Fetching contributors…
Cannot retrieve contributors at this time
117 lines (93 sloc) 5.71 KB
This specification aims to formalize the Strata protocol for building web
applications using the node.js JavaScript platform. You can (and should) use
the strata.lint middleware to enforce it. When you develop middleware, be sure
to add a strata.lint before and after to catch all mistakes.
# Applications
A Strata application is a function that takes exactly two arguments: the
*environment* and a *callback*.
## The Environment
The environment is an object that contains CGI-like properties. It MUST include
the following:
- protocol The request protocol. Must be "http:" or "https:"
- protocolVersion The version of the protocol used in the request
- requestMethod The request method (e.g. "GET" or "POST")
- requestTime A Date that indicates the time the request was received
- remoteAddr The IP address of the client
- remotePort The number of the port on the client that is being used.
May be 0 if unknown
- serverName The host name of the server. Defaults to the value of
process.env.SERVER_NAME or the bound address of the server
as reported by the operating system
- serverPort The number of the TCP port the server is bound to. May be
0 when using Unix domain sockets
- scriptName The initial portion of the request URL's "path" that
corresponds to the application, so that it knows its
virtual "location". This may be an empty string, if the
application corresponds to the "root" of the server
- pathInfo The remainder of the request URL's "path", designating
the virtual "location" of the target resource within the
application. This may be an empty string if the request
URL targets the "root" of the application and does not
have a trailing slash. This value may be percent-encoded
when originating from a URL
- queryString The portion of the request URL that follows the "?", if
any. May be an empty string
- headers An object of client-supplied HTTP headers and their values.
All header names must be lower-cased
- input A readable Stream of data contained in the request body
- error A writable Stream for error output
- strataVersion A string that indicates the current version of strata
In addition to these, the environment MAY include the following properties:
- flash A string containing the flash message, if any. This is a
message that was set using the flash module and is
available to all applications downstream from a
strata.flash middleware
- remoteUser A string containing the name of the authorized user when
using HTTP basic auth. Available to all applications
downstream from a strata.basicAuth middleware
- route An object containing information about the route that was
triggered. Available to all applications downstream from a
strata.Router application
- session An object containing session data. Available to all
applications downstream from a strata.sessionCookie
- timeout The numerical id of the timeout set by the timeout
middleware. May be used by downstream apps to cancel the
timeout using clearTimeout
When combined with scriptName and pathInfo, the serverName and serverPort
variables may be used to reconstruct the original request URL. Note, however,
that if httpHost is present it should be used in preference to serverName.
There are the following additional restrictions:
- requestMethod must be a valid HTTP verb as an uppercase String
- scriptName and pathInfo, if not empty, should start with a "/"
- scriptName should never be "/" but instead be empty
- pathInfo should be "/" if scriptName is empty
- headers['content-length'], if given, must consist of only digits
- input must be paused
The application is free to modify the environment. Property names must be
prefixed uniquely. The prefix "strata" is reserved for use within the Strata
core distribution and other accepted specifications and is not available for
use elsewhere.
## The Callback
The callback is used to issue a response to the client and must be called with
exactly three arguments: the response *status*, HTTP *headers*, and *body*.
### The Status
The status must be an HTTP status code as a Number.
### The Headers
The headers must be an object whose properties are the names of HTTP headers in
their canonical form (i.e. "Content-Type" instead of "content-type"). Header
names may contain only letters, digits, "-", and "_" and must start with a
letter and must not end with a "-" or "_". If more than one value for a header
is required, the value for that property must be an array. Otherwise it may be
a string or a number.
There must be a Content-Type header, except for when the status is 1xx, 204, or
304, in which case there must be none given.
There must not be a Content-Length header when the status is 1xx, 204, or 304,
or it must be "0".
### The Body
The body must be either a string or a readable Stream. If it is a Stream, the
response will be pumped through to the client.
# Acknowledgements
Some parts of this specification are adopted from PEP333: Python Web Server
Gateway Interface v1.0 ( and the Rack
specification (