- From: Francois Daoust <fd@w3.org>
- Date: Wed, 23 Jan 2008 12:30:40 +0100
- To: public-bpwg-ct@w3.org
Per ACTION-625 created during last teleconf', I'm to (re-)initiate the discussion on what exactly the guidelines have to say about "dangerous" content and its possible transformation by a CT-aware proxy when the proxy is told not to transform anything. I have the feeling that there exist different points of view within the Working Group, and thus wanted to make sure: 1. we were talking about the same thing 2. we have a clear agreement on that 3. the document states things clearly as well If we already all agree, then my apologies for this lengthy mail! In current draft ---------------- http://www.w3.org/2005/MWI/BPWG/Group/TaskForces/CT/editors-drafts/Guidelines/080118 ... the subject is mentioned both in "2.4 Proxy States": "In the passive state it behaves like a transparent proxy and behaves as though a Cache-Control: no-transform directive were present on every request and every response, with the possible exception that - only with the consent of both the user and the content provider - content which it has been determined would cause serious mis-operation of the client, such as causing it to crash, may be minimally transformed to prevent that mis-operation." and at the end of "3.5 Proxy Response to client": "[...] if the proxy determines that the resource as currently represented is likely to cause serious mis-operation of the client then the proxy may transform the resource but only sufficiently to alter the specific aspect of the content that is likely to cause mis-operation. Proxies must not exhibit this behavior unless this has been specifically allowed by both the server and the user. [@@ either by persistent registration of preferences, or by use of the [@@correct dangerous content] directive.]" Problem statement ----------------- I would rephrase the problem as follow... When the following points are true: a) the HTTP request from the client or the HTTP response from the CP contains a HTTP "Cache-Control: no-transform" directive b) the HTTP request from the client or the HTTP response from the CP does not contain any other CT-aware directives c) a CT-aware proxy detects that the response content is "dangerous", such as it thinks it would likely crash the client's browser ... should we recommend the CT-aware proxy MAY apply some minimal content transformation to prevent the detected crash? Different points of view ------------------------ Feel free to correct me if I'm wrong. I'm not quoting anyone, just trying to reformulate what I understood, so I'm likely to be wrong ;) 1. HTTP/1.1 RFC2616 "The CT-aware proxy MUST NOT apply any transformation in that case." "[...] if a message includes the no-transform directive, [...] the cache or proxy MUST NOT change any aspect of the entity-body that is specified by these headers, including the value of the entity-body itself." (14.9.5) 2. Jo: "The CT-aware proxy MUST NOT apply any transformation in that case." "If the Cache-Control: no-transform directive is completed with a [@@correct dangerous content] directive, then and only then the CT-aware proxy MAY apply some transformation." The first part is a direct answer to the problem as stated here. The second part is not an exception-to-the-rule case, but rather another (useful IMHO) guideline when b) above is not true. It's only indirectly linked to the problem. 3. Bryan "The CT-aware proxy MAY override the no-transform directive in exceptional cases. The document cannot cover these cases but may mention their existence." (see http://lists.w3.org/Archives/Public/public-bpwg-ct/2008Jan/0017.html part 2.4) 4. Aaron (Kemp) Before leaving the teleconf' yesterday, you mentioned you were thinking exceptions were indeed needed. 5. Nigel "The CT-aware proxy MUST NOT apply any transformation in that case." But you seemed to agree to a not-too-strong mention of the existence of exceptional cases: http://lists.w3.org/Archives/Public/public-bpwg-ct/2007Dec/0008.html 6. François "The CT-aware proxy MUST NOT apply any transformation in that case." This looks to me as wishful thinking. I do understand this goes in the right direction for the user, but don't see how we could precise the "exceptional" cases where the CT-aware proxy may change something. 7. Others? Additional thoughts ------------------- I'm wondering about the Cache-Control: no-transform directive... Do we have any stats as to its use for "regular" web content? It doesn't seem the directive is widely being used. In all cases, it's not being used by default, is it? In other words, if the directive is present, it would likely mean the CP is CT-aware, and if he's CT-aware, he's likely to know at least a bit about what this directive implies in terms of mobile presentation. If we want to mention the existence of exceptional cases, I would suggest going one step further in the definition with something like: "If the CP (or client depending on whether the no-transform directive is in the HTTP response or request) is CT-aware, the proxy MUST NOT apply any transformation in that case. If the CP (or client depending on whether the no-transform directive is in the HTTP response or request) is CT-unaware, the proxy MAY apply some minimal transformation in that case, but MUST inform the client about it." In other words: trust a CT-aware CP or client more than a CT-aware proxy - they should know what they are doing - but trust a CT-aware proxy more than a CT-unaware CP or client... My proposal ----------- For 2.4: I would cut the end of the sentence: "In the passive state it behaves like a transparent proxy and behaves as though a Cache-Control: no-transform directive were present on every request and every response". For 3.5: Actually, I would remove the text there and add the following to 3.3: "Servers may add a [@@correct dangerous content] directive to the Cache-Control: no-transform directive indicating that the proxy MAY apply some minimal transformation if it detects the content would cause serious mis-operation by the client". In 3.1: I would mention that possibility for the client to use that directive as well. Questions -------- - MUST NOT or MAY? - if MAY, how would you formulate it? - in both cases, OK to recommend a [@@correct dangerous content] directive? François.
Received on Wednesday, 23 January 2008 11:30:56 UTC