Merge branch 'xep-0363' into premerge

This commit is contained in:
Jonas Schäfer 2022-01-25 16:55:34 +01:00
commit f12d27ffa6
1 changed files with 18 additions and 2 deletions

View File

@ -32,6 +32,20 @@
<email>daniel@gultsch.de</email> <email>daniel@gultsch.de</email>
<jid>daniel@gultsch.de</jid> <jid>daniel@gultsch.de</jid>
</author> </author>
<revision>
<version>1.1.0</version>
<date>2022-01-04</date>
<initials>egp, mb</initials>
<remark>
<ul>
<li>Filename size in bytes.</li>
<li>Headers MUST be included in the PUT request.</li>
<li>Headers considered opaque.</li>
<li>Servers may want to sign headers, in security implications.</li>
<li>Allow header case insensitivity, multiple times the same header, and preserve the order in the HTTP request.</li>
</ul>
</remark>
</revision>
<revision> <revision>
<version>1.0.0</version> <version>1.0.0</version>
<date>2020-02-11</date> <date>2020-02-11</date>
@ -249,7 +263,7 @@
</iq>]]></example> </iq>]]></example>
</section1> </section1>
<section1 topic='Requesting a slot' anchor='request'> <section1 topic='Requesting a slot' anchor='request'>
<p>A client requests a new upload slot by sending an IQ-get to the upload service containing a &lt;request&gt; child element qualified by the urn:xmpp:http:upload:0 namespace. This element MUST include the attributes filename and size containing the file name and size respectively.</p> <p>A client requests a new upload slot by sending an IQ-get to the upload service containing a &lt;request&gt; child element qualified by the urn:xmpp:http:upload:0 namespace. This element MUST include the attributes filename and size containing the file name and size (in bytes) respectively.</p>
<p>An additional attribute content-type containing the Content-Type is OPTIONAL.</p> <p>An additional attribute content-type containing the Content-Type is OPTIONAL.</p>
<example caption='Client requests a slot on the upload service'><![CDATA[ <example caption='Client requests a slot on the upload service'><![CDATA[
<iq from='romeo@montague.tld/garden' <iq from='romeo@montague.tld/garden'
@ -262,7 +276,7 @@
content-type='image/jpeg' /> content-type='image/jpeg' />
</iq>]]></example> </iq>]]></example>
<p>The upload service responds with both a PUT and a GET URL wrapped by a &lt;slot&gt; element. The service SHOULD keep the file name and especially the file ending intact. Using the same hostname for PUT and GET is OPTIONAL. The host MUST provide Transport Layer Security (&rfc5246;). Both HTTPS URLs MUST adhere to &rfc3986;. Non ASCII characters MUST be percent-encoded.</p> <p>The upload service responds with both a PUT and a GET URL wrapped by a &lt;slot&gt; element. The service SHOULD keep the file name and especially the file ending intact. Using the same hostname for PUT and GET is OPTIONAL. The host MUST provide Transport Layer Security (&rfc5246;). Both HTTPS URLs MUST adhere to &rfc3986;. Non ASCII characters MUST be percent-encoded.</p>
<p>The &lt;put&gt; element MAY also contain a number of &lt;header&gt; elements which correspond to HTTP header fields. Each &lt;header&gt; element MUST have a name-attribute and a content with the value of the header. Only the following header names are allowed: Authorization, Cookie, Expires. Other header names MUST be ignored by the requesting entity and MUST NOT be included in the HTTP request. The requesting entity MUST strip any newline characters from the header name and value before performing the HTTP request.</p> <p>The &lt;put&gt; element MAY also contain a number of &lt;header&gt; elements which correspond to HTTP header fields. Each &lt;header&gt; element MUST have a name-attribute and a content with the value of the header. Only the following header names are allowed: Authorization, Cookie, Expires. The allowed headers provided in the response MUST be included in the HTTP PUT request. Other header names MUST be ignored by the requesting entity and MUST NOT be included in the HTTP request. The requesting entity MUST strip any newline characters from the header name and value before performing the HTTP request, but MUST preserve the relative order of multiple values for the same header in the request. Each header name MAY be present zero or more times, and are case insensitive (eXpires is the same as Expires).</p>
<example caption='The upload service responds with a slot'><![CDATA[ <example caption='The upload service responds with a slot'><![CDATA[
<iq from='upload.montague.tld' <iq from='upload.montague.tld'
id='step_03' id='step_03'
@ -343,6 +357,7 @@ Access-Control-Allow-Methods: OPTIONS, HEAD, GET, PUT
Access-Control-Allow-Headers: Authorization, Content-Type Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Allow-Credentials: true Access-Control-Allow-Credentials: true
]]></code> ]]></code>
<p>Clients SHOULD NOT interpret headers and treat them as opaque.</p>
</section1> </section1>
<section1 topic='Security Considerations' anchor='security'> <section1 topic='Security Considerations' anchor='security'>
<section2 topic="Server side" anchor="server"> <section2 topic="Server side" anchor="server">
@ -353,6 +368,7 @@ Content-Security-Policy: default-src 'none'; frame-ancestors 'none';
]]></code> ]]></code>
<p>The provided policy will prohibit a browser from executing all active content from the HTTP upload domain (<em>default-src 'none'</em>) and forbid embedding it from other pages (<em>frame-ancestors 'none'</em>). More information on Content-Security-Policy can be found on <link url="https://infosec.mozilla.org/guidelines/web_security#content-security-policy">infosec.mozilla.org</link>.</p> <p>The provided policy will prohibit a browser from executing all active content from the HTTP upload domain (<em>default-src 'none'</em>) and forbid embedding it from other pages (<em>frame-ancestors 'none'</em>). More information on Content-Security-Policy can be found on <link url="https://infosec.mozilla.org/guidelines/web_security#content-security-policy">infosec.mozilla.org</link>.</p>
<p>Further isolation can be achieved by hosting those files on an entirely different domain instead of using subdomains.</p> <p>Further isolation can be achieved by hosting those files on an entirely different domain instead of using subdomains.</p>
<p>Headers may be signed so that receiving HTTP entities can verify these haven't been tempered with by clients.</p>
</section2> </section2>
<section2 topic="Uploader" anchor="uploader"> <section2 topic="Uploader" anchor="uploader">
<ul> <ul>