HTTP extensibility: musings and a proposal from Paul Leach on 1996-04-18 (ietf-http-wg@w3.org from April to June 1996)

From: Paul Leach <paulle@microsoft.com>
Date: Wed, 17 Apr 1996 17:28:30 -0700
To: "'http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com'" <http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com>
Message-Id: <c=US%a=_%p=msft%l=RED-77-MSG-960418002830Z-12006@red-05-imc.itg.microsoft.com>

Lately, I've been thinking about HTTP extensibility and contrasting it
with object system extensibility. The implicit type compatibility rules
in the HTTP is much looser than for (e.g.) C++ -- one can add often new
headers to HTTP requests and responses in a backwards compatible way,
whereas such extensions would not pass the type checker of most strongly
typed languages. New headers can't have arbitrary semantics: they have
to have semantics such that proxies can just forward them, and servers
can ignore them, if not understood.

Another interesting aspect of HTTP in this regard is the Connection:
header. Proxies are supposed to delete headers named in the Connection
header before forwarding them. This allows addition of headers that are
only supposed to apply to directly connected clients and servers to be
added to HTTP, without fear that they will be forwarded out of scope by
unaware proxies.

This notion can be extended -- it is easy to imagine adding headers that
origin-servers can't just ignore when they don't understand them. In
such cases, they should return a status code saying that they reject the
request; the client might retry using some alternate, perhaps less
fucntional, headers that the server did understand.

The description of such a header might be like this:
------------------
10.xx Critical

The Critical request header lists other header names that the server
must understand in order to correctly service the request. If the server
does not understand the listed header names, then it must respond with
status code 5xx Unknown Header, instead of the default action of
ignoring the header and executing the request. The purpose of this
header is to allow new headers to be introduced in future versions of
HTTP that servers can't just ignore.

	Critical	= "Critical" ":" 0#( header-name )
--------------------

IF (and I admit it's a big if) this all seems super-obvious, then it
might be a good idea to put this into HTTP 1.1, in order to allow us to
add things to 1.2 that might otherwise have to wait. If there's the
least little controversy, or even any details to work out, then its too
late for 1.1. (And I realize that this seems like it might overlap with
PEP, which I haven't read because it wouldn't be in 1.1 and so I could
put it off -- I'll accept abuse on that score.)

But I thought it was an interesting enough idea to bring it up now.

Comments?

----------------------------------------------------
Paul J. Leach            Email: paulle@microsoft.com
Microsoft                Phone: 1-206-882-8080
1 Microsoft Way          Fax:   1-206-936-7329
Redmond, WA 98052

Received on Wednesday, 17 April 1996 17:33:53 UTC