As per Relevance of the word copyright, we have this rfc below:










Network Working Group K.
Request for Comments: 2310
Category: Experimental April 1998


The Safe Response Header

Status of this

This memo defines an Experimental Protocol for the
community. It does not specify an Internet standard of any kind
Discussion and suggestions for improvement are requested
Distribution of this memo is unlimited

Copyright

Copyright (C) The Internet Society (1998). All Rights Reserved



This document defines a HTTP response header field called Safe,
can be used to indicate that repeating a HTTP request is safe.
an indication will allow user agents to handle retries of some
requests, in particular safe POST requests, in a more user-
way

1

This document defines a HTTP response header field called Safe,
can be used to indicate that repeating a HTTP request is safe.
an indication will allow user agents to handle retries of some
requests, in particular safe POST requests, in a more user-
way

2 Terminology and

This document uses the HTTP terminology and BNF notation defined
[1]. It uses the key words in RFC 2119 for defining the
of each particular requirement

3

According to Section 9.1.1 (Safe Methods) of the HTTP/1.1
specification [1], POST requests are assumed to be `unsafe'
default. `Unsafe' means `causes side effects for which the user
be held accountable'.





Holtman Experimental [Page 1]

RFC 2310 The Safe Response Header Field April 1998


It is sometimes necessary for a user agent to repeat a POST request
Examples of such cases

- when retrying a POST request which gave an indeterminate
result in the previous
- when the user presses the RELOAD button while a POST result

- when the history function is used to redisplay a POST
which is no longer in the history buffer

If the POST request is unsafe, HTTP requires explicit
confirmation is before the request is repeated. The
dialog often takes the form of a `repost form data?' dialog box
This dialog is confusing to many users, and slows down navigation
any case

If the repeated POST request is safe, the user-
confirmation dialog can be omitted. However plain HTTP/1.1 [1]
no mechanism by which agents can tell if POST requests are safe,
they must be assumed unsafe by default. This document adds
mechanism to HTTP, the Safe header field, for telling if a
request is safe

Using the Safe header field, web applications which require the
of a safe POST request, rather than a GET request, for the
of web forms, can be made more user-friendly. The use of a
request may be required for a number of reasons,

- the contents of the form are potentially very
- the form is used to upload a file (see [2])
- the application needs some internationalization
(see [3]) which are only available if the form contents
transmitted in a request body the information in the form
be encoded in a GET request URL because of
considerations

4 The Safe response header

The Safe response header field is defined as an addition to
HTTP/1.x protocol suite

The Safe response header field is used by origin servers to
whether repeating the received HTTP request is safe in the sense
Section 9.1.1 (Safe Methods) of the HTTP/1.1 specification [1].
the purpose of this specification, a HTTP request is considered to
a repetition of a previous request if both





Holtman Experimental [Page 2]

RFC 2310 The Safe Response Header Field April 1998


- are issued by the same user agent,
- apply to the same resource,
- have the same request method,
- both have no request body, or both have request bodies which
byte-wise identical after decoding of any content and
codings

The Safe header field has the following syntax

Safe = "Safe" ":" safe-
safe-nature = "yes" | "no

An example of the header field is

Safe:

If a Safe header field is absent in the response, the
request MUST be considered unsafe, unless it is a GET or
request. As GET and HEAD requests are safe by definition,
agents SHOULD ignore a `Safe: no' header field in GET and
responses

If, according to a received Safe header field, the repeating of
request is safe, the request MAY be repeated automatically
asking for user confirmation

5 Security

For a discussion of the security considerations connected to
form submission, see [1]. The Safe header field introduces no
security risks

The use of GET requests for form submission has some security
which are absent for submission with other HTTP methods. By
away a counter-incentive to the use of GET requests for
submission, the Safe header field may improve overall security















Holtman Experimental [Page 3]

RFC 2310 The Safe Response Header Field April 1998


6

[1] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1",
2068, January 1997.

[2] Nebel, E., and L. Masinter, "Form-based File Upload in HTML",
RFC 1867, November 1995.

[3] Yergeau, F., Nicol, G., Adams, G., and M. Duerst
"Internationalization of the Hypertext Markup Language",
2070, January 1997.

7 Author's

Koen
Technische Universiteit
Postbus 513
Kamer HG 6.57
5600 MB Eindhoven (The Netherlands

EMail: koen@win.tue.





























Holtman Experimental [Page 4]

RFC 2310 The Safe Response Header Field April 1998


8. Full Copyright

Copyright (C) The Internet Society (1998). All Rights Reserved

This document and translations of it may be copied and furnished
others, and derivative works that comment on or otherwise explain
or assist in its implementation may be prepared, copied,
and distributed, in whole or in part, without restriction of
kind, provided that the above copyright notice and this paragraph
included on all such copies and derivative works. However,
document itself may not be modified in any way, such as by
the copyright notice or references to the Internet Society or
Internet organizations, except as needed for the purpose
developing Internet standards in which case the procedures
copyrights defined in the Internet Standards process must
followed, or as required to translate it into languages other
English

The limited permissions granted above are perpetual and will not
revoked by the Internet Society or its successors or assigns

This document and the information contained herein is provided on
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED,
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE
























Holtman Experimental [Page 5]



if you see any problems within the linking, don't worry be happy,
this is version 0.1 of the Relevance System and you gotta expect some crappy subroutines sometimes,
just be content we did not write this in Java, which would have made this "bigger and better" HAHAHHA.



RFC documents can be found at I.E.T.F.



Relevance System Copyright © 2002 Spectrum WorldResearch
other technical nosh by ServerMasters Corporation
collaboration of BobX






Spectrum