W3C home > Mailing lists > Public > xml-dist-app@w3.org > May 2003

RE: Content-free Header and Body elements

From: Christopher B Ferris <chrisfer@us.ibm.com>
Date: Thu, 15 May 2003 17:22:39 -0400
To: "Martin Gudgin" <mgudgin@microsoft.com>
Cc: "Rich Salz" <rsalz@datapower.com>, xml-dist-app@w3.org
Message-ID: <OF7250941C.09CFCDF8-ON85256D27.0074E788-85256D27.00759E6C@us.ibm.com>

Gudge,

I thought Rich's question was a little more subtle than that (which is why 
I didn't
address the first part:)

He asked:

>>In other words, if there are no headers, are message processors allowed
>>to insert/delete an empty Header element?  I believe the answer is yes,
>>as I can't find text that says otherwise.

I took this to be asking a question related to processing a SOAP message 
(e.g. an intermediary).
e.g. If I receive:

<S:Envelope>
  <S:Header><tns:foo role="me"/></S:Header>
  <S:Body> ... </S:Body>
</S:Envelope>

and process the tns:foo header, can I serialize the message as:

either:

<S:Envelope>
  <S:Header></S:Header>
  <S:Body> ... </S:Body>
</S:Envelope>

or 

<S:Envelope>
  <S:Body> ... </S:Body>
</S:Envelope>

? I might have expected the answer to be: yes, either is permitted as the
messages are equivalent and both are valid (as you rightly point out).

However, suppose I had a digital signature in the Body that signed
over the message and simply excluded the tns:foo header. If I remove
the S:Header element, I break the signature. Of course, maybe this is
a bad idea, but ...

The SOAP process model (last time I looked) said nothing about removing
the S:Header, only about removing header blocks after they are processed
by the node. I think that this is what Rich was asking.

Of course, I could be mis-reading Rich's question too:)

Cheers,

Christopher Ferris
Architect, Emerging e-business Industry Architecture
email: chrisfer@us.ibm.com
phone: +1 508 234 3624

"Martin Gudgin" <mgudgin@microsoft.com> wrote on 05/15/2003 04:56:29 PM:

> Rich,
> 
> [1] says that the Header element is optional.
> [2] says that it can be empty.
> 
> So, you're fine missing the Header element out, or putting it in but 
leaving it empty.
> 
> Gudge
> 
> [1] http://www.w3.org/TR/soap12-part1/#soapenvelope
> [2] http://www.w3.org/TR/soap12-part1/#soaphead
> 
> 
> 
> 
> 
> ________________________________
> 
> From: xml-dist-app-request@w3.org on behalf of Rich Salz
> Sent: Thu 15/05/2003 19:50
> To: Christopher B Ferris
> Cc: xml-dist-app@w3.org
> Subject: Re: Content-free Header and Body elements
> 
> 
> 
> 
> > I won't presume to answer the first part, however per section 5.1 [1], 
a
> > SOAP Envelope
> > must have a soap:Body element information item, although that EII may 
be
> > empty.
> 
> Thanks.  I *thought* so, I just missed it while skimming the spec.
> Perhaps it's time for *me* to get new specs. :)
> 
> The more interesting one is the header element; looking forward to
> answers there.
>         /r$
> 
> >
> > Hence,
> >
> >
> >>   <S:Envelope>
> >>      <S:Header><tns:foo/></S:Header>
> >>   </S:Envelope>
> >>and
> >>   <S:Envelope>
> >>   </S:Envelope>
> >
> >
> > are both invalid SOAP messages.
> >
> > [1] http://www.w3.org/TR/soap12-part1/#soapenv
> >
> > Cheers,
> >
> > Christopher Ferris
> > Architect, Emerging e-business Industry Architecture
> > email: chrisfer@us.ibm.com
> > phone: +1 508 234 3624
> >
> > xml-dist-app-request@w3.org wrote on 05/15/2003 02:16:20 PM:
> >
> >
> >>Are the following messages semantically equivalent (namespace
> >>declarations omitted for brevity)?
> >>   <S:Envelope>
> >>      <S:Header></S:Header>
> >>      <S:Body><tns:foo/></S:Body>
> >>   </S:Envelope>
> >>and
> >>   <S:Envelope>
> >>      <S:Body><tns:foo/></S:Body>
> >>   </S:Envelope>
> >>
> >>In other words, if there are no headers, are message processors 
allowed
> >>to insert/delete an empty Header element?  I believe the answer is 
yes,
> >>as I can't find text that says otherwise.
> >>
> >>And what if there are no EII's for the Body, can that be omitted?
> >>   <S:Envelope>
> >>      <S:Header><tns:foo/></S:Header>
> >>   </S:Envelope>
> >>and
> >>   <S:Envelope>
> >>   </S:Envelope>
> >>
> >>This has implications for message normalization and the ability to 
sign
> >>SOAP messages.
> >>   /r$
> >>--
> >>Rich Salz, Chief Security Architect
> >>DataPower Technology         http://www.datapower.com
> >>XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
> >>
> >
> >
> 
> 
> --
> Rich Salz, Chief Security Architect
> DataPower Technology         http://www.datapower.com
> XS40 XML Security Gateway    http://www.datapower.com/products/xs40.html
> 
> 
> 
Received on Thursday, 15 May 2003 17:23:50 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:59:14 GMT