1 Appendix 1: Extensions to the WebDAV Document Type Definition 20.2 Appendix 2: Summary of Method Semantics for References This section summarizes the semantics of each HTTP and WebDAV method when the request-URI identifies a reference. The normative statements that are summarized here can be found in Sections 4.3 - 4.10. For each method, there are four cases to consider: o Request-URI identifies a redirect reference, and the No-Passthrough header is not used o Request-URI identifies a redirect reference, and the No-Passthrough header is present o Request-URI identifies a direct reference, and the No-Passthrough Slein et al. Page 51 INTERNET-DRAFT WebDAV Collections Protocol April 1999 header is not used o Request-URI identifies a direct reference, and the No-Passthrough header is present When the No-Passthrough header is used, the situation is simple. For all methods, the request is applied to the reference, not to its target resource. The following table summarizes behavior for the cases where the No- Passthrough header is not used: METHOD | REDIRECT REFERENCE | DIRECT REFERENCE --------------------------------------------------------------------- GET | Respond with 302 status code | Apply method to target --------------------------------------------------------------------- HEAD | Respond with 302 status code | Apply method to target --------------------------------------------------------------------- OPTIONS | Respond with 302 status code | Apply method to target --------------------------------------------------------------------- PUT | Respond with 302 status code | Apply method to target --------------------------------------------------------------------- POST | Respond with 302 status code | Apply method to target --------------------------------------------------------------------- MKCOL | Respond with 302 status code | Apply method to target | | (fails unless dangling) --------------------------------------------------------------------- MKREF | Respond with 302 status code | Apply method to target | | (fails unless dangling) --------------------------------------------------------------------- PROPPATCH | Respond with 302 status code | Apply method to target --------------------------------------------------------------------- PROPFIND | Respond with 302 status code | Apply method to target ===================================================================== DELETE | Apply method to reference | Apply method to reference --------------------------------------------------------------------- MOVE | Apply method to reference | Apply method to reference ===================================================================== COPY | Apply method to reference | Apply method to target --------------------------------------------------------------------- LOCK | Apply method to reference | Apply method to target --------------------------------------------------------------------- UNLOCK | Apply method to reference | Apply method to target PROPFIND, DELETE, MOVE, COPY, LOCK, and UNLOCK can be applied to collections. In cases where the collection contains references, behavior for the references in the collection follows the same rules as the table describes for individual references. So, for example, if a PROPFIND encounters a redirect reference within a collection, it returns a 302 status code for that redirect reference in the Multi-Status response. If the PROPFIND encounters a direct reference, it returns the properties of the direct reference’s target resource in the Multi-Status response. Expires October 5, 1999 Slein et al. Page 52