From 3b49f055ad23e9a1349f4d0d4b7bb261bc155c38 Mon Sep 17 00:00:00 2001 From: Julian Reschke Date: Wed, 3 Jun 2020 11:14:19 +0100 Subject: [PATCH 1/2] restore changes from https://github.com/httpwg/http-core/commit/f20cacb0233fabba0b78f0403057d468f5daf1a6 --- draft-ietf-httpbis-semantics-latest.xml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/draft-ietf-httpbis-semantics-latest.xml b/draft-ietf-httpbis-semantics-latest.xml index 7a46ea82e..2cf0f015c 100644 --- a/draft-ietf-httpbis-semantics-latest.xml +++ b/draft-ietf-httpbis-semantics-latest.xml @@ -1430,6 +1430,11 @@ deployed and not likely to be registered in a timely manner otherwise. A recipient &SHOULD; treat other octets in field content (obs&nbhy;text) as opaque data. + + Field values containing one or more CR characters ("bare CRs") &MUST-NOT; + be generated; recipients &MUST; either reject a field value containing bare + CRs, or convert them to SP before processing or forwarding the message. + Leading and trailing whitespace in raw field values is removed upon field parsing (). Field definitions where leading or trailing @@ -12305,6 +12310,10 @@ Content-Encoding: gzip Minimum URI lengths to be supported by implementations are now recommended. () + + Prohibited the generation of bare CRs in field values. + () + The term "effective request URI" has been replaced with "target URI". () @@ -12559,6 +12568,7 @@ Content-Encoding: gzip
    +
  • In , disallow bare CRs ()
From 6b680c97479c82e3cdc1d5037990fcc638621697 Mon Sep 17 00:00:00 2001 From: Julian Reschke Date: Fri, 5 Jun 2020 09:41:09 +0100 Subject: [PATCH 2/2] expand instructions from bare CR to any CTL (also, not to send already was a requirement) --- draft-ietf-httpbis-semantics-latest.xml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/draft-ietf-httpbis-semantics-latest.xml b/draft-ietf-httpbis-semantics-latest.xml index 866b80060..025ff8226 100644 --- a/draft-ietf-httpbis-semantics-latest.xml +++ b/draft-ietf-httpbis-semantics-latest.xml @@ -1454,9 +1454,10 @@ Content-Type: text/plain opaque data. - Field values containing one or more CR characters ("bare CRs") &MUST-NOT; - be generated; recipients &MUST; either reject a field value containing bare - CRs, or convert them to SP before processing or forwarding the message. + Field values containing control (CTL) characters such as + CR or LF are invalid; recipients &MUST; either reject a field value + containing control characters, or convert them to SP before processing or + forwarding the message. Leading and trailing whitespace in raw field values is removed upon field @@ -12332,8 +12333,9 @@ Content-Encoding: gzip () - Prohibited the generation of bare CRs in field values. - () + Clarify that control characters in field values are to be rejected or + mapped to SP. + () The term "effective request URI" has been replaced with "target URI". @@ -12590,7 +12592,7 @@ Content-Encoding: gzip
  • In , add optional "Comments" entry ()
    • -
  • In , disallow bare CRs ()
    • +
  • In , instruct recipients how to deal with control characters in field values ()
  • In , update note about field ABNF ()