One document matched: draft-snell-search-method-00.xml
<?xml version="1.0"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY rfc2119 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml'>
<!ENTITY rfc2068 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2068.xml'>
<!ENTITY rfc5323 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.5323.xml'>
<!ENTITY rfc4918 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4918.xml'>
<!ENTITY part1 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.7230.xml'>
<!ENTITY part2 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.7231.xml'>
<!ENTITY part6 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.7234.xml'>
<!ENTITY part4 PUBLIC '' 'http://xml.resource.org/public/rfc/bibxml/reference.RFC.7232.xml'>
]>
<?rfc toc="yes"?>
<?rfc strict="yes"?>
<?rfc symrefs="yes" ?>
<?rfc sortrefs="yes"?>
<?rfc compact="yes"?>
<rfc category="std" ipr="trust200811" docName="draft-snell-search-method-00">
<front>
<title abbrev="HTTP SEARCH Method">
HTTP SEARCH Method
</title>
<author initials="J." surname="Reschke" fullname="Julian Reschke">
<address>
<email>julian.reschke@greenbytes.de</email>
</address>
</author>
<author initials="A." surname="Malhotra" fullname="Ashok Malhotra">
<address>
<email>ashok.malhotra@oracle.com</email>
</address>
</author>
<author initials="J.M." surname="Snell" fullname="James M Snell">
<address>
<email>jasnell@gmail.com</email>
</address>
</author>
<date month="April" year="2015" />
<area>Applications</area>
<workgroup>Individual Submission</workgroup>
<keyword>I-D</keyword>
<keyword>http</keyword>
<keyword>search</keyword>
<keyword>method</keyword>
<abstract>
<t>
This specification updates the definition and semantics of the
HTTP SEARCH request method previously defined by <xref target="RFC5323" />.
</t>
</abstract>
</front>
<middle>
<section anchor="intro" title="Introduction">
<t>
This specification updates the HTTP SEARCH method originally
defined in <xref target="RFC5323"/>.
</t>
<t>
Many existing HTTP-based applications use the HTTP GET and POST
methods in various ways to implement the functionality provided
by SEARCH.
</t>
<t>
Using a GET request with some combination of query parameters included
within the request URI (as illustrated in the example below) is arguably
the most common mechanism for implementing search in web applications.
With this approach, implementations are required to parse the request
URI into distinct path (everything before the '?') and query elements
(everything after the '?'). The path identifies the resource processing
the query (in this case 'http://example.org/feed') while the query
identifies the specific parameters of the search operation.
</t>
<figure><preamble>A typical use of HTTP GET for requesting a search</preamble>
<artwork><![CDATA[
GET /feed?q=foo&limit=10&sort=-published HTTP/1.1
Host: example.org
]]></artwork></figure>
<t>
While there are definite advantages to using GET requests in this manner,
the disadvantages should not be overlooked. Specifically:
<list style="symbols">
<t>
Without specific knowledge of the resource and server to which the
GET request is being sent, there is no way for the client to know
that a search operation is being requested. Identical requests sent
to two different servers can implement entirely different semantics.
</t>
<t>
Encoding query parameters directly into the request URI effectively
casts every possible combination of query inputs as distinct
resources. For instance, because mechanisms such as HTTP caching
handle request URIs as opaque character sequences, queries such
as 'http://example.org/?q=foo' and 'http://example.org/?q=Foo'
will be treated as entirely separate resources even if they
yield identical results.
</t>
<t>
While most modern browser and server implementations allow for
long request URIs, there is no standardized minimum or maximum
length for URIs in general. Many resource constrained devices
enforce strict limits on the maximum number of characters that can
be included in a URI. Such limits can prove impractical for
large or complex query parameters.
</t>
<t>
Query expressions included within a request URI must either be
restricted to relatively simple key value pairs or encoded
such that the query can be safely represented in the limited
character-set allowed by URL standards. Such encoding can add
significant complexity, introduce bugs, or otherwise reduce the
overall visibility of the query being requested.
</t>
</list>
</t>
<t>
As an alternative to using GET, many implementations make use of the
HTTP POST method to perform queries, as illustrated in the example
below. In this case, the input parameters to the search operation are
passed along within the request payload as opposed to using the
request URI.
</t>
<figure><preamble>A typical use of HTTP GET for requesting a search</preamble>
<artwork><![CDATA[
POST /feed HTTP/1.1
Host: example.org
Content-Type: application/x-www-form-urlencoded
q=foo&limit=10&sort=-published
]]></artwork></figure>
<t>
This variation, however, suffers from the same basic limitation as GET
in that it is not readily apparent -- absent specific knowledge of the
resource and server to which the request is being sent -- that a search
operation is what is being requested. Web applications use the POST
method for a wide variety of uses including the creation or modification
of existing resources. Sending the request above to a different server,
or even repeatedly sending the request to the same server could have
dramatically different effects.
</t>
<t>
The SEARCH method provides a solution that spans the gap between the
use of GET and POST. As with POST, the input to the query operation
is passed along within the payload of the request rather than as part
of the request URI. Unlike POST, however the semantics of the SEARCH
method are specifically defined.
</t>
<t>
In this document, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
"SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL"
are to be interpreted as described in <xref target="RFC2119" />.
</t>
</section>
<section title="SEARCH" anchor="search">
<t>
The SEARCH method is used to initiate a server-side search. Unlike
the HTTP GET method, which requests that a server return a
representation of the resource identified by the effective
request URI (as defined by <xref target="RFC7230"/>), the SEARCH
method is used by a client to ask the server to perform a
query operation (described by the request payload) over some set of data
scoped to the effective request URI. The payload returned in response
to a SEARCH cannot be assumed to be a representation of the resource
identified by the effective request URI.
</t>
<t>
The body of the request defines the query. Implementations MAY use
a request body of any content type with the SEARCH method; however,
for backwards compatibility with existing WebDAV implementations,
SEARCH requests that use the text/xml or application/xml content types
MUST be processed in exact accordance with the requirements established by
<xref target="RFC5323" />.
</t>
<t>
SEARCH requests are both safe and idempotent with regards to the
resource identified by the request URI. That is, the performance of a
search is not expected to alter the state of the targeted resource.
However, while processing a search request, a server can be expected to
allocate computing and memory resources or even create additional HTTP
resources through which the response to the search can be retrieved.
</t>
<t>
A successful response to a SEARCH request is expected to provide some
indication as to the final disposition of the search operation. For instance,
a successful search that yields no results can be represented by a 204 No Content
response. If the response includes a body payload, the payload is expected
to describe the results of the search operation. In some cases, the search
arbiter might choose to respond indirectly to the SEARCH request by returning
a 3xx Redirection with a Location header specifying an alternate Request URI
from which the search results can be retrieved by using an HTTP GET request.
Various non-normative examples of successful SEARCH responses are illustrated
in <xref target="examples" />.
</t>
<t>
The response to a SEARCH request is not cacheable. It ought to be noted,
however, that because SEARCH requests are safe and idempotent, responses
to a SEARCH MUST NOT invalidate previously cached responses to other
requests directed at the same effective request URI.
</t>
<t>
The semantics of the SEARCH method change to a "conditional SEARCH" if
the request message includes an If-Modified-Since, If-Unmodified-
Since, If-Match, If-None-Match, or If-Range header field
(<xref target="RFC7232"/>). A conditional
SEARCH requests that the query be performed only under the
circumstances described by the conditional header field(s). It is
important to note, however, that such conditions are evaluated
against the state of the target resource itself as opposed to the
collected results of the search operation.
</t>
</section>
<section title="The "Accept-Search" Header Field" anchor="accept-search">
<t>
The "Accept-Search" response header field MAY be used by servers to
directly signal support for the SEARCH method while identifying
the specific query format Content-Type's that can be used.
</t>
<figure><preamble></preamble><artwork><![CDATA[
Accept-Search = "Accept-Search" ":" 1#media-type
]]></artwork></figure>
<t>
The Accept-Search header specifies a comma-separated listing of media
types (with optional parameters) as defined by <xref target="RFC7231"/>,
Section 3.1.1.1.
</t>
</section>
<section title="Examples" anchor="examples">
<t>
The non-normative examples in this section make use of a simple,
hypothetical plain-text based query syntax based on SQL with results
returned as comma-separated values. This is done for illustration
purposes only. Implementations are free to use any format they wish on
both the request and response.
</t>
<section title="Simple SEARCH with a Direct Response">
<figure><preamble>A simple SPAQRL query with a Direct Response:</preamble><artwork><![CDATA[
SEARCH /contacts HTTP/1.1
Host: example.org
Content-Type: text/query
Accept: text/csv
select surname, givenname, email limit 10
]]></artwork></figure>
<figure><preamble>Response:</preamble><artwork><![CDATA[
HTTP/1.1 200 OK
Content-Type: text/csv
surname, givenname, email
Smith, John, john.smith@example.org
Jones, Sally, sally.jones@example.com
Dubois, Camille, camille.dubois@example.net
]]></artwork></figure>
</section>
<section title="Simple SEARCH with Indirect Response (303 See Other)">
<figure><preamble>A simple SPAQRL query with an Indirect Response (303 See Other)</preamble><artwork><![CDATA[
SEARCH /contacts HTTP/1.1
Host: example.org
Content-Type: text/query
Accept: text/csv
select surname, givenname, email limit 10
]]></artwork></figure>
<figure><preamble>Response:</preamble><artwork><![CDATA[
HTTP/1.1 303 See Other
Location: http://example.org/contacts/query123
]]></artwork></figure>
<figure><preamble>Fetch Query Response:</preamble><artwork><![CDATA[
GET /contacts/query123 HTTP/1.1
Host: example.org
]]></artwork></figure>
<figure><preamble>Response:</preamble><artwork><![CDATA[
HTTP/1.1 200 OK
Content-Type: text/csv
surname, givenname, email
Smith, John, john.smith@example.org
Jones, Sally, sally.jones@example.com
Dubois, Camille, camille.dubois@example.net
]]></artwork></figure>
</section>
</section>
<section title="Security Considerations">
<t>
The SEARCH method is subject to the same general security
considerations as all HTTP methods as described in
<xref target="RFC7231"/>.
</t>
</section>
<section title="IANA Considerations">
<t>
IANA is requested to update the registration of the SEARCH method in the
permanent registry at <http://www.iana.org/assignments/http-methods>
(see Section 8.1 of <xref target="RFC7231" />).
</t>
<texttable>
<ttcol>Method Name</ttcol>
<ttcol>Safe</ttcol>
<ttcol>Idempotent</ttcol>
<ttcol>Specification</ttcol>
<c>SEARCH</c>
<c>Yes</c>
<c>Yes</c>
<c><xref target="search"/></c>
</texttable>
</section>
</middle>
<back>
<references title="Normative References">
&rfc2119;
&rfc5323;
&rfc4918;
&part1;
&part2;
&part4;
&part6;
</references>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-23 08:24:33 |