Guidelines for Web Content Transformation Proxies 1q

1 Introduction (Non-Normative)

1.1 Purpose

~~From the point of view of~~ Within this ~~document,~~ document Content Transformation is refers to the manipulation ~~in various ways, by proxies,~~ of requests ~~made to~~ to, and ~~content delivered by~~ responses from, an origin ~~server with a view~~ server. This manipulation is carried out by proxies in order to provide a better user experience of content that would otherwise result in an unsatisfactory experience on the device making ~~it more suitable for mobile presentation.~~ the request.

The W3C ~~MWI BPWG~~ Mobile Web Best Practices Working Group neither approves nor disapproves of Content Transformation, but recognizes that is being deployed widely across mobile data access networks. The deployments are widely divergent to each other, with many non-standard HTTP implications, and no well-understood means either of identifying the presence of such transforming proxies, nor of controlling their actions. This document establishes a framework to allow that to happen.

The overall objective of this document is to provide a means, as far as is practical, for users to be provided with at least a "functional user experience" [Device Independence Glossary] of the Web, when mobile, taking into account the fact that an increasing number of content providers create experiences specially tailored to the mobile context which they do not wish to be altered by third parties. Equally it takes into account the fact that there remain a very large number of Web sites that do not provide a functional user experience when perceived on many mobile devices. The document describes how the origin server may request conforming transforming proxies not to alter HTTP requests and responses, as well as describing control options that a transforming proxy offers users. A more extensive discussion of the requirements for these guidelines can be found in "Content Transformation Landscape" [CT Landscape] .

1.2 Audience

The audience for this document is creators of Content Transformation ~~proxies,~~ proxies and purchasers and operators of such ~~proxies and~~ proxies. The document also contains non-normative guidance for content providers whose services may be accessed by means of such proxies.

1.3 Scope

The recommendations in this document refer only to "Web browsing" - i.e. access by user agents that are intended primarily for interaction by users with HTML Web pages (Web ~~browsers). Note: The document is not intended as guidelines for delivery~~ browsers) using HTTP. Clients that interact with proxies using mechanisms other than HTTP (and that typically involve the download of ~~WAP/WML. Some~~ a special client) are out of ~~its recommendations may,~~ scope, and are considered to be a distributed user agent. Proxies which are operated in ~~some circumstances , disrupt~~ the ~~delivery~~ control of ~~WML.~~ or under the direction of the operator of an origin server are similarly considered to be a distributed origin server and hence out of scope.

The BPWG is not chartered to create new ~~technology,~~ technology - its role is to advise on best practice for use of existing technology. In satisfying Content Transformation requirements, existing HTTP ~~headers,~~ header fields, directives and behaviors must be respected, and as far as is practical, no extensions to [RFC 2616 HTTP] are to be used.

The BPWG made reference to Ineternet Architecture Board work on "Open Pluggable Edge Services" [RFC 3238 OPES] for various principles that underlie behavior of proxies. In this work the IAB expressed its concerns about privacy, control, monitoring, and accountability of such services.

The recommendations in this document refer to interactions of a proxy and do not refer to any presumed aspects of the internal operation of the proxy. For this reason, the document does not discuss use of "allow" and "disallow" lists (though it does discuss behavior that is induced by the implementation of such lists). In addition it does not discuss details of how transformation is carried out except if this is reflected in inter-operability. For this reason, it does not discuss the insertion or insertion of headers and footers or any other specific behaviors (though it does discuss the need for essential user inter-action of some form).

2 Terminology (Normative)

2.1 Types of Proxy

Alteration of HTTP requests and responses is not prohibited by HTTP other than in the circumstances referred to in [RFC 2616 HTTP] Section 13.5.2 and Section 14.9.5 .

HTTP defines two types of proxy: transparent proxies and non-transparent proxies. As discussed in [RFC 2616 HTTP] Section 1.3, Terminology :

[ ~~Definition :~~ "A transparent proxy is a proxy that does not modify the request or response beyond what is required for proxy authentication and ~~identification."] [~~ identification. ~~Definition : "A~~ A ~~non transparent~~ non-transparent proxy is a proxy that modifies the request or response in order to provide some added service to the user agent, such as group annotation services, media type transformation, protocol reduction, or anonymity ~~filtering.]~~ filtering. Except where either transparent or non-transparent behavior is explicitly stated, the HTTP proxy requirements apply to both types of proxies."

This document elaborates the behavior of ~~non transparent~~ non-transparent proxies, when used for Content Transformation in the context discussed in [CT Landscape] . Editorial Note: The BPWG requests feedback on the degree to which it is necessary to distinguish between Content Transformation proxies that interact with user agents using HTTP, and other types of arrangements where a (proprietary) client application interacts with an in-network component using other techniques.

2.2 Types of Transformation

Transforming proxies can carry out a wide variety of operations. In this document we categorize these operations as follows:

Alteration of Requests
Transforming proxies process requests in a number of ways, especially replacement of various request ~~headers~~ header fields to avoid HTTP 406 Status responses ~~(the~~ (if a server can not provide content in that is compatible with the ~~format requested)~~ original HTTP request header fields) and at user request.
Alteration of Responses
There are three classes of operation on responses:

2.3 Interpretation of RFC 2119 Key Words This document is not normative Need link to definition and it is inappropriate to claim conformance to it. Implementors of this Recommendation who wish to promote effective inter operability of Web content will, however, interpret the key words must , must not , required , shall , shall not , should , should not , recommended , may , and optional in this Recommendation as described in [RFC 2119] .

3 Requirements Conformance (Normative)

3.1 Summary Classes of Requirements Product

The ~~purpose of this section is to summarize the communication requirements~~ Content Transformation Guidelines specification has one class of ~~actors (transforming proxies, origin servers, and to some extent users) to communicate with each other. The relevant scenario involving a content transformation proxy is as follows:~~ products:

Transformation Deployment: ~~Note:~~
A Transformation Deployment is the provision of ~~The interactions~~ non-transparent components in the path of ~~several transformation proxies~~ HTTP requests and responses. Provisions that are ~~encompassed by~~ applicable to a Transformation Deployment are identified in this ~~document, but only~~ document by use of the term "transforming proxy" or "proxy" in ~~a rudimentary form.~~ the singular or plural.

The needs of these actors are as follows: 3.2 Normative and Informative Parts

~~The user agent needs to be able to tell~~ Normative parts of this document are identified by the ~~Content Transformation proxy and~~ use of "(Normative)" following the ~~origin server:~~ section name. Informative parts are identified by use of "(Non-Normative)" following the section name.

~~what type of mobile device and what user agent is being used;~~

that all Content Transformation should be avoided. 3.3 Normative Language for Conformance Requirements

The ~~Content Transformation proxy needs to be able to tell~~ key words must , must not , required , shall , shall not , should , should not , recommended , may , and optional in this Recommendation have the ~~origin server:~~ meaning defined in [RFC 2119] .

that some degree of Content 3.4 Transformation ( restructuring and recoding Deployment Conformance ) can be performed; that Content Transformation will be carried out unless requested not to;

~~that content is being requested on behalf of something else and what that something else is;~~ ~~that the request headers have been altered (e.g. additional content types inserted). The origin server needs to be able to tell the Content~~ A Transformation ~~proxy: that it varies its presentation according to device type and other factors; that it is permissible (or not)~~ Deployment conforms to ~~perform Content Transformation of various kinds; that~~ these guidelines if it ~~has media-specific representations; that is unable or unwilling to deal with~~ follows the ~~request~~ statements in ~~its present form. The Content Transformation proxy needs to be able to tell the user agent:~~ ~~that it has applied transformations~~ 4.1 Proxy Forwarding of ~~various kinds to the content. The Content Transformation proxy needs to be able to interact with the user:~~ Request ~~to allow the user to disable its features;~~ , ~~to alert the user to the fact that it has transformed content and to allow access to an untransformed representation~~ 4.2 Proxy Forwarding of ~~the content.~~ Response to User Agent ~~3.2 Control of the Behavior of the Proxy~~ and 5 Testing (Normative) .

A ~~transforming proxy as described in this document~~ Transformation Deployment that wishes to claim conformance must ~~offer~~ make available a ~~level of control to users and to origin servers with which it communicates.~~ conformance statement B Conformance Statement ~~3.2.1 Control by~~ that specifies the ~~User Transforming proxies~~ reasons for non-compliance with any clauses containing the key words should ~~provide to their users:~~ and should not .

an indication that the content being viewed has been transformed for mobile presentation; 4 Behavior of Components (Normative)

~~an option to view the original, unmodified content.~~

They may also provide the ability for their users to make a persistent or semi-persistent expression of preferences. Examples of such settings are "Never transform", "Always request desktop presentation", "Transform only if necessary to avoid mis-operation" and "Compress where possible". Editorial Note: The BPWG is studying how to clarify the scope 4.1 Proxy Forwarding of "persistent" and "semi-persistent". Request

3.2.2 Control by Server 4.1.1 Applicable HTTP Methods

~~Transforming proxies~~ Proxies ~~must~~ should not ~~allow origin servers to control the Content Transformation process. The control mechanisms include use of HTTP conventions as discussed~~ intervene in ~~the following section ( 4 Behavior of Components ). 3.2.3 Control by Administrative or Other Arrangements.~~ methods other than GET, POST, HEAD.

~~The preferences~~ User agents sometimes issue HTTP HEAD requests in order to determine if a resource is of ~~users and~~ a type and/or size that they are capable of ~~servers~~ handling. A transforming proxy may ~~be ascertained by means outside the scope of this document, for example: the use by transforming proxies of~~ convert a ~~disallow list of Web sites for which Content Transformation is known~~ HEAD request into a GET request (in order to ~~diminish the user experience of content or be ineffective;~~ determine the ~~use by transforming proxies of an allow list of Web sites for which Content Transformation is known to be necessary; terms and conditions~~ characteristics of ~~service, as agreed between~~ a transformed response that it would return if the user ~~and~~ agent subsequently issued a GET request for the ~~Content Transformation service provider. Note:~~ same resource).

~~Allow and disallow lists generally cause intractable problems for content providers since there~~ If the HTTP method is ~~no mechanism for them~~ altered from HEAD to ~~establish which lists they~~ GET, proxies should ~~be on, nor any generic mechanism though which they can check or change their status. 3.2.4 Resolving Conflicting Instructions There~~ (providing such action is in accordance with normal HTTP caching rules) cache the ~~possibility for conflict between the desires of the content provider and the desires of users of~~ response so that ~~content. This document sets out to provide~~ a ~~framework within which,~~ second GET request for ~~matters of presentation, the desires of~~ the same content ~~provider are usually accommodated but, where necessary, the user may expressly override those desires with their preferences. 4 Behavior of Components~~ is not required (see also 4.1.4 Serving Cached Responses ~~4.1 Proxy Treatment of Request~~ ).

Other than to convert between HEAD and GET proxies must not alter request methods.

4.1.1 4.1.2 `no-transform` directive in Request

If the request contains a Cache-Control: no-transform ~~directive the proxy~~ directive, proxies must not ~~forward~~ alter the request ~~unaltered to the server,~~ other than to comply with transparent HTTP behavior ~~and~~ defined in ~~particular~~ [RFC 2616 HTTP] sections section 14.9.5 and section 13.5.2 and to add ~~a Via~~ header fields as described in 4.1.6 Additional HTTP ~~header.~~ Header Fields below.

Note:

An example of the use of Cache-Control: no-transform is the issuing of asynchronous HTTP requests, perhaps by means of ~~XMLHttpRequest~~ XMLHTTPRequest [XHR] , which may include such a directive in order to prevent transformation of both the request and the response.

~~Irrespective of the presence~~

4.1.3 Treatment of a no-transform directive: Requesters that are not Web browsers

~~the proxy should add the IP address of the initiator~~ Before altering aspects of ~~the~~ an HTTP request proxies need to ~~the end~~ take account of ~~a comma separated list in an X-Forwarded-For HTTP header;~~ the ~~proxy must behave transparently unless it is able positively to determine~~ fact that ~~the user agent~~ HTTP is ~~a Web browser. The mechanism by which the proxy recognizes the user agent~~ used as a ~~Web browser should use evidence from the~~ transport mechanism for many applications other than "Traditional Browsing". Alteration of HTTP ~~request, in particular the User-Agent and Accept headers.~~ requests for those applications can cause serious mis-operation.

4.1.2 Proxy Decision to Transform 4.1.4 Serving Cached Responses

~~If there is no no-transform directive present~~ Aside from the usual caching procedures defined in [RFC 2616 HTTP] , in some circumstances, proxies may paginate responses and where this is the case a request may be for a subsequent page of a previously requested resource. In this case proxies may for the ~~proxy~~ sake of consistency of representation serve stale data but when doing so should ~~analyze whether it intends to offer transformation services by referring to: any knowledge it has of~~ notify the user ~~preferences;~~ that this is the case and must provide a simple means of retrieving a fresh copy.

any knowledge it has 4.1.5 Alteration of user agent capabilities (including linearization and zoom); HTTP Header Field Values

~~any prior knowledge it has~~ Proxies should not modify the values of ~~server behavior, derived from previous interaction with~~ header fields other than User Agent,AcceptAccept-Charset and Accept-Encoding header fields and must not delete header fields. It must be possible for the server ~~- and in particular~~ to ~~preserve~~ reconstruct the ~~consistency of user experience across a sequence of related requests;~~ original UA originated header fields by copying directly from the corresponding X-Device header field values (see 4.1.5.5 Original Header Fields ).

Editorial Note: Note that the ~~HTTP method~~ need for copies of the ~~request.~~ original header values is (once again) in question.

Editorial Note: Note that the question of whether alteration of the User-Agent field solely in order to avoid a 406 response has *seemingly* not been answered definitively

~~Proxies~~ Other than to comply with transparent HTTP operation, proxies should not ~~alter HTTP requests~~ modify any request header fields unless:

~~unaltered headers~~ the user would be prohibited from accessing content as a result in of the ~~user's request being rejected by~~ server responding that the ~~origin server; an unaltered~~ request ~~body~~ is ~~not consistent with the origin server's requirements in respect~~ "unacceptable" (see 4.2.5 Server Rejection of ~~Internet content type or character encoding (as may happen, for example, if the proxy has transformed an HTML form that results in this request);~~ HTTP Request );
the user has specifically requested a restructured ~~version~~ desktop experience (see 4.1.5.3 User Selection of Restructured Experience );
the request is part of a ~~desktop presentation.~~ sequence of requests to the same Web site and either it is technically infeasible not to adjust the request because of earlier interaction, or because doing so preserves consistency of user experience.

These circumstances are detailed in the following sections.

Note: ~~Rejection~~

In this section, the concept of ~~a request by a server~~ "Web site" is ~~taken to mean both a HTTP 406 Status as well~~ used (rather than "origin server") as ~~HTTP 200 Status, with content indicating that~~ some origin servers host many different Web sites. Since the ~~request cannot be handled - e.g. "Your browser~~ concept of "Web site" is not ~~supported"~~ strictly defined, proxies should use heuristics including comparisons of domain name to assess whether resources form part of the same "Web site".

~~Editorial~~

Note:

The ~~BPWG is studying~~ heuristics ~~for determining when a response with a 200 Status should be treated as a response with a 406 Status.~~ discussed in 4.2.9 Proxy Decision to Transform relating to URI patterns are not part of the decision to alter HTTP Header Field values.

4.1.5.1 Content Tasting

~~Proxies~~ The theoretical idempotency of GET requests is not always respected by servers. In order, as far as possible, to avoid mis-operation of such content, proxies should ~~not~~ ~~intervene in methods other than GET, POST, HEAD~~ avoid issuing duplicate requests and ~~PUT. User agents sometimes~~ specifically should not issue ~~HTTP HEAD~~ duplicate requests ~~in order to determine if a resource is of a type and/or size that they are capable of handling.~~ for comparison purposes.

4.1.5.2 Avoiding "Request Unacceptable" Responses

A ~~transforming~~ proxy may ~~convert~~ reissue a ~~HEAD~~ request ~~into~~ with altered HTTP header field values if a ~~GET~~ previous request ~~if it requires the response body to determine the characteristics of~~ with unaltered values resulted in the ~~transformed response that it would return were~~ origin server rejecting the ~~user agent subsequently to issue a GET~~ request ~~for that content. In this case, the~~ as "unacceptable" (see 4.2.5 Server Rejection of HTTP Request ). A proxy ~~should (providing such action is~~ may apply heuristics of various kinds to assess, in ~~accordance with normal HTTP caching rules) cache~~ advance of sending unaltered header field values, whether the ~~response so that it is not required to send a second GET~~ request is likely to ~~the server. If, as~~ cause a ~~result of carrying out~~ "request unacceptable" response. If it determines that this ~~analysis the proxy remains unaware of the server's preferences and capabilities~~ is likely then it ~~should : Issue a request with~~ may alter header field values without sending unaltered ~~headers and examine~~ values in advance, providing that it subsequently assesses the response ~~(see~~ as described under ~~4.4 Proxy Response to User Agent~~ 4.2.6 Receipt of Vary HTTP Header Field ~~); If it~~ below, and is ~~still in doubt, issue a~~ prepared to reissue the request with ~~altered headers~~ unaltered header fields, and alter its subsequent behavior in respect of the Web site so that unaltered header fields are sent.

~~The~~ A proxy must not ~~issue~~ re-issue a ~~POST/PUT~~ POST request with altered ~~headers~~ header fields when the response to the unaltered ~~POST/PUT~~ POST request has HTTP status code 200 (in other words, it may only send the altered request for a POST/PUT request when the unaltered one ~~was refused with a~~ resulted in an HTTP 406 ~~status).~~ response, and not a "request unacceptable" response).

4.1.5.3 User Selection of Restructured Experience

~~The theoretical idempotency~~ Proxies may offer users an option to choose to view a restructured experience even when a Web site offers a choice of ~~GET requests is not always respected~~ user experience. If a user has made such a choice then proxies may alter header field values when requesting resources in order to reflect that choice, but must , on receipt of an indication from a Web site that it offers alternative representations (see D.1.3.2 Indication of Intended Presentation Media Type of Representation ), inform the user of that and allow them to select an alternative representation.

Proxies should assume that by ~~servers. In order, as far as possible,~~ default users will wish to ~~avoid mis-operation~~ receive a representation prepared by the Web site. Proxies must assess whether a user's expressed preference for a restructured representation is still valid if a Web site changes its choice of ~~such content,~~ representations (see 4.2.6 Receipt of Vary HTTP Header Field ).

4.1.5.4 Sequence of Requests

When requesting resources that are included resources (e.g. style sheets, images), proxies should ~~avoid issuing duplicate requests and specifically~~ make the request for such resources with the same User-Agent header field as the request for the resource from which they are referenced.

For the purpose of consistency of representation, proxies may request linked resources (e.g. those referenced using the a element) that form part of the same Web site as a previously requested resource with the same header fields as the resource from which they are referenced.

When requesting linked resources that do not form part of the same Web site as the resource from which they are linked, proxies should not ~~issue duplicate requests~~ base their choice of header fields on a consistency of presentation premise.

According to [RFC 2616 HTTP] Section 14.45 Via header field comments " may be removed by any recipient prior to forwarding the message". However, the justification for removing such comments is based on memory limitations of early proxies, ~~and that~~ most modern proxies do not suffer such limitations.

~~4.1.4 Altering Header Values~~

4.2 Proxy Forwarding of Response to User Agent

~~If it has altered HTTP headers~~ In the ~~proxy~~ following, proxies must ~~include copies of the unaltered headers in the request in~~ check for the ~~form~~ presence of equivalent "X-Device-"<original header name> . For example, <meta http-equiv> elements in HTML content, if ~~it has altered~~ the ~~User-Agent header, an X-Device-User-Agent~~ relevant HTTP header field is not present.

4.2.1 Applicable Responses

Proxies ~~must~~ should not ~~be added with~~ intervene in the ~~value of~~ response if the ~~received User-Agent header.~~ request method was not HEAD, GET or POST.

4.2 Server Response to Proxy 4.2.2 User Preferences

~~Servers~~ Proxies ~~should~~ must ~~respond with a 406 HTTP Status if~~ provide a ~~request can not be satisfied with~~ means for users to express preferences for inhibiting content ~~that meets the criteria specified~~ transformation. Those preferences must be maintained on a user by ~~values~~ user and Web site by Web site basis. Proxies must solicit re-expression of preferences in respect of ~~request HTTP headers (and not~~ a ~~200 Status).~~ server if the server starts to indicate that it offers varying responses as discussed under ~~If it is capable~~ 4.2.6 Receipt of ~~varying its presentation it should take account~~ Vary HTTP Header Field .

4.2.3 Receipt of user agent capabilities and formulate an appropriate experience according to those criteria. `Cache-Control: no-transform`

If the ~~server varies its presentation according to examination of received HTTP headers then it must include~~ response includes a Vary Cache-Control: no-transform ~~HTTP header indicating this to be the case. If, in addition to, or instead of HTTP headers, the server varies its presentation on other factors (source IP Address ...)~~ directive then it proxies must ~~, in accordance~~ not alter it other than to comply with transparent HTTP behavior as described in [RFC 2616 HTTP] ~~, include a Vary header containing the value '*'.~~ Section 13.5.2 and Section 14.9.5 and other than as follows.

If ~~the server has distinct presentations~~ a proxy determines that ~~vary according~~ a resource as currently represented is likely to ~~presentation media, then the medium for which~~ cause serious mis-operation of the ~~presentation is intended~~ user agent then it ~~should~~ may ~~be indicated. Editorial Note: The BPWG is studying the use of~~ advise the ~~link element of HTML which is used for~~ user that this ~~purpose. It~~ is ~~noted that~~ the ~~link element is not available in formats other than HTML,~~ case and ~~it is noted that there is currently active discussion about the use of~~ must provide the ~~Link HTTP header, which would serve this purpose well. If~~ option for the ~~server creates a specific~~ user ~~experience according~~ to ~~device characteristics or presentation media types it should inhibit transformation~~ continue with unaltered content.

4.2.4 Use of the response by including a `Cache-Control: no-transform` directive.

~~The server~~ Proxies ~~must~~ may ~~include a~~ use Cache-Control: no-transform ~~directive if one is received from the user agent.~~ to inhibit transformation by further proxies.

~~Note:~~

~~Including a Cache-Control: no-transform directive can disrupt the behavior of WAP/WML proxies, because it can inhibit such proxies from converting WML to WMLC.~~

Note: If the server is unable to add a Cache-Control 4.2.5 Server Rejection of HTTP headers, it may , in HTML documents, add a meta HTTP-Equiv element containing Cache-Control: no-transform . Request

~~Servers~~ Proxies may ~~base their actions on knowledge of behavior of specific transforming proxies,~~ treat responses with an HTTP 200 Status as identified in a Via header, but should not choose a Content-Type for their response based on their assumptions about the heuristic behavior of any intermediaries. (e.g. a server should not choose content-type: application/vnd.wap.xhtml+xml solely on the basis that though they were responses with an HTTP 406 Status if it ~~suspects~~ has determined that ~~proxies will not transform~~ the content ~~of this type).~~ (e.g. "Your browser is not supported") is equivalent to a response with an HTTP 406 Status.

~~4.3 Proxy~~

4.2.6 Receipt and Forwarding of Response from Server `Vary` HTTP Header Field

~~If HTTP header fields were altered in the request then the~~ A proxy ~~must~~ may not be ~~prepared to re-issue the~~ carrying out content tasting as described under 4.1.5.2 Avoiding "Request Unacceptable" Responses if it anticipates receiving a "request unacceptable" response. However, if it makes a request with altered header fields in ~~an unaltered form on receipt of~~ these circumstances, and receives a response containing a Vary header ~~in the response indicating that the server offers variants of its presentation according~~ field referring to ~~any~~ one of the ~~HTTP~~ altered header fields ~~that have been modified. Editorial Note: The BPWG is aware that more precision may be needed in the above statement. If a transforming proxy has followed the guidelines in this document,~~ then it should ~~not receive a response~~ request the resource again with ~~a Vary~~ unaltered header if fields. It should also update whatever heuristics it ~~has not already received such a response to a request with~~ uses so that unaltered ~~headers.~~ header fields are presented first in subsequent requests for this resource.

4.4 Proxy Response 4.2.7 Link to User Agent "handheld" Representation If the response includes a Warning: 214 Transformation Applied the proxy must not apply further transformation.

If the response is an HTML response and it contains a <link rel="alternate" media="handheld" /> element, ~~the CT-proxy SHOULD~~ a proxy should request and ~~return~~ process the referenced resource, unless the resource referenced is the current resource ~~(1k)~~ as determined by ~~[unresolved discussion] ... .~~ the presence of link elements as discussed under D.1.3.2 Indication of Intended Presentation Media Type of Representation . oops a reference to something that isn't normative any more

4.2.8 WML Content

If the content is WML or WBMP? proxies should act in a transparent manner.

Note:

This does not affect the operation of proxies that are also WAP Gateways.

4.2.9 Proxy Decision to Transform

Editorial Note: Much of this needs to be re-organised ref resolutions on Mandatory heuristics , however pursuant to the resolution:

Editorial Note: The editor notes that the BPWG seeks further examples of heuristics.

In the absence of a Vary or no-transform directive (or a meta HTTP-Equiv element containing Cache-Control: no-transform ) ~~the proxy~~ proxies should apply heuristics to the ~~content~~ response to determine whether it is appropriate to restructure or recode it (in the presence of such directives, heuristics should not be used.)

Examples of heuristics:

The ~~server~~ Web site (see note ) has previously shown that it is contextually aware, even if the present response does not indicate this;
a claim of mobileOK Basic [mobileOK Basic Tests] conformance is indicated;
the Content-Type or other aspects of the response (such as the DOCTYPE) are known to be specific to the device or class of device ~~(e.g. for HTML documents the DOCTYPE is "-//OMA//DTD XHTML Mobile 1.2//EN", "-//WAPFORUM//DTD XHTML Mobile 1.1//EN" "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "-//W3C//DTD XHTML Basic 1.1//EN"~~ (see E Examples of Internet Content Types, DOCTYPEs and ~~"-//W3C//DTD XHTML Basic 1.0//EN");~~ URI Patterns ;
the user agent has features (such as linearization or ~~zoom capabilities or other features which~~ zoom) that allow it to present the content unaltered;
the URI of the response (following redirection or as indicated by the Content-Location HTTP ~~header)~~ header field) or the leading portion of the path indicates that the resource is intended for mobile use ~~(e.g. the domain is *.mobi, wap.*, m.*, mobile.* or the leading portion~~ (see E Examples of ~~the path is /m/ or /mobile/);~~ Internet Content Types, DOCTYPEs and URI Patterns );
the response contains client-side scripts that may mis-operate if the resource is restructured;
the response is an HTML response and it includes <link> elements specifying alternatives according to presentation media type.

4.2.9.1 Alteration of Response

Note:

~~A proxy should strive for the best possible user experience that the user agent supports. It should only alter the format, layout, dimensions etc. to match~~ Other than as noted in this section the ~~specific capabilities~~ nature of ~~the user agent. For example, when resizing images, they should only be reduced so~~ restructuring that ~~they are suitable for the specific user agent,~~ is carried out, any character encoding alterations and what is omitted and what is inserted is, as discussed in 1.3 Scope , out of scope of this ~~should not be done on a generic basis.~~ document.

If ~~the~~ a proxy alters the ~~content then it~~ response then:

It must add a Warning 214 Transformation Applied HTTP ~~Header.~~ header field;
~~If the proxy alters the content then the~~ The altered content should validate according to an appropriate published formal ~~grammar.~~ grammar and if XML must be well-formed ;
If It should indicate to the ~~response contains links whose URIs have~~ user that the ~~scheme https~~ content has been transformed for mobile presentation and provide an option to view the ~~proxy may only rewrite them so~~ original, unmodified content.

4.2.9.2 HTTPS Link Re-writing

Editorial Note: Note that ~~it can transform~~ the ~~content, if~~ following is under active discussion. One view says that HTTPS link rewriting is unacceptable under any circumstances. Note also that the question of whether it ~~meets~~ is acceptable to rewrite any link has been opened (because of security considerations relating to [same domain] concerns)

Note:

The BPWG does not condone link rewriting, but notes that in some circumstances HTTPS is used in situations where the ~~following provision. If~~ user is prepared to trade usability provided by a transforming proxy for the loss of end-to-end security. Servers can prevent users from exercising this choice by applying a Cache-Control: no-transform directive.

Editorial Note: http://lists.w3.org/Archives/Public/public-bpwg-ct/2008Nov/0019.html g) and others ...

If a proxy ~~does rewrite such~~ rewrites HTTPS links, it must advise the user of the security implications of doing so and must provide the option ~~to avoid decryption~~ by-pass it and ~~transformation of the resources~~ to communicate with the ~~links refer to.~~ server directly.

If Notwithstanding anything else in this document, proxies must not rewrite HTTPS links in the ~~response includes~~ presence of a Cache-Control: no-transform ~~directive then the response must remain unaltered other than to comply with transparent~~ directive. ~~HTTP behavior and other than as noted below.~~

If ~~the~~ a proxy ~~determines that~~ re-writes HTTPS links, replacement links must have the ~~resource~~ scheme https.

When forwarding requests originating from HTTPS links proxies must include a Via header field as ~~currently represented is likely to cause serious mis-operation~~ discussed under 4.1.6.1 Proxy Treatment of ~~the user agent then it~~ Via Header Field .

When forwarding responses from servers proxies ~~may , with the users explicit prior consent, warn~~ must notify the user ~~and provide links to both transformed and unaltered versions~~ of ~~the resource.~~ invalid server certificates.

Add some stuff below under guidance for servers

Note:

For clarity it is emphasized that it is not possible for a transforming proxy to transform content accessed via an HTTPS link without breaking end-to-end security.

5 Testing (Normative)

Operators of ~~transforming~~ content transformation proxies should make available ~~interfaces that facilitate testing~~ an interface through which the functions of ~~Web sites accessed~~ the proxy can be exercised. The operations possible through ~~them and~~ this interface ~~should~~ must ~~make such interfaces available through normal~~ cover those necessary to settle the outcome of all conformance statements listed in section B.

The interface must be reachable from terminals with browsing capabilities connected to the Web via a conventional Internet access ~~paths.~~ environment at the tester's premises; accessing the interface may necessitate adjusting standard Web browsing configuration parameters -- such as specifying a proxy IP address and port on a desktop browser, or activating a WAP setting on a mobile browser.

Editorial Note: Does this need to be publically accessible?

Revision Description

The needs of these actors are as follows: 3.2 Normative and Informative Parts

that some degree of Content 3.4 Transformation ( restructuring and recoding Deployment Conformance ) can be performed; that Content Transformation will be carried out unless requested not to;

an indication that the content being viewed has been transformed for mobile presentation; 4 Behavior of Components (Normative)

3.2.2 Control by Server 4.1.1 Applicable HTTP Methods

4.1.1 4.1.2 no-transform directive in Request

4.1.2 Proxy Decision to Transform 4.1.4 Serving Cached Responses

any knowledge it has 4.1.5 Alteration of user agent capabilities (including linearization and zoom); HTTP Header Field Values

4.1.3 Proxy Indication 4.1.6 Additional HTTP Header Fields

4.2 Server Response to Proxy 4.2.2 User Preferences

Note: If the server is unable to add a Cache-Control 4.2.5 Server Rejection of HTTP headers, it may , in HTML documents, add a meta HTTP-Equiv element containing Cache-Control: no-transform . Request

4.4 Proxy Response 4.2.7 Link to User Agent "handheld" Representation If the response includes a Warning: 214 Transformation Applied the proxy must not apply further transformation.

B.1 G.1 POWDER

B.2 G.2 link HTTP Header Field

B.3 Amendments to HTTP G.3 Sources of Device Information

B.4 G.4 Inter Proxy Communication

4.1.1 4.1.2 `no-transform` directive in Request

B.2 G.2 `link` HTTP Header Field