HTTP/1.1 requirements checklist. (Complete barring a review for errors (no timeline on that:-]).)
This document is not meant to replace rfcs 2616 and 2617 it is meant to act as a quick reference to the explicit requirements OTHER THAN THE BNF semantics that rfc 2616 requires. Conformance with the BNF is also required to meet http/1.1 compliance. Some minor SHOULD and MAY requirements which are not applicable to squid, or of use only once HTTP/1.1 compliance is achieved have been omitted. They will not impact squid's HTTP/1.1 base operation as a HTTP/1.1 proxy. Advanced features such as content type filtering may be impacted however. |
Excel version: | squid-http1.1.xls |
Tab delimited: | squid-http1.1.tsv |
ID | Requirement type | section | requirement | squid status | tickmark | notes |
1 | REQUIRED | 2.1 | handle implied LWS = [CRLF] 1*( SP | HT ) | should do now | ||
2 | REQUIRED | 2.2 | fold CRLF in headers into one long header before interpreting | should do now | ||
3 | MUST | 3.1 | parse HTTP-Version as two multi-digit integers | unknown | ||
4 | SHOULD | 3.1 | send HTTP/1.1 in messages once we are conditionally compilent | not done | ||
5 | MUST | 3.1 | send HTTP/1.1 in messages that are not compatible with HTTP/1.0 | not done | ||
6 | MUST NOT | 3.1 | send HTTP versions greater than that of squid itself. (squid will be 1.1 when and only when it is conditionally compliant with rfc 2616 | does now | when we support all of http/1.1 send http/1.1 | |
7 | MUST | 3.1 | downgrade requests from greater than squid supports to what squid supports, return an error, or switch to tunnel behaviour | not done | hno - 7: Done, by simply downgrading the protocol number.
No attempts in downgrading the request is done |
|
8 | MUST | 3.1 | upgrade client requests to the highest version of HTTP supported by squid. | not done | conversion may involve altering header fields in ways that break the versions involved; HNO - 8: Does now. HTTP/0.9 is upgraded to HTTP/1.0 if support for 0.9 is enabled (and fixed). | |
9 | MUST | 3.1 | respond to old client requests with HTTP in the same major version. Ie a 1.x client must get a 1.x reponse, regardless if squid is a 2.x proxy by that point | not done | hno - all responses from swuid are in squids current http version | |
10 | MUST | 3.2.1 | handle the URI of any resource served out (read proxied) | unknown | ||
11 | SHOULD | 3.2.1 | handle unbounded length URI's if we allow long GET requests | not done | we set an upper limit on URI's | |
12 | SHOULD | 3.2.1 | return 414 for URI's longer than we can actually handle | not done | use caution handling URI's more than 255 bytes long - old clients or downstream proxies may break. Hno - we currently return some other error code | |
13 | SHOULD | 3.2.2 | avoid using ip address's in generated URL's | does now | squids host name is used | |
14 | MUST | 3.2.2 | add / to http urls that have no abs_path; and if generating requests include the / | not done | done when sending to origin, not when sending to another proxy | |
15 | MUST NOT | 3.2.2 | change the hostname in a request with a FQDN in it | not done | redirectors can violate this | |
16 | MAY | 3.2.2 | add squids domain to the hostname that are not fully qualified in requests received by squid | does now | configure squid with append_domain | |
17 | SHOULD | 3.2.3 | compare URI's by case-sensitive octet-by-octet comparioson of the entire URI. | not done | empty or absent ports are equivalent to the default for that resource; empty abs_path ="/" | |
18 | MUST | 3.2.3 | compare hostnames in URI's case-insensitively | not done | ||
19 | MUST | 3.2.3 | compare scheme names in URI's case-insensitively | not done | ||
20 | MUST | 3.2.3 | match % HEX HEX encoded characters with those outside the reserved and unsafe sets when comparing URI's | unknown | ie http://abc.com:80/~smith/home.html; http://ABC.com/%7Esmith/home.html; http://ABC.com:/%7esmith/home.html match | |
21 | MUST | 3.3.1 | handle the three date formats of HTTP/1.0 | should do now | robustness is encouraged :-] | |
22 | MUST | 3.3.1 | only generate dates in rfc 1123 format | should do now | ||
23 | MUST | 3.3.1 | generate all dates in GMT (UTC) time. | should do now | ||
24 | MUST | 3.3.1 | assume GMT time when reading asctime format | should do now | ||
25 | MUST | 3.3.1 | not add LWS to the HTTP-date format other than that specifically included in the grammer | should do now | ||
26 | MUST | 3.4 | specify the mapping assocaited with a MIME character set name when using MIME character sets | not done | error pages should specify the charset & possibly other places | |
27 | SHOULD | 3.4 | limit the use of MIME character sets to IANA registry defined character sets | not done | ||
28 | MAY | 3.4.1 | include a charset parameter even when the charset is ISO-8559-1 | not done | ||
29 | SHOULD | 3.4.1 | include a charset parameter even when the charset is ISO-8559-1 when we know we will not confuse the client | not done | ||
30 | MUST | 3.4.1 | for the 'client' respect the charset label provided by the sender. | not done | ||
31 | SHOULD NOT | 3.5 | create responses with Content-Encoding: identity | should do now | ||
32 | SHOULD | 3.5 | register new content-coding value tokens with IANA | na | ||
33 | SHOULD | 3.5 | make publicly available specifications for new content-coding value tokens which conform to the purpose of content coding as per section 3.5 | na | ||
34 | MUST | 3.6 | when a transfer-coding is applied, include "chunked" in the set of transfer codings unless the message is terminated by closing the connection. | not done | hno - check the te branch | |
35 | MUST NOT | 3.6 | applied "chunked" more than once to a message-body | not done | hno - check the te branch | |
36 | SHOULD | 3.6 | register new transfer-encodings with IANA (as per section 3.5 for content-codings | na | ||
37 | SHOULD | 3.6 | return 501 and close the connection when client entity-bodies are received that squid doesn't understand the transfer-codings of. | not done | hno - check the te branch | |
38 | MUST NOT | 3.6 | send transfer-codings (TE or Transfer-Encoding headers) to HTTP/1.0 clients | not done | hno - check the te branch | |
39 | OPTIONAL | 3.6.1 | send a trailer after sending chunked transfer encoded messages | not done | hno - check the te branch | |
40 | MUST NOT | 3.6.1 | put headers in the trailer unless a) the request included a TE header that indicates trailers is acceptable in the transfercoding (see 14.39) or b) the server is the origin, (and paraphrasing) the trailers are not needed to use the response) | not done | hno - check the te branch | |
41 | MUST | 3.6.1 | understand "chunked" transfer-coding | not done | hno - check the te branch | |
42 | MUST | 3.6.1 | ignore chunk-extensions not understood | not done | hno - check the te branch | |
43 | MUST NOT | 3.7 | use LWS between the type and sub type in media-types, or between attribute and values | does now | for squid generated headers | |
44 | SHOULD | 3.7 | when sending to older applications (< HTTP/1.1) only use media types when required by the type/subtype definition | not done | ||
45 | MUST | 3.7.1 | represent entity-bodies in canonical media-type form (except "text" types). | does now | see rfc 2616 section 3.7.1 | |
46 | MUST | 3.7.1 | represent entity-bodies in canonical media-type form (except "text" types) prior to content-coding them | does now | see rfc 2616 section 3.7.1 | |
47 | MUST | 3.7.1 | label data in charsets other than ISO-8859-1" with an appropriate charset value. | not done | see rfc 2616 section 3.4.1 for compatability notes | |
48 | MUST | 3.7.2 | include a boundary parameter as part of the media type value for multipart media types | unknown | hno - squid does not generate or touch mulipart entries. Rbc - we may need to with TE content. Ermm, | |
49 | MUST | 3.7.2 | only use CRLF in multipart messages to represent line breaks between body-parts. | unknown | hno - squid does not generate or touch mulipart entries. Rbc - we may need to with TE content. Ermm, | |
50 | MUST | 3.7.2 | have the epilogue of multipart messages empty | unknown | hno - squid does not generate or touch mulipart entries. Rbc - we may need to with TE content. Ermm, | |
51 | MUST NOT | 3.7.2 | transmit the epligoue of multipart messages (even if given one) | unknown | hno - squid does not generate or touch mulipart entries. Rbc - we may need to with TE content. Ermm, | |
52 | SHOULD | 3.7.2 | follow the same behaviour as a MIME agent when receiving a multipart message-body. | unknown | ||
53 | MUST | 3.7.2 | treat unrecognized multipart subtypes as "multipart/mixed" | unknown | nb see rfc 1867 for multipart/form-data definition | |
54 | SHOULD | 3.8 | use short to the point product-tokens | unknown | ||
55 | MUST NOT | 3.8 | use product tokens for advertising or non-essential info | unknown | ||
56 | MAY | 3.8 | use any token character in a product-version | unknown | ||
57 | SHOULD | 3.8 | only use product-version tokens for a specific version | unknown | ||
58 | SHOULD | 3.8 | only change the product-version portion of a product value when changing version numbers | unknown | ||
59 | MUST NOT | 3.9 | generate more than 3 digits after the decimal point in quality values | unknown | ||
60 | SHOULD | 3.9 | limit user configuration to 3 digits on quality values | unknown | ||
61 | MUST | 3.10 | use rfc 1766 language tags in the accept-language and content-language fields | unknown | ||
62 | MAY | 3.11 | provide the same "strong" entity tag for two resources only if they are equivalent by octet equality | unknown | ||
63 | MAY | 3.11 | provide the same "weak" entity tag for two resources only if they are equivalent and can be substituted with no significant semantic changes | unknown | ||
64 | MUST | 3.11 | when giving entity tags provide unique entity tags for all versions of entities associated wth a particular resource | unknown | ||
65 | MAY | 3.11 | provide the same entity tag value for different resource URIs - note that this does no imply entity equivalnce across resources | unknown | ||
66 | MAY | 3.12 | ignore unrecognized ranges specified with units other than "bytes" | unknown | ||
67 | SHOULD | 4.1 | ignore empty lines where the Request-Line is expected | unknown | ||
68 | MUST NOT | 4.1 | preface or follow a request with an extra CRLF | unknown | ||
69 | MAY | 4.2 | precede header field values with LWS - although a single SP is preferred | unknown | ||
70 | MUST | 4.2 | precede extra lines in header fields with a single SP or HT | unknown | ||
71 | MAY | 4.2 | replace LWS in field values with a single SP | unknown | ||
72 | MAY | 4.2 | remove leading or trailing LWS on header fields | unknown | ||
73 | recommendation | 4.2 | send general-headers, then request/response headers, and then entity-headers | unknown | ||
74 | MUST | 4.2 | when generating multiple message header fields with the same field-name, be possible for the client or downstream to combine by appending ", field-value" in the order received to generate one long header-field | unknown | ||
75 | MUST NOT | 4.2 | alter the order on multiple message headers with the same field-name | unknown | ||
76 | MUST | 4.3 | use Transfer-Encoding to indicate any transfer encodings used when transmitting messages. | unknown | ||
77 | MAY | 4.3 | add or remove Transfer-Encoding along the request chain (ie receive a message as a plain entity-body and transfer-encode via gzip for transmission downstream | unknown | ||
78 | MUST NOT | 4.3 | include a message-body in a request if the request-method does not allow it | unknown | ||
79 | SHOULD | 4.3 | read and forward message-bodies on any request | unknown | ||
80 | SHOULD | 4.3 | ignore message-bodies when semantics for the requests method do not define a message-body | unknown | ||
81 | MUST NOT | 4.3 | include a message-body in a response to a HEAD request | unknown | ||
82 | MUST NOT | 4.3 | include a message body in 1xx, 204 and 304 reponses | unknown | ||
83 | MUST | 4.3 | include a message body in all other responses, although it MAY be zero length | unknown | ||
84 | MUST | 4.4 | assume message termination by the first empty line after the header fields in responses that "MUST NOT" have message bodies (ie 1xx, 204, 304 and HEAD requests) | unknown | ||
85 | MUST NOT | 4.4 | send a Content-Length header if the entity-length and the transfer-length are not equal | unknown | ||
86 | MUST | 4.4 | ignore the Content-Length header if a Transfer-Encoding header is received | unknown | ||
87 | MUST NOT | 4.4 | send media type multipart/byteranges unless we know the recipient can parse it. | unknown | the presence of a Range header with multiple byte-range specifiers from a 1.1 client implies that the client can parse these reponses | |
88 | MUST | 4.4 | delimit the reponse message by one of 1) the first empty line if no message body defined(see 4.3), 3) Content-Length header or 5) close the connection when sending a response of type multipart/byteranges to a 1.0 Proxy which forwarded the request from a client that does understand | unknown | ||
89 | MUST | 4.4 | include a Content-Length header in requests containing a message body unless the server is known to be 1.1 compliant. | unknown | ||
90 | SHOULD | 4.4 | return 400 bad request if it cannot determine the length of a request message or 411 if we wish to enforce receiving a valid content-length | unknown | ||
91 | MUST NOT | 4.4 | include both Content-Length and a non-identity transfer coding. | unknown | ||
92 | MUST | 4.4 | ignore the Content-Length header if a non-identity Transfer-Encoding is received. (perhaps covering for TE instead of Transfer-Encoding??) | unknown | ||
93 | MUST | 4.4 | IF we are acting like a user agent - ie 'client' - notify the user when an invalid length is received and detected - ie Content-Length does not match the number of octects in the message-body. | unknown | ||
94 | MUST | 4.4 | when sending a reponse where a message body is allowed and we include Content-Length, it's value must match the number of OCTECTS in the message-body | unknown | ||
95 | MUST | 4.5 | treat unrecognized header fields as enitity header fields | unknown | ||
96 | SHOULD | 5.1.1 | return 405 if a request method is recognized but not allowed | unknown | ||
97 | SHOULD | 5.1.1 | return 501 if a request method is not implemented | unknown | ||
98 | MUST | 5.1.1 | support GET and HEAD for squid generated pages | unknown | ||
99 | MUST | 5.1.1 | implementh other methods beyond GET and HEAD in accordance with rfc 2616 | unknown | ||
100 | MUST | 5.1.1 | recognize all squid server names, including any aliases, local variations, and the numeric IP address | unknown | ||
101 | MUST | 5.1.1 | accept absolute URI's for all requests. | unknown | ||
102 | MAY | 5.1.1 | forward requests to other proxies or to the origin server. | should do now | ||
103 | MUST | 5.1.2 | decode URI's with % HEX HEX format before interpreting the request. | unknown | ||
104 | SHOULD | 5.1.2 | return appropriate status codes to invalid Request-URIs | unknown | ||
105 | MUST NOT | 5.1.2 | in transparent mode; rewrite the abs_path in thr Request-URI (ither than replacing a null abs_path with "/") | unknown | ||
106 | MUST | 5.2 | for absolute Request-URI's ignore any host header field in the request | unknown | ||
107 | MUST | 5.2 | for non-absolute Request-URI's with a host header use the host head field value | unknown | ||
108 | MUST | 5.2 | for non-absolute Request-URI's with no host header return 400 | unknown | ||
109 | MUST NOT | 5.2 | generate responses with CR or LF except at the end of the status line | unknown | ||
110 | MUST | 6.1 | understand the class of status codes (the 1st digit) and treat unrecognized responses as x00. | unknown | ||
111 | MUST NOT | 6.1 | cache responses with unrecognized status codes | unknown | ||
112 | MAY | 7 | transmit an entity if not otherwise restricted by the request method or response code | unknown | ||
113 | MUST | 7.1 | in transparent mode: forward unrecognized header fields | unknown | ||
114 | SHOULD | 7.2.1 | include a Content-Type header for generated HTTP/1.1 messages w/entity bodies | unknown | ||
115 | SHOULD | 7.2.1 | treat unknown media-types as application/octet-stream | unknown | ||
116 | SHOULD | 8.1.1 | implement HTTP/1.1 persistent connections | unknown | ||
117 | SHOULD | 8.1.2 | assume http/1.1 servers will maintain persistent connections even after error responses from the server | unknown | ||
118 | MUST NOT | 8.1.2 | send more requests on a connection afer a close is signaled | unknown | ||
119 | MAY | 8.1.2.1 | Assume a HTTP/1.1 client intends to maintain a persistent connection unless a Connection header with token close was received in the request | unknown | ||
120 | SHOULD | 8.1.2.1 | Send a Connection header with token close if we want to close the client side connection immediately after sending the response | unknown | ||
121 | MAY | 8.1.2.1 | expect a connection to remain open - but decide based on the server response (does it have a connection header with token close)? | unknown | ||
122 | SHOULD | 8.1.2.1 | send a Connection header with token close if we want to only send one request and then close the server side connection | unknown | ||
123 | SHOULD NOT | 8.1.2.1 | assume a persistent connection is maintained for pre-HTTP/1.1 versions unless it is explicitly signlaed. | unknown | ||
124 | MUST | 8.1.2.1 | always create messages with self-defined message lengths | unknown | ||
125 | MAY | 8.1.2.2 | pipeline requests to upstream servers | unknown | ||
126 | MUST | 8.1.2.2 | send reponses to pipelined requests in the order that the requests were received | unknown | ||
127 | SHOULD | 8.1.2.2 | if we assume persistent connections to servers, and pipeline immediately after connection, be prepared to retry the connection if the first pipelined attempt fails | unknown | ||
128 | MUST NOT | 8.1.2.2 | when retrying a failed (if we assume persistent connections to servers, and pipeline immediately after connection, be prepared to retry the connection if the first pipelined attempt fails) pipeline before we know the connection is persistent | unknown | ||
129 | MUST | 8.1.2.2 | be prepared to resend requests if a server closes the connection before sending all the pipelined requests | unknown | ||
130 | SHOULD NOT | 8.1.2.2 | pipeline non idempotent methods or non-idempotent sequences of methods. | unknown | ||
131 | SHOULD | 8.1.2.2 | wait to send non-idempotent requests after receiving the reponse status for the previous request | unknown | note: this may be a non-issue for us. | |
132 | recommendation | 8.1.3 | implement the Connection header field properly | unknown | ||
133 | MUST | 8.1.3 | signal persistent connections separately with clients and upstream servers | unknown | ||
134 | MUST NOT | 8.1.3 | establish a HTTP/1.1 persistent connection with a HTTP/1.0 client | unknown | ||
135 | SHOULD | 8.1.4 | issue a graceful close on the transport connection when timing out persistent connections | unknown | ||
136 | SHOULD | 8.1.4 | watch persistent connections for close signals and respond to it as appropriate | unknown | ||
137 | MAY | 8.1.4 | close any connection at any time. | unknown | ||
138 | MUST | 8.1.4 | be able to recover from asynchronous close events. | unknown | ||
139 | SHOULD | 8.1.4 | after an asynchronous close event reopen the transport connection and retransmit the aborted sequence automatically as long as the request is idempotent | unknown | ||
140 | MUST NOT | 8.1.4 | after an asynchronous close event reopen the transport connection and retransmit the aborted sequence automatically if the request is non-idempotent | unknown | ||
141 | SHOULD | 8.1.4 | always respond to at least one request per connection if possible | unknown | ||
142 | SHOULD NOT | 8.1.4 | close a connection in the middle of transmitting a response, unless network or client failure is suspected | unknown | ||
143 | SHOULD | 8.1.4 | for the client program - limit the number of silmutaneous connections maintained to a given server. | unknown | ||
144 | SHOULD NOT | 8.1.4 | for the client program - maintain more than 2 connections with any given server or proxy | unknown | ||
145 | SHOULD | 8.1.4 | for the proxy - use up to 2*N with another server or proxy, when N is the number of simultaneous connected active users | unknown | ||
146 | SHOULD | 8.2.1 | maintain persistent connections and use TCP flow control to resolve link congestion rather than terminating connections abruptly | unknown | ||
147 | SHOULD | 8.2.2 | when sending message-bodies monitor the net connection for error's. | unknown | ||
148 | SHOULD | 8.2.2 | when sending message-bodies and a net error is detected immediately cease transmitting the body. | unknown | ||
149 | MAY | 8.2.2 | when sending message-bodies using "chunked" encoding and a net error is detected immediately cease transmitting the body & mark the termination with a zero length chunk and an empty trailer | unknown | ||
150 | MUST | 8.2.2 | when sending message-bodies preceded by a content-length header and a net error is detected immediately cease transmitting the body and close the connection | unknown | ||
151 | MUST | 8.2.3 | for the client program - if waiting for 100 before sending the request body send an Expect request-header with the "100-continue" expectation | unknown | ||
152 | MUST NOT | 8.2.3 | for the client program - send an Expect request-header with the "100-continue" expectation if we do not intend to send a request body | unknown | ||
153 | SHOULD NOT | 8.2.3 | for the client program - if waiting for 100 before sending the request body, do not wait for an indefinate period before sending the request body | unknown | ||
154 | MUST | 8.2.3 | for the squid 'server' - when we receive a request with an Expect request-header with the 100-continue expectation, respond with status 100 and continue reading from the input stream, or response with a final status code | unknown | ||
155 | MUST NOT | 8.2.3 | for the squid 'server' - when we receive a request with an Expect request-header with the 100-continue expectation, wait for the request body before sending the 100 response. | unknown | ||
156 | MAY | 8.2.3 | for the squid 'server' - when we receive a request with an Expect request-header with the 100-continue expectation and send a final status code, close the transport connection | unknown | ||
157 | MAY | 8.2.3 | for the squid 'server' - when we receive a request with an Expect request-header with the 100-continue expectation and send a final status code, finish reading the request (and discard it) | unknown | ||
158 | MUST NOT | 8.2.3 | for the squid 'server' - when we receive a request with an Expect request-header with the 100-continue expectation and send a final status code, finish reading the request and perform the requested method | unknown | ||
159 | SHOULD NOT | 8.2.3 | for the squid 'server' - send a 100 continue status if the request header does not include an Expect request header with the 100-continue expectation | unknown | ||
160 | MUST NOT | 8.2.3 | for the squid 'server' - send a 100 continue status if the request comer from a pre HTTP/1.1 client. | unknown | ||
161 | MAY | 8.2.3 | for the squid 'server' - send a 100 continue status in response to a (only) HTTP/1.1 PUT or POST request that does not include an expect header with the 100-continue expectation | unknown | ||
162 | MAY | 8.2.3 | for the squid 'server' - omit a 100 continure status if some or all of the request body has already been received | unknown | ||
163 | MUST | 8.2.3 | for the squid 'server' - send a final status code after one or more 100 codes, unless the transport connection is terminated prematurely | unknown | ||
164 | SHOULD NOT | 8.2.3 | for the squid 'server' - close the transport connection we are receiving a request body on until the entire request is read or the client closes the connection even if we have already sent a final status code | unknown | ||
165 | MUST | 8.2.3 | when receiving a request with an Expect header with the 100-continue expectation and the next-hop server is HTTP/1.1 or higher, or version unknown, forward the request including the Expect header field | unknown | ||
166 | MUST NOT | 8.2.3 | when receiving a request with an Expect header with the 100-continue expectation and the next-hop server is HTTP/1.0 or lower, forward the request | unknown | ||
167 | MUST | 8.2.3 | when receiving a request with an Expect header with the 100-continue expectation and the next-hop server is HTTP/1.0 or lower respond with 417 status | unknown | ||
168 | SHOULD | 8.2.3 | cache the http version of recently access next hop servers | unknown | ||
169 | MUST NOT | 8.2.3 | forward a 100 reponse if the request was received from a HTTP/1.0 or earlier client and did not include an expect header field with the 100 continue expectation | unknown | ||
170 | SHOULD | 8.2.4 | retry requests sent when the connection closes before receiving any status from the server AND there was a request body AND the request did not have an Expect field with expectation 100-continue AND we are not "directly connected to an HTTP/1.1 origin server" | unknown | I don't know what the the "directly.. Really means" | |
171 | MAY | 8.2.4 | Time "retry requests sent when the connection closes before receiving any status from the server AND there was a request body AND the request did not have an Expect field with expectation 100-continue AND we are not "directly connected to an HTTP/1.1 origin server" " witha binary exponential backoff algorithm | unknown | ||
172 | SHOULD NOT | 8.2.4 | continue retring requests as per rfc 8.2.4 when an error status is received | unknown | ||
173 | SHOULD | 8.2.4 | close the connection if the request has not completed sending when we are (retrying requests as per rfc 8.2.4 when an error status is received) | unknown | ||
174 | MUST | 9 | send the Host request-header field with ALL HTTP/1.1 requests | unknown | ||
175 | SHOULD NOT | 9.1.1 | use GET and HEAD methods for anything other than retrieval (no side effects by squid) | unknown | ||
176 | SHOULD NOT | 9.1.2 | have side effects caused when receiving requests to squid with OPTIONS or TRACE as the method | unknown | ||
177 | MUST NOT | 9.2 | cache the results from an OPTIONS request | unknown | ||
178 | MUST | 9.2 | for the client program - include a content type field when sending an OPTIONS request with an entity body | unknown | ||
179 | MAY | 9.2 | for the squid 'server' - discard the request body from OPTIONS requests | unknown | ||
180 | SHOULD | 9.2 | 200 responses to the method OPTIONS should include any header fields that indicate optional features implemented by the server and applicable to that resource (eg Allow) | unknown | ||
181 | SHOULD | 9.2 | 200 responses to the method OPTIONS with a message body should include information about the communications options | unknown | ||
182 | MAY | 9.2 | use content-negotiation to select the format for information about the message body in 200 responses to the method OPTIONS | unknown | ||
183 | MUST | 9.2 | include a Content-length header value of 0 or a reponse body in 200 responses to the method OPTIONS | unknown | ||
184 | MAY | 9.2 | for the client program - use the Max-Forwards request-header to target a specific proxy in the request chain. | unknown | ||
185 | MUST | 9.2 | check for a Max-Forwards field when squid recieves an OPTIONS request on an absoluteURI for which request forwarding is permitted | unknown | ||
186 | MUST NOT | 9.2 | forward a request with a Max-Forwards field when squid recieves an OPTIONS request on an absoluteURI for which request forwarding is permitted and the value of Max-Forwards is 0. | unknown | ||
187 | SHOULD | 9.2 | response with Squids communications options to an OPTIONS request with a Max-Forwards field on an absoluteURI for which request forwarding is permitted and the value of Max-Forwards is 0. | unknown | ||
188 | MUST | 9.2 | decrement the Max-Forwards field-value when forwarding an OPTIONS request with a Max-Forwards field on an absoluteURI for which request forwarding is permitted and the value of Max-Forwards is a non zero integer. | unknown | ||
189 | MUST NOT | 9.2 | add a Max-Forwards header to an OPTIONS request if non is present when squid recieves it | unknown | ||
190 | MUST NOT | 9.3 | cache a GET response if it does not meet the HTTP caching requirements from rfc 2616 section 13 | unknown | ||
191 | MUST NOT | 9.4 | for the squid 'server' - generate a message-body in HEAD responses | unknown | ||
192 | SHOULD | 9.4 | for the squid 'server' - generate identical http headers for a HEAD request to the equivalent GET request. | unknown | ||
193 | MAY | 9.4 | update previously cached entities with the headers from a HEAD requests' response | unknown | ||
194 | MUST | 9.4 | mark as stale cached entities where a HEAD requests' response indicate a change in the entity (as indicated by a change in Content-Length, Content-MD5, Etag or Last-Modified) | unknown | ||
195 | MUST | 9.5 | follow the section 8.2 message transmission requirements for POST requests | unknown | ||
196 | MUST NOT | 9.5 | cache POST responses unless they include appropriate cache-control or Expires headers | unknown | ||
197 | SHOULD | 9.6 | for the squid 'server' - handling PUT requests - I skipped these as the cachmgr interface has not file storage capability | unknown | ||
198 | SHOULD | 9.6 | treat any cached entities that match the Request URI of a PUT request as stale | unknown | ||
199 | MUST | 9.6 | follow the section 8.2 message transmission requirements for PUT requests | unknown | ||
200 | MUST NOT | 9.6 | cache responses to PUT Method requests | unknown | ||
201 | SHOULD | 9.7 | for the squid 'server' - handling DELETE requests - I skipped these as the cachmgr interface has not file storage capability | unknown | maybe we could use DELETE squid-server/http///originaluri to allow removal of cached entities via the web? | |
202 | SHOULD | 9.7 | treat any cached entities that match the Request URI of a DELETE request as stale | unknown | ||
203 | MUST NOT | 9.7 | cache responses to DELETE Method requests | unknown | ||
204 | MUST NOT | 9.8 | for the squid client - create TRACE requests with an entity | unknown | ||
205 | SHOULD | 9.8 | reflect back to the client the TRACE message received (when the Max-forwards value is 0) as the entity-body of a 200 response. The entity body is to have content type message/http | unknown | ||
206 | MUST NOT | 9.8 | cache responses to TRACE Method requests | unknown | ||
207 | MUST NOT | 10.1 | for the squid 'server' - send 1xx response codes to < HTTP/1.1 clients | unknown | ||
208 | MUST | 10.1 | for the client - be prepared to accept one or more 1xx status responses prior to a regular response, even if the client does not expect a 100 status message | unknown | ||
209 | MUST | 10.1 | forward 1xx responses unless the connection squid-client has been closed, or squid requested the generation of the 1xx response. (I.e, squid added expect: 100-continue then squid does not need to forward the 100 response | unknown | ||
210 | SHOULD | 10.1.1 | for the client when getting a 100-continue reponses should continue with the request or ignore if the request has been completed. | unknown | ||
211 | MUST | 10.1.1 | for the squid 'server' - send a final reponse after handling the request | unknown | ||
212 | SHOULD | 10.1.2 | only upgrade protocols when it is advantageous to do so. | unknown | ||
213 | MUST | 10.2.2 | for the squid 'server' - handling PUT requests - I skipped these as the cachmgr interface has not file storage capability | unknown | ||
214 | MUST | 10.2.5 | teminate 204 responses by the first empty line after the header field | unknown | ||
215 | MUST NOT | 10.2.6 | include entities in 205 responses | unknown | ||
216 | MUST NOT | 10.2.7 | combine 206 responses with older content for the same entity unless the Etag or Last-Modified headers match exacly | unknown | ||
217 | MUST NOT | 10.2.7 | cache 206 reponses unless we support Range and Content-Range headers | unknown | ||
218 | MUST | 10.2.7 | include the following headers in 206 reponses downstream - Content-Range or a multipart/byteranges content-type with content-range for each part.; Date ; Etag and/or Content-Location; Expires/cache0control and/or vary if the field value might differ from that send in any previous request for the same variant | unknown | ||
219 | MUST | 10.2.7 | 206 responses to requests with if-range & strong validator - should not have other entity headers; if-range and weak validator - MUST NOT have other entity headers; other wise include all entity headers a 200 response would have given to the same request | unknown | ||
220 | SHOULD | 10.3.2 | cache 301 responses unless otherwise indicated | unknown | ||
221 | MUST NOT | 10.3.2 | cache 301 responses to requests other than GET or HEAD | unknown | ||
222 | MUST NOT | 10.3.3 | cache 302 responses unless indicated by a Cache-Control or Expires header | unknown | ||
223 | MUST NOT | 10.3.3 | cache 302 responses to requests other than GET or HEAD | unknown | ||
224 | MUST NOT | 10.3.4 | cache 303 responses | unknown | ||
225 | MUST | 10.3.5 | for the squid 'server' - in 304 responses include the Date (unless rfc 2616 ection 14.18.1 requires its omission); Etag and/or Content-Location (if a 200 response to same would have those fields); Expires, Cache-Control and/or Vary if the field value might differ from that sent in any previous request | unknown | ||
226 | MUST | 10.3.5 | when a 304 response indicates a not-currently-cached entity, disregard the response and repeat the request with no conditions | unknown | ||
227 | MUST | 10.3.5 | when a 304 response is received for a currently cached entity, update the entry with new field values given in the response | unknown | ||
228 | MUST | 10.3.6 | when a 305 response is received, repeat that _single_ request via the proxy in 'Location' | unknown | note: is this mean for squid to do , or only for the client? What about clients behind firewalls that can only use squid? | |
229 | MUST NOT | 10.3.6 | generate 305 responses except from the squid 'server' | unknown | ||
230 | MUST NOT | 10.3.7 | use the 306 status code | unknown | ||
231 | SHOULD NOT | 10.4.1 | retry requests where 400 was returned unless the client retries | unknown | ||
232 | SHOULD NOT | 10.4.4 | retry requests where 403 was returned | unknown | ||
233 | MUST | 10.4.6 | include an Allow header listing valid methods for requests where squid creates a 405 method to the client | unknown | ||
234 | MUST | 10.4.8 | return a Proxy-Authenticate header containing a challenge applicable to squid for the requested resource. | unknown | ||
235 | MAY | 10.4.9 | retry 408 requests | unknown | ||
236 | SHOULD NOT | 10.4.10 | retry 409 responses automatically | unknown | ||
237 | SHOULD | 10.4.11 | cache 410 responses | unknown | we should purge cached entity bodies that receive 410 responses. | |
238 | MAY | 10.4.12 | automatically retry a request with a Content-Length header in response to a 411 error | unknown | ||
239 | MAY | 10.4.12 | return a 411 error to the client if we want to be able to filter easily on put and post requests and the client did not use a Content-Length header | unknown | ||
240 | MAY | 10.4.14 | return a 413 error when the request entity is too large. | unknown | ||
241 | SHOULD | 10.4.14 | When returning a 413 error when the request entity is too large and it is a time based (or temporary) restriction, include a Retry-After header indicating when it should be ok | unknown | ||
242 | SHOULD | 10.4.18 | return 417 when we have unambigous evidence that the expectation given in a request can not be met by the next hop server | unknown | ||
243 | SHOULD | 10.5 | include an entity body when we create 5xx error reponses explaining the issue (other than to HEAD requests) | unknown | ||
244 | SHOULD | 10.5.2 | return a 501 if we don't implement a given method and can't just proxy it an hope | unknown | ||
245 | SHOULD | 10.5.3 | return a 502 if we get an invalid upstream response | unknown | ||
246 | SHOULD | 10.5.4 | return a 503 if we are overloaded, or unable to serve requests due to maintenance. | unknown | ||
247 | MAY | 10.5.4 | return a Retry-After when returning a 503 if we are overloaded, or unable to serve requests due to maintenance. (the header would indicate when the maintenance should finish | unknown | ||
248 | SHOULD | 10.5.5 | return a 504 on an upstream timeout, or timeout on an auxilary server - ie DNS/authentication helper | unknown | nb we may be returning 400 or 500 presently | |
249 | MUST | 10.5.6 | return a 505 if we don't support, (or have #defed it out) the HTTP major version in the request message | unknown | ||
250 | OPTIONAL | 11 | implement basic and or digest authentication | unknown | ||
251 | MAY | 12 | use content-negotiation on any entity body request/response - ie in selecting what language the error should be in | unknown | ||
252 | MAY | 12.1 | for the squid client - include request header fields (Accept, Accept-Language, Accept-Encoding etc) in requests | unknown | ||
253 | MAY | 12.3 | develop transparent negotiation capabilities within HTTP/1.1 | unknown | ||
254 | recommendation | 13 | Note: The server, cache, or client implementor might be faced with design decisions not explicitly discussed in this specification. If a decision might affect semantic transparency, the implementor ought to err on the side of maintaining transparency unless a careful and complete analysis shows significant benefits in breaking transparency. | unknown | ||
255 | MUST | 13.1.1 | respond to a request with the most up-to-date response held by squid which is appropriate to the request (see 13.2.5,13.2.6,13.12) and meets one of : 1) it has been revalidated with the origin, 2) it is "fresh enough (see 13.12) & 14.9 or 3) it is an appropriate 304/305/ 4xx/5xx response | unknown | ||
256 | MAY | 13.1.1 | If a stored response is not "fresh enough" by the most restrictive freshness requirement of both the client and the origin server, in carefully considered circumstances the cache MAY still return the response with the appropriate Warning header (see section 13.1.5 and 14.46), unless such a response is prohibited (e.g., by a "no-store" cache-directive, or by a "no-cache" cache-request-directive; see section 14.9). | unknown | ||
257 | SHOULD | 13.1.1 | forward received responses even if the response itself is stale without adding a new Warning header | unknown | ||
258 | SHOULD NOT | 13.1.1 | attempt to revalidate responses that become stale in transit to squid | unknown | ||
259 | SHOULD | 13.1.1 | responsd as per the 13.1.1 respond rules even if the origin server cannot be contacted. | unknown | ||
260 | MUST | 13.1.1 | return an error or warning to the client if the origin server can't be contacted, and no response can be served under the 13.1.1 rules | unknown | ||
261 | MUST | 13.1.2 | attach a warning noting when returning a response that is neither first-hand nor "fresh enough" using the Warning header | unknown | ||
262 | MUST | 13.1.2 | delete 1xx warnings from cached responses after succesful revalidation | unknown | ||
263 | MAY | 13.1.2 | generate 1xx warnings when validating a caced entry | unknown | ||
264 | MUST NOT | 13.1.2 | delete 2xx warning from cached responses after succesful revalidation | unknown | ||
265 | MAY | 13.1.2 | choose the warning text description language (perhaps based on Accept headers) | unknown | ||
266 | MAY | 13.1.2 | allow/create responses with multiple warnings, including multiple warnings with the same code | unknown | ||
267 | recommendation | 13.1.3 | use the most restrictive interpretation of caching issue /spec conflicts | unknown | ||
268 | MAY | 13.1.5 | have squid configurable to return stale responses even when not requested by clients | unknown | ||
269 | MUST | 13.1.5 | mark stale responses with a Warning header | unknown | ||
270 | SHOULD NOT | 13.1.5 | return a stale response if the client explicitly requests a first-hand or fresh one, unless technical or policy reasons require returning a stale response | unknown | ie: offline mode, refresh to IMS are allowed but MUST require deliberate configuration by the admin | |
271 | SHOULD | 13.2.3 | be running on a host that uses NTP or equivalent for clock synchronization | na | ||
272 | MUST | 13.2.3 | calculate corrected_received_age as max(now-date_value, age_value) | unknown | ||
273 | MUST | 13.2.3 | interprest Age header values (age_value) relative to the time the request was initiated, not the response time. | unknown | ||
274 | MUST | 13.2.3 | calculate corrected_initial_age as corrected_received_age +(now - request_time) ; request_time = time the request was sent upstream | unknown | ||
275 | MUST | 13.2.3 | when sending responses from cached entries include a single Age header with a value equal to current_age (as per 13.2.3 algorithm) | unknown | ||
276 | MAY | 13.2.4 | compute freshness lifetime using a heuristic IFF the response has no caching restrictions AND no Expires, Cache-Control: Max-age, Cache-Control: s-maxage exist in the response | unknown | ||
277 | MUST | 13.2.4 | attach a Warning 113 to any response when the age_value is more than 24 hours if there is no 113 warning already | unknown | ||
278 | SHOULD | 13.2.4 | use heuristics that use a fraction of the last-modified time (if it exists) - suggested setting of 10% since last-modified | unknown | ||
279 | MUST | 13.2.5 | when two responses exist for a given representation with different validators, use the one with the more recent Date header. | unknown | ie don't naively assume an incoming response is newer than the entity it is a refresh for | |
280 | SHOULD | 13.2.6 | When a revalidation occurs and the responses date header is older than the existing entry, repeat the request unconditionally, with the header Cache-Control: max-age=0 or Cache-Control: no-cache | unknown | note this is specced as a client requirement - but we have to implement client code as well. Does squid need to do this or let the client do it?? | |
281 | MUST NOT | 13.3.3 | use a weak validator in anything other than simple (non-subrange) GET requests | unknown | ||
282 | MUST | 13.3.3 | consider two validators strongly equal IFF both validators are identical, and both are NOT weak | unknown | ||
283 | MUST | 13.3.3 | consider two validators weakly equal IFF both validators are identical, and one or both are NOT strong | unknown | ||
284 | MUST | 13.3.3 | consider Last-Modified to be a weak validator unless we are comparing it with a cached last-modified date, and the cache entry includes a Date value, and the last-modified is at least 60 seconds before the data value | unknown | ||
285 | MUST | 13.3.3 | when receiving conditional requests the use strong comparison (no weak compares allowed) | unknown | ||
286 | MUST NOT | 13.3.4 | return 304 to a conditional request that includes both a last-modified (eg in a IMS or IUS header) and one or more entity tags (eg If-match / IF-None-Match/If-Range) unless the 304 is consistent with all the conditionals present in the request | unknown | ||
287 | MUST NOT | 13.3.4 | return a locally cached response to a conditional request that includes both Last-Modified and one or more entity tags as validators unless the cached response is consistent with all present conditionals in the request | unknown | ||
288 | MUST NOT | 13.3.5 | use other headers than entity tags and Last-Modified for validation | unknown | ||
289 | MAY | 13.4 | always cache a successful response (unless constrained by 14.9) | unknown | ||
290 | MAY | 13.4 | return cached responses without validation while fresh (unless constrained by 14.9) | unknown | ||
291 | MAY | 13.4 | return cached responses after succesful validation (unless constrained by 14.9) | unknown | ||
292 | MAY | 13.4 | cache responses with no validator or expiration time, but shouldn't do so in normal conditions | unknown | ||
293 | MAY | 13.4 | cache and use as replies, responses with status codes 200, 203, 206, 300, 301 or 410 (subject to expiration & cache-control mechanisms) | unknown | ||
294 | MUST NOT | 13.4 | return responses to status codes other than (200, 203, 206, 300, 301 or 410) in a reply to subesquent requests unless there are cache-control directives that explicitly allow it (eg Expires/ a max-age , s-maxage, must-revalidate, proxy-revalidate, puvlic or private cache-control header | unknown | ||
295 | MUST | 13.5.1 | store end to end headers (headers other than Connection; Keep-Alive ; Proxy-Authenticate ; Proxy-Authorization ; TE ; Trailers ; Transfer-Encoding ; Upgrade) with the cached response | unknown | ||
296 | MUST | 13.5.1 | transmit cached end to end headers in any response fromed from that cache entry | unknown | ||
297 | MUST | 13.5.1 | list newly defined hop to hop headers under the connection header | unknown | ||
298 | SHOULD NOT | 13.5.2 | modify end to end headers unless the definition of that header specifically allows or requires its modification | unknown | ||
299 | MUST NOT | 13.5.2 | as a transparent proxy; modify (Content-Location; Content-MD5;- Etag; Last-Modified; Expires) headers in a request or response | unknown | ||
300 | MAY | 13.5.2 | as a transparent proxy; add an Expires header if not already present in a reponse, and MUST give it the same value as the Date header of that response | unknown | ||
301 | MUST NOT | 13.5.2 | as a transparent proxy; add (Content-Location; Content-MD5;- Etag; Last-Modified) headers in a request or response | unknown | ||
302 | MAY | 13.5.2 | as a non-transparent proxy; modify or add (Content-Location; Content-MD5;- Etag; Last-Modified; Expires) headers in a request or response that does not include "no-transform" | unknown | ||
303 | MUST | 13.5.2 | add a warning 214 (if not already present) if we choose to as a non-transparent proxy; modify or add (Content-Location; Content-MD5;- Etag; Last-Modified; Expires) headers in a request or response that does not include "no-transform" | unknown | ||
304 | MUST | 13.5.2 | as a transaprent proxy; preserve the entity-length of the entity body in a response/request | unknown | ||
305 | MAY | 13.5.2 | as a transaprent proxy; change the preserve the transfer-length in a response/request | unknown | ||
306 | MAY | 13.5.3 | combine 206 responses with cached content for the same entity as long as the Etag or Last-Modified headers match exactly | unknown | ||
307 | MUST | 13.5.3 | update any end-end headers in cache entries with those from a 304 or 206 response or remove the cache entry | unknown | ||
308 | MUST | 13.5.3 | when combining 206 responses with cached content, remove Warning 1xx headers, retain warning 2xx headers, and use the 206 responses end to end headers in preference to the cached headers | unknown | ||
309 | MAY | 13.5.4 | combine byte ranges if both the incoming response and the cache entry have validotrs, and the validators match using the strong comparison | unknown | ||
310 | MUST | 13.5.4 | if a subrange response is received, and with either the incoming response or the cache entry has no validator, or the validators do no compare strongly, only use the most recent (check Date header else the incoming response) partial response and discard the previous partial information | unknown | ||
311 | MUST NOT | 13.5.6 | use a cache entry to construct a response to a request when the response had a Vary header, unless all the listed (by the vary field) request headers match the corresponding cached request headers (match by transforming by insertion of LWS as allowed by the BNF's and or combining message-header fields with the same name as per 4.2 | unknown | ||
312 | MUST NOT | 13.5.6 | use a cache entry to construct a response to a request when the response had a Vary header of * without validation by the origin server | unknown | ||
313 | SHOULD | 13.5.6 | if an entity tag is assigned to a cached representation, the forwarded request should be conditional and include the entity tags in an If-None-Match header field from _all_ the cache entries for the resource | unknown | ||
314 | SHOULD NOT | 13.5.6 | include the entity-tag for a cache entry that only contains partial content in the If-None-Match header unless the request could be satisfied from the cache | unknown | ||
315 | SHOULD | 13.5.6 | delete cache entries when a successful response with a matching Content-Location field, a differing entity-tag and a more recent Date | unknown | ||
316 | SHOULD NOT | 13.5.6 | use cache entries when a successful response with a matching Content-Location field, a differing entity-tag and a more recent Date to satisfy requests | unknown | ||
317 | MAY | 13.8 | store incomplete responses | unknown | ||
318 | MUST | 13.8 | treat incomplete responses as partial responses | unknown | ||
319 | MUST NOT | 13.8 | return a partial response to a client without marking it as such (using 206 status code) | unknown | ||
320 | MUST NOT | 13.8 | return a partial response to a client with status 200 | unknown | ||
321 | MAY | 13.8 | forward 5xx responses received while revalidating entries to the client, or act as if the server failed to respond | unknown | ||
322 | MAY | 13.8 | when a server fails to respond, return a cached response unless the cached entry inludes the must-revalidate cache-control directive | unknown | ||
323 | MUST NOT | 13.9 | treat GET and HEAD requests with ? In the URI path as fresh UNLESS explicit exipration times are provided in the repsonse | unknown | ||
324 | SHOULD NOT | 13.9 | cache GET and HEAD responses from HTTP/1.0 servers with ? In the URI path | unknown | ||
325 | MUST | 13.10 | invalidate entities referred to by the Content-Location header;Location header or the Request-URI in PUT/DELETE and POST requests. This is only done for the same host hwn using the Content-Locaiton and Location headers | unknown | ||
326 | SHOULD | 13.10 | invalidate entities referred to by the Request-URI in non understood methods if we pass them upstream | unknown | ||
327 | MUST | 13.11 | pass upstream all methods that may cause alterations to the origin servers resources. (This means all Methods other than GET and HEAD) | unknown | ||
328 | MUST NOT | 13.11 | respond to a client on all methods that may cause alterations to the origin servers resources. (This means all Methods other than GET and HEAD) before the reponse from the server arrives. | unknown | ||
329 | MAY | 13.11 | respond to a client with a 100 on all methods that may cause alterations to the origin servers resources. (This means all Methods other than GET and HEAD) before the reponse from the server arrives. | unknown | ||
330 | SHOULD | 13.12 | when a new response to an existing cached resource arrives, use the new response to reply to the current request | unknown | ||
331 | MAY | 13.12 | when a new response to an existing cached resource arrives, update the cache with the new response | unknown | ||
332 | MAY | 13.12 | when a new response to an existing cached resource arrives, use it to respond to future requests as appropriate | unknown | ||
333 | MAY | 14.1 | include parameters for media types that support them | unknown | ||
334 | MAY | 14.1 | include accept-params for media types. (q=0 to q=1) (see 3.9) | unknown | ||
335 | SHOULD | 14.1 | for the squid 'server' send 406 if we cannot get an acceptable media type for the client request | unknown | ||
336 | MAY | 14.2 | have q values for charsets | unknown | ||
337 | SHOULD | 14.2 | for the squid 'server' send 406 if we cannot get an acceptable charset for the client request | unknown | ||
338 | MAY | 14.3 | have q values for content-coding | unknown | ||
339 | SHOULD | 14.3 | for the squid 'server' send 406 if we cannot get an acceptable content-coding for the client request. Note this is not transfer-coding so we do cannot do this on the fly for the cache | unknown | ||
340 | MAY | 14.3 | assume the client will accept any content coding when to Accept-Encoding header is presented | unknown | ||
341 | SHOULD | 14.3 | for the squid 'server' send identity content-coding when no Accept-Encoding header is presented | unknown | ||
342 | MAY | 14.4 | have q values for preferred language | unknown | ||
343 | SHOULD | 14.4 | assume all languages are ok when there is no header | unknown | ||
344 | MAY | 14.5 | for the squid 'server' send Accept-ranges: none to tell clients not to attempt range requests | unknown | ||
345 | MUST | 14.6 | when an age header we receive is larger than our largest integer, or if an Age calculation overflows, transmit age of 2147483648 (2^31). | unknown | ||
346 | SHOULD | 14.6 | use integers of at least 31 bits | unknown | ||
347 | MUST | 14.7 | present an Allow header in 405 responses | unknown | ||
348 | MUST NOT | 14.7 | modify the allow header | unknown | ||
349 | SHOULD | 14.8 | have a set of credentials valid for an entire realm (including all sub-resources) (ie for web-accel operation) | unknown | ||
350 | MUST NOT | 14.8 | return responses with Authorization headers to other requests unless a) cache-control: s-maxage is present or b) cache-control: must-revalidate is presented or c) cache-control: public is present | unknown | ||
351 | MUST | 14.8 | always revalidate responses with cache-control: s-maxage=0 | unknown | ||
352 | MUST | 14.9 | follow the cache-control header directives at all times | unknown | ||
353 | MUST | 14.9 | pass cache-control directives through to the next link in the message path (ie don't eat them) | unknown | ||
354 | MAY | 14.9.1 | cache responses with cache-control: public even of the header/method might not normally be cacheable | unknown | ||
355 | MUST NOT | 14.9.1 | cache responses with cache-control: private | unknown | ||
356 | MUST NOT | 14.9.1 | use responses with cache-control: no-cache to satisfy other requests without successful revalidation | unknown | ie auto GET to IMS is allowed | |
357 | MAY | 14.9.1 | use responses with cache-control: no-cache to satisfy other requests without successful revalidation if the no-cache directive includes field-names | unknown | ||
358 | MUST NOT | 14.9.1 | send the headers listed in responses with cache-control: no-cache (header…) to satisfy other requests without successful revalidation if the no-cache directive includes field-names | unknown | ||
359 | MAY | 14.9.2 | use no-store on requests or responses to prevent data storage | unknown | ||
360 | MUST NOT | 14.9.2 | store any part of a request or it's response if the cache-control: no-store directive was in the request | unknown | This directive applies to both non-shared and shared caches. "MUST NOT store" in this context means that the cache MUST NOT intentionally store the information in non-volatile storage, and MUST make a best-effort attempt to remove the information from volatile storage as promptly as possible after forwarding it. | |
361 | MUST NOT | 14.9.2 | store any part of a response or the request that elicited it if the cache-control: no-store directive was in the response | unknown | This directive applies to both non-shared and shared caches. "MUST NOT store" in this context means that the cache MUST NOT intentionally store the information in non-volatile storage, and MUST make a best-effort attempt to remove the information from volatile storage as promptly as possible after forwarding it. | |
362 | SHOULD | 14.9.3 | consider responses with an Expires value that is <= the response date and no cache-control header field to be non-cacheable | unknown | ||
363 | MUST | 14.9.3 | mark stale responses with Warning 110 | unknown | ||
364 | MAY | 14.9.3 | have squid configurable to return stale responses even when not requested by clients but responses served MUST NOT conlict with other MUST or MUST NOT requirements | unknown | ||
365 | MUST NOT | 14.9.4 | use a cached copy to respond to a request with cache-control: no-cache or Pragma: no-cache | unknown | ||
366 | SHOULD | 14.9.4 | response with a cached copy (if possible) or a 504 to a request with cache-control: only if cached. Note we can use a cache farm to get the cached copy | unknown | ||
367 | MUST NOT | 14.9.4 | use stale responses marked with cache-control: must-revalidate after it becomes stale without first revalidating it with the origin | unknown | ||
368 | MUST | 14.9.4 | obey the must-revalidate directive at all times | unknown | ||
369 | MUST | 14.9.4 | return 504 if a must-revalidate directive would need access to an unavailable origin server | unknown | ||
370 | MUST NOT | 14.9.5 | change any headers (or part of the request specified by those headers) from section 13.5.2 when a message with cache-control: no-transform is received | unknown | ||
371 | MUST | 14.9.6 | ignore unrecognized cache-control headers | unknown | ||
372 | MUST | 14.10 | parse the Connection header before a message is forwarded | unknown | ||
373 | MUST | 14.10 | remove headers from messages that match headers specified in the connection header | unknown | ||
374 | MUST NOT | 14.10 | list end to end headers in the connection header | unknown | ||
375 | MUST | 14.10 | for applications that do not support persistent connection (ie squid 'server' and client) include Connection: close in every message | unknown | ||
376 | MUST | 14.10 | on pre-http/1.1 messages with a connection header, for each connection-token, remove AND ignore and header fields with the same name as the token | unknown | ||
377 | MAY | 14.11 | as a NON-TRANSPARENT proxy modify content-coding to be more suitable to a client request | unknown | ||
378 | MUST | 14.11 | if the content encoding of an entity is not "identity" | unknown | ||
379 | MUST | 14.11 | list in applied order the content codings applied to an entity | unknown | ||
380 | MAY | 14.12 | list multiple languages in a Content-Language header if the reponse is intended for multiple audiences (perhaps a multi-lingual error page?) | unknown | ||
381 | SHOULD | 14.13 | use and send the Content-Length header unless prohibited by section 4.4 | unknown | ||
382 | MUST NOT | 14.15 | generate Content-MD5 headers | unknown | ||
383 | MAY | 14.15 | check Content-MD5 headers | unknown | ||
384 | MUST | 14.15 | remove transfer-encodings before checking the MD5 | unknown | ||
385 | MUST NOT | 14.15 | convert line breaks to CRLF before checking the MD5 | unknown | ||
386 | SHOULD | 14.16 | indicate the total length of the full entity body in Content-Range headers | unknown | ||
387 | MUST | 14.16 | only specify one range in byte-range-resp-spec | unknown | ||
388 | MUST | 14.16 | use absolute byte positions for byte-range-resp-spec values | unknown | ||
389 | MUST | 14.16 | ignore invalid byte-range-resp-spec and any content transferred with it | unknown | ||
390 | MUST NOT | 14.16 | have response code 206 with a byte-range-resp-spec of * | unknown | ||
391 | MUST | 14.18 | assign a Date header if we receive a message without one, | unknown | ||
392 | SHOULD | 14.18 | assign the best available approximation of the date and time of message generation when we assign Date headers | unknown | ||
393 | MAY | 14.19 | use Entitiy tags for comparison with other entities from the same resource | unknown | ||
394 | MUST | 14.21 | treat invalid Expires headers (NON RFC 1123 format) as being in the past | unknown | ||
395 | MAY | 14.22 | log the From header | unknown | ||
396 | SHOULD NOT | 14.22 | use the From header for access-control | unknown | ||
397 | MUST | 14.23 | for clients: include a Host header in all http/1.1 requests | unknown | ||
398 | MUST | 14.23 | for clients: include an empty Host header in all http/1.1 requests when no host name is available | unknown | ||
399 | MUST | 14.23 | ensure that all requests forwarded include an appropriate Host header | unknown | ||
400 | MUST | 14.23 | respond with 400 to http/1.1 requests missing a Host header | unknown | ||
401 | MUST | 14.24 | use the strong comparison when comparing entity tags for If-Match | unknown | ||
402 | SHOULD | 14.25 | return a 304 to IMS requests that have not been modified (using cached data if possible) | unknown | ||
403 | MUST | 14.31 | check and decrement (if greater than 0) the Max-Forwards header if present in TRACE and OPTIONS requests | unknown | ||
404 | MUST | 14.31 | respond as the final recipient if the Max-Forwards header is 0 on a TRACE or OPTIONS request | unknown | ||
405 | MAY | 14.31 | ignore the Max-Forwards header for all other methods covered by rfc 2616 | unknown | ||
406 | SHOULD | 14.32 | forward requests with Pragme: no-cache upstream even if a cached copy exists | unknown | ||
407 | MUST | 14.32 | pass Pragma directives up/downstream in all cases | unknown | ||
408 | SHOULD | 14.32 | ignore pragma directives not relevant or understood by us | unknown | ||
409 | SHOULD | 14.32 | treat pragme: no-cache ascache-control: no-cache | unknown | ||
410 | MUST | 14.33 | include Proxy-Authenticate when sending a 407 response | unknown | note: NTLm auth requires an unrecommended order | |
411 | SHOULD NOT | 14.33 | pass Proxy-Authenticate downstrem | unknown | ||
412 | MAY | 14.34 | relay credentials from a client upstream to a parent cache (if that is the mechanism by which the two caches cooperatively authenticate a given request) | unknown | ||
413 | MAY | 14.35.1 | specify a single byte range or a set of ranges within a single entity with a single byte range operation | unknown | ||
414 | MUST | 14.35.1 | have the last-byte-pos value (if present) great than or equal to the first-byte-pos in the byte-range-spec | unknown | ||
415 | MUST | 14.35.1 | ignore a header field with an invalid byte-range-spec | unknown | ||
416 | SHOULD | 14.35.1 | return 416 if a byte-range-set is unsatisfiable | unknown | ||
417 | SHOULD | 14.35.1 | return 206 when returning ranges | unknown | ||
418 | MAY | 14.35.2 | for the client - request one or more subranges on conditional or un-conditional GET requests | unknown | ||
419 | MAY | 14.35.2 | ignore the range header. | unknown | We should support this, and should look at caching partial responses | |
420 | SHOULD | 14.35.2 | only return the requested range to a client even if we get given the entire entity in response to a request containing a range request | unknown | ||
421 | SHOULD | 14.35.2 | store the entire response (if we would normally cache that object) if we get given the entire entity in response to a request containing a range request | unknown | ||
422 | MUST NOT | 14.36 | for the client - send a referer field if the request-URI was not obtained from a source with it's own URI - ie the keyboard | unknown | ||
423 | MAY | 14.37 | use Retry-After to indicate how long a client should wait before requesting the new location | unknown | ||
424 | MUST NOT | 14.38 | modify the Server header on forwarded responses | unknown | ||
425 | SHOULD | 14.38 | include a Via header on forwarded resposnes | unknown | ||
426 | MUST | 14.39 | include the TE connection token whenever we use TE on a connection | unknown | ||
427 | SHOULD NOT | 14.40 | include header fields in the trailer with having sent a Trailer header | unknown | ||
428 | MUST NOT | 14.40 | send Transfer-Encoding; Content-Length or Trailer as Trailer field values | unknown | ||
429 | MUST | 14.41 | list in the order applied the transfer-encodings applied to a response (ie rsync, gzip | unknown | ||
430 | MUST | 14.42 | use the upgrade header in a response with status code 101 | unknown | ||
431 | MUST | 14.42 | include the Upgrade connection-token whenever we use the Upgrade header | unknown | ||
432 | SHOULD | 14.43 | for the client - include a user-Agent field in requests | unknown | ||
433 | SHOULD | 14.44 | include a Vary header on any cacheable response we generate that used server negotiation | unknown | ||
434 | MAY | 14.44 | for the 'server' include a vary header with a non-cacheable resposne the used server negotiation | unknown | ||
435 | MAY | 14.44 | assume the same response will be given by a server for future requests with the same request field values as those listed by the vary header in the response whilst the response is still fresh | unknown | ||
436 | MUST NOT | 14.44 | generate a * value for a vary field | unknown | ||
437 | MUST | 14.45 | fill in the Via header | unknown | ||
438 | MAY | 14.45 | replace the host in the via header with a pseudonym for security/privacy | unknown | ||
439 | MUST | 14.45 | append our details to the Via header | unknown | ||
440 | MAY | 14.45 | remove comments from the via header before forwarding | unknown | ||
441 | MAY | 14.45 | put comments in the via header before forwarding | unknown | ||
442 | SHOULD NOT | 14.45 | when used as a gateway/ http firewall forward names/hosts/ports of hosts within the firewall | unknown | perhaps a config directive - firewall - turn on several things? | |
443 | SHOULD | 14.45 | require explicit enablement of forwarding names/hosts/ports of hosts within the firewall | unknown | perhaps a config directive - firewall - turn on several things? | |
444 | SHOULD | 14.45 | replace the received-by host with a pseudonym when used as a gateway/ http firewall forward names/hosts/ports of hosts within the firewall | unknown | ||
445 | MAY | 14.45 | for organisations with privacy concerns: collapse multiple protocol-value entries into one entry in the via header | unknown | ||
446 | SHOULD NOT | 14.45 | combine multiple entries unless they are all under the same organizations control and the hosts have already been pseudonymized | unknown | ||
447 | MUST NOT | 14.45 | combine multiple entries in the via header with different protocol values | unknown | ||
448 | MAY | 14.46 | have responses with more than 1 warning header | unknown | ||
449 | SHOULD | 14.46 | generate warn-text in the natural language most likely to be intelligble to the user receiving the response | unknown | ||
450 | MAY | 14.46 | decide on the language for warnings using ANY available knowledge | unknown | ||
451 | MUST | 14.46 | if sending a warning in a charset other than ISO-8859-1 encode it as per rfc 2047 | unknown | ||
452 | SHOULD | 14.46 | add new warning headers after existing warning headers | unknown | ||
453 | MUST NOT | 14.46 | delete a warning it receives with a given message | unknown | ||
454 | SHOULD | 14.46 | remove any warning headers associated with a cached response after successful validation (except as specified for some warning codes) | unknown | ||
455 | MUST | 14.46 | add any warning headers received in validation responses to cached responses | unknown | ||
456 | MUST | 14.46 | generate warning 110 on stale responses | unknown | ||
457 | MUST | 14.46 | generate warning 111 on stale responses sent when revalidation failed | unknown | ||
458 | SHOULD | 14.46 | generate warning 112 if we are offline intentionally for any length of time | unknown | ||
459 | MUST | 14.46 | generate warning 113 if our heuristic chose a freshness lifetime > 24 hours and the response's age is >24 hours | unknown | ||
460 | MAY | 14.46 | include and arbitrary info we want logged or presented to the user in a Warning 199 | unknown | ||
461 | MUST | 14.46 | generate warning 214 if we change the content-coding or media-type of the response unless this warning is already in the response | unknown | ||
462 | MAY | 14.46 | include and arbitrary info we want logged or presented to the user in a Warning 299 | unknown | ||
463 | MUST | 14.46 | include a warn-date that matches the Date in the response in messages sent with warning headers whose version is HTTP/1.0 or lower | unknown | ||
464 | MUST | 14.46 | delete warning-values that have a warn-date differing form the Date value in the response | unknown | ||
465 | MUST | 14.46 | delete the warning header if it is empty | unknown | ||
466 | MUST | 14.47 | include WWW-Authenticate in 401 responses | unknown | ||
467 | SHOULD | 15.1 | be careful not to disclose personal information of the clients | unknown | ||
468 | SHOULD | 15.1.2 | be able to filter/alter the From field when acting as a gateway | unknown | ||
469 | SHOULD | 19.3 | assume RC 850 dates more than 50 years in the future are in the past | unknown | ||
470 | MAY | 19.3 | internally represent an Expires date as earlier than the proper value, but MUST NOT represent it as later than the proper value | unknown | ||
471 | MUST | 19.3 | do date calculations in GMT | unknown | ||
472 | MUST | 19.3 | convert HTTP header dates to GMT using the most conservative possible conversion if they are not in GMT | unknown | ||
473 | idea | 19.5.1 | sanitise the content-disposition header by removing directory information | unknown |