Network Working Group Y. Goland Request for Comments: 2518 Microsoft Category: Standards Track E. Whitehead UC Irvine A. Faizi Netscape S. Carter Novell D. Jensen Novell February 1999 HTTP Extensions for Distributed Authoring -- WEBDAV Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (1999). All Rights Reserved. Abstract This document specifies a set of methods, headers, and content-types ancillary to HTTP/1.1 for the management of resource properties, creation and management of resource collections, namespace manipulation, and resource locking (collision avoidance). Table of Contents ABSTRACT............................................................1 1 INTRODUCTION .....................................................5 2 NOTATIONAL CONVENTIONS ...........................................7 3 TERMINOLOGY ......................................................7 4 DATA MODEL FOR RESOURCE PROPERTIES ...............................8 4.1 The Resource Property Model ...................................8 4.2 Existing Metadata Proposals ...................................8 4.3 Properties and HTTP Headers ...................................9 4.4 Property Values ...............................................9 4.5 Property Names ...............................................10 4.6 Media Independent Links ......................................10 5 COLLECTIONS OF WEB RESOURCES ....................................11 Goland, et al. Standards Track [Page 1] RFC 2518 WEBDAV February 1999 5.1 HTTP URL Namespace Model .....................................11 5.2 Collection Resources .........................................11 5.3 Creation and Retrieval of Collection Resources ...............12 5.4 Source Resources and Output Resources ........................13 6 LOCKING .........................................................14 6.1 Exclusive Vs. Shared Locks ...................................14 6.2 Required Support .............................................16 6.3 Lock Tokens ..................................................16 6.4 opaquelocktoken Lock Token URI Scheme ........................16 6.4.1 Node Field Generation Without the IEEE 802 Address ........17 6.5 Lock Capability Discovery ....................................19 6.6 Active Lock Discovery ........................................19 6.7 Usage Considerations .........................................19 7 WRITE LOCK ......................................................20 7.1 Methods Restricted by Write Locks ............................20 7.2 Write Locks and Lock Tokens ..................................20 7.3 Write Locks and Properties ...................................20 7.4 Write Locks and Null Resources ...............................21 7.5 Write Locks and Collections ..................................21 7.6 Write Locks and the If Request Header ........................22 7.6.1 Example - Write Lock ......................................22 7.7 Write Locks and COPY/MOVE ....................................23 7.8 Refreshing Write Locks .......................................23 8 HTTP METHODS FOR DISTRIBUTED AUTHORING ..........................23 8.1 PROPFIND .....................................................24 8.1.1 Example - Retrieving Named Properties .....................25 8.1.2 Example - Using allprop to Retrieve All Properties ........26 8.1.3 Example - Using propname to Retrieve all Property Names ...29 8.2 PROPPATCH ....................................................31 8.2.1 Status Codes for use with 207 (Multi-Status) ..............31 8.2.2 Example - PROPPATCH .......................................32 8.3 MKCOL Method .................................................33 8.3.1 Request ...................................................33 8.3.2 Status Codes ..............................................33 8.3.3 Example - MKCOL ...........................................34 8.4 GET, HEAD for Collections ....................................34 8.5 POST for Collections .........................................35 8.6 DELETE .......................................................35 8.6.1 DELETE for Non-Collection Resources .......................35 8.6.2 DELETE for Collections ....................................36 8.7 PUT ..........................................................36 8.7.1 PUT for Non-Collection Resources ..........................36 8.7.2 PUT for Collections .......................................37 8.8 COPY Method ..................................................37 8.8.1 COPY for HTTP/1.1 resources ...............................37 8.8.2 COPY for Properties .......................................38 8.8.3 COPY for Collections ......................................38 8.8.4 COPY and the Overwrite Header .............................39 Goland, et al. Standards Track [Page 2] RFC 2518 WEBDAV February 1999 8.8.5 Status Codes ..............................................39 8.8.6 Example - COPY with Overwrite .............................40 8.8.7 Example - COPY with No Overwrite ..........................40 8.8.8 Example - COPY of a Collection ............................41 8.9 MOVE Method ..................................................42 8.9.1 MOVE for Properties .......................................42 8.9.2 MOVE for Collections ......................................42 8.9.3 MOVE and the Overwrite Header .............................43 8.9.4 Status Codes ..............................................43 8.9.5 Example - MOVE of a Non-Collection ........................44 8.9.6 Example - MOVE of a Collection ............................44 8.10 LOCK Method ..................................................45 8.10.1 Operation .................................................46 8.10.2 The Effect of Locks on Properties and Collections .........46 8.10.3 Locking Replicated Resources ..............................46 8.10.4 Depth and Locking .........................................46 8.10.5 Interaction with other Methods ............................47 8.10.6 Lock Compatibility Table ..................................47 8.10.7 Status Codes ..............................................48 8.10.8 Example - Simple Lock Request .............................48 8.10.9 Example - Refreshing a Write Lock .........................49 8.10.10 Example - Multi-Resource Lock Request ....................50 8.11 UNLOCK Method ................................................51 8.11.1 Example - UNLOCK ..........................................52 9 HTTP HEADERS FOR DISTRIBUTED AUTHORING ..........................52 9.1 DAV Header ...................................................52 9.2 Depth Header .................................................52 9.3 Destination Header ...........................................54 9.4 If Header ....................................................54 9.4.1 No-tag-list Production ....................................55 9.4.2 Tagged-list Production ....................................55 9.4.3 not Production ............................................56 9.4.4 Matching Function .........................................56 9.4.5 If Header and Non-DAV Compliant Proxies ...................57 9.5 Lock-Token Header ............................................57 9.6 Overwrite Header .............................................57 9.7 Status-URI Response Header ...................................57 9.8 Timeout Request Header .......................................58 10 STATUS CODE EXTENSIONS TO HTTP/1.1 ............................59 10.1 102 Processing ...............................................59 10.2 207 Multi-Status .............................................59 10.3 422 Unprocessable Entity .....................................60 10.4 423 Locked ...................................................60 10.5 424 Failed Dependency ........................................60 10.6 507 Insufficient Storage .....................................60 11 MULTI-STATUS RESPONSE .........................................60 12 XML ELEMENT DEFINITIONS .......................................61 12.1 activelock XML Element .......................................61 Goland, et al. Standards Track [Page 3] RFC 2518 WEBDAV February 1999 12.1.1 depth XML Element .........................................61 12.1.2 locktoken XML Element .....................................61 12.1.3 timeout XML Element .......................................61 12.2 collection XML Element .......................................62 12.3 href XML Element .............................................62 12.4 link XML Element .............................................62 12.4.1 dst XML Element ...........................................62 12.4.2 src XML Element ...........................................62 12.5 lockentry XML Element ........................................63 12.6 lockinfo XML Element .........................................63 12.7 lockscope XML Element ........................................63 12.7.1 exclusive XML Element .....................................63 12.7.2 shared XML Element ........................................63 12.8 locktype XML Element .........................................64 12.8.1 write XML Element .........................................64 12.9 multistatus XML Element ......................................64 12.9.1 response XML Element ......................................64 12.9.2 responsedescription XML Element ...........................65 12.10 owner XML Element ...........................................65 12.11 prop XML element ............................................66 12.12 propertybehavior XML element ................................66 12.12.1 keepalive XML element ....................................66 12.12.2 omit XML element .........................................67 12.13 propertyupdate XML element ..................................67 12.13.1 remove XML element .......................................67 12.13.2 set XML element ..........................................67 12.14 propfind XML Element ........................................68 12.14.1 allprop XML Element ......................................68 12.14.2 propname XML Element .....................................68 13 DAV PROPERTIES ................................................68 13.1 creationdate Property ........................................69 13.2 displayname Property .........................................69 13.3 getcontentlanguage Property ..................................69 13.4 getcontentlength Property ....................................69 13.5 getcontenttype Property ......................................70 13.6 getetag Property .............................................70 13.7 getlastmodified Property .....................................70 13.8 lockdiscovery Property .......................................71 13.8.1 Example - Retrieving the lockdiscovery Property ...........71 13.9 resourcetype Property ........................................72 13.10 source Property .............................................72 13.10.1 Example - A source Property ..............................72 13.11 supportedlock Property ......................................73 13.11.1 Example - Retrieving the supportedlock Property ..........73 14 INSTRUCTIONS FOR PROCESSING XML IN DAV ........................74 15 DAV COMPLIANCE CLASSES ........................................75 15.1 Class 1 ......................................................75 15.2 Class 2 ......................................................75 Goland, et al. Standards Track [Page 4] RFC 2518 WEBDAV February 1999 16 INTERNATIONALIZATION CONSIDERATIONS ...........................76 17 SECURITY CONSIDERATIONS .......................................77 17.1 Authentication of Clients ....................................77 17.2 Denial of Service ............................................78 17.3 Security through Obscurity ...................................78 17.4 Privacy Issues Connected to Locks ............................78 17.5 Privacy Issues Connected to Properties .......................79 17.6 Reduction of Security due to Source Link .....................79 17.7 Implications of XML External Entities ........................79 17.8 Risks Connected with Lock Tokens .............................80 18 IANA CONSIDERATIONS ...........................................80 19 INTELLECTUAL PROPERTY .........................................81 20 ACKNOWLEDGEMENTS ..............................................82 21 REFERENCES ....................................................82 21.1 Normative References .........................................82 21.2 Informational References .....................................83 22 AUTHORS' ADDRESSES ............................................84 23 APPENDICES ....................................................86 23.1 Appendix 1 - WebDAV Document Type Definition .................86 23.2 Appendix 2 - ISO 8601 Date and Time Profile ..................88 23.3 Appendix 3 - Notes on Processing XML Elements ................89 23.3.1 Notes on Empty XML Elements ...............................89 23.3.2 Notes on Illegal XML Processing ...........................89 23.4 Appendix 4 -- XML Namespaces for WebDAV ......................92 23.4.1 Introduction ..............................................92 23.4.2 Meaning of Qualified Names ................................92 24 FULL COPYRIGHT STATEMENT ......................................94 1 Introduction This document describes an extension to the HTTP/1.1 protocol that allows clients to perform remote web content authoring operations. This extension provides a coherent set of methods, headers, request entity body formats, and response entity body formats that provide operations for: Properties: The ability to create, remove, and query information about Web pages, such as their authors, creation dates, etc. Also, the ability to link pages of any media type to related pages. Collections: The ability to create sets of documents and to retrieve a hierarchical membership listing (like a directory listing in a file system). Goland, et al. Standards Track [Page 5] RFC 2518 WEBDAV