You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content.mkd
+71-34Lines changed: 71 additions & 34 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -138,6 +138,8 @@ The `topic` is a globally unique identifier for the collection. A specific colle
138
138
- a random UUID for each collection; or
139
139
- a salted hash (server-specific salt) of the canonical collection URL, encoded with base64.
140
140
141
+
[^todo] The `supported-triggers` element contains supported trigger methods (see {{content-updates}} and {{property-updates}}). Do we even need it? Is it optional? Default value? Specify all depths, max depths?
142
+
141
143
Clients can use WebDAV `PROPFIND` to retrieve these properties. Example:
@@ -163,18 +166,67 @@ The comment shows how support for some other (not yet defined) transport could b
163
166
164
167
# Subscription Management
165
168
166
-
[^todo]ACL for registering subscriptions?
169
+
[^todo]Permissions / what to report when user is not allowed to register push.
167
170
168
171
169
172
## Subscription Registration
170
173
171
-
To subscribe to a collection, the client sends a `POST` request with `Content-Type: application/xml` to the collection it wants to subscribe. The root XML element of the XML body is `push-register` in the WebDAV-Push namespace (`https://bitfire.at/webdav-push`) and can be used to distinguish between a WebDAV-Push and other requests.
174
+
To subscribe to a collection, the client sends a `POST` request with `Content-Type: application/xml` to the collection it wants to subscribe. The root XML element of the XML body is `push-register` and can be used to distinguish between WebDAV-Push and other requests.
175
+
176
+
The `push-register` element contains:
172
177
173
-
The `push-register` element contains exactly one `subscription` element, which contains all information the server needs to send a push message, plus an optional `expires` element that contains the requested expiration time in the `IMF-fixdate` format (as defined in {{RFC9110}}).
178
+
* exactly one `subscription` element, which contains all information the server needs to send a push message,
179
+
* an optional `trigger` element to specify the types of events the client wants to be notified about, and
180
+
* an optional `expires` element that contains the requested expiration time in the `IMF-fixdate` format (as defined in {{RFC9110}}).
174
181
175
182
The `subscription` element specifies a subscription that shall be notified on updates and contains exactly one element with details about a specific subscription type. Within the scope of this document, only the `web-push-subscription` child element is defined (see {{transport-web-push}}).
176
183
177
-
[^todo] By now, only data updates of the collection itself and in direct members (equals `Depth: 1`) are sent. Maybe it could be specified that servers can send one notification per path segment? Implications?
184
+
To specify which updates the client wants to be notified about, it uses the `trigger` element, which itself can contain:
185
+
186
+
* A `content-update` element to indicate the client's interest in notifications when the members of the collection change (_content update_).
187
+
* A `property-update` element to indicate the client's interest in notifications when the WebDAV properties of the collection change (_property update_).
188
+
189
+
If the `trigger` element is missing or empty, the following default will be assumed:
<!-- client wants be notified about content updates of direct members -->
195
+
<content-update>
196
+
<D:sync-level>1</D:depth>
197
+
</content-update>
198
+
199
+
<!-- client wants to be notified about property changes of the collection -->
200
+
<property-update>
201
+
<D:depth>0</D:depth>
202
+
<D:prop/>
203
+
</property-update>
204
+
</trigger>
205
+
~~~
206
+
207
+
### Content Updates {#content-updates}
208
+
209
+
A _content update_ occurs when a member is changed or removed, as defined in {{RFC6578}} _3.5 Types of Changes Reported on Subsequent Synchronizations_ (typically when a member is added or removed or its contents are modified). If the server supports {{RFC6578}}, a content update implies that the `{DAV:}sync-token` changes.
210
+
211
+
The `content` element can contain an optional `{DAV:}sync-level` element (default value when missing: `1`) that specifies whether the client is interested only in changes of internal members or of all members.
212
+
213
+
A server MUST support a `{DAV:}sync-level` of `1` and MAY support `infinite`. In case of `infinite`, the limitations described in {{RFC6578}} _3.3 Depth Behavior_ apply: notifications about changes in members which are not supported by the `DAV:sync-collection` report may not be sent. [^todo] XML error when not supported
214
+
215
+
### Property Updates {#property-updates}
216
+
217
+
A _property update_ occurs when the WebDAV properties of the collection or its members are modified. Notifications about properties update are controlled by two elements within `properties`:
218
+
219
+
1. The optional `{DAV:}depth` element (as defined in {{RFC4918}}, value if missing: `0`) specifies the depth:
220
+
221
+
* A depth of `0` means that the client is only interested in property updates of the subscribed collection itself.
222
+
* A depth of `1` means that the client is interested in property updates of the subscribed collection and its internal members.
223
+
* A depth of `infinite` means that the client is interested in property updates of the subscribed collection and all its members.
224
+
225
+
A server MUST support a `depth` of 0 and MAY support `1` and `infinite`. In case of `infinite`, the limitations described in {{RFC6578}} _3.3 Depth Behavior_ apply: notifications about changes in members which are not supported by the `DAV:sync-collection` report may not be sent. [^todo] XML error when not supported.
226
+
227
+
2. The optional `{DAV:}prop` element (as it may be used in a `PROPFIND` request) specified a list of properties that the client is interested in. The list of properties MUST NOT contain properties that represent a content update, especially `{DAV:}getetag`, `{DAV:}getlastmodified` and `{DAV:}sync-token`. If the `{DAV:}prop` element is not present or empty, the server chooses the properties that it considers to be useful for the client. [^todo] XML error when not supported.
228
+
229
+
### Response
178
230
179
231
Allowed response codes:
180
232
@@ -257,12 +309,10 @@ Expired subscriptions MUST NOT be used anymore as chances are high that doing so
257
309
258
310
A WebDAV-Push server MUST notify registered subscriptions of a subscribed collection:
259
311
260
-
- on a _content update_ of the collection: this is when a member is changed or removed, (as explained in {{RFC6578}}), so that the `{DAV:}sync-token` changes;
261
-
- on a _property update_ of the colleciton: this is when
262
-
- certain properties of the collection (like `DAV:{display-name}`) itself change,
263
-
- or the property itself is removed, which changes its `{DAV:status}` to 4xx.
312
+
- on a _content update_ of the collection, if this was requested during subscription registration,
313
+
- on a _property update_ of the collection, if this was requested during subscription registration.
264
314
265
-
[^todo]Which properties?
315
+
[^todo]Content/property update changes
266
316
267
317
268
318
## Push Message
@@ -292,15 +342,23 @@ Example 1:
292
342
{::include xml/sample-push-message1.xml}
293
343
~~~
294
344
295
-
Here, the contents of the collection with topic `O7M1nQ7cKkKTKsoS_j6Z3w` have changed and the new sync-token (after the change) is `http://example.com/ns/sync/1234`.
345
+
Here, the contents of the collection with topic `O7M1nQ7cKkKTKsoS_j6Z3w` have changed and the new sync-token (after the change) is `http://example.com/ns/sync/1234`. The depth of one indicates that the notification was caused by addition/change/removal of an internal member.
296
346
297
347
Example 2:
298
348
299
349
~~~
300
350
{::include xml/sample-push-message2.xml}
301
351
~~~
302
352
303
-
Here the server notifies the client that the collection with topic `O7M1nQ7cKkKTKsoS_j6Z3w` is no longer available on the server.
353
+
Here, the contents of the collection with topic `O7M1nQ7cKkKTKsoS_j6Z3w` have changed and the new sync-token (after the change) is `http://example.com/ns/sync/1234`. The infinite depth indicates that the notification was caused by addition/change/removal of a member.
354
+
355
+
Example 3:
356
+
357
+
~~~
358
+
{::include xml/sample-push-message3.xml}
359
+
~~~
360
+
361
+
Here the server notifies the client that the collection with topic `O7M1nQ7cKkKTKsoS_j6Z3w` is no longer available on the server. The zero depth indicates that this message is about the collection itself, and not about its members.
304
362
305
363
306
364
## Removal of Invalid Subscriptions
@@ -351,6 +409,7 @@ collection.
351
409
352
410
[^todo] What happens when some component is hacked
353
411
412
+
[^todo] Topic header, don't use insecure hashes
354
413
355
414
356
415
# Web Push Transport {#transport-web-push}
@@ -373,8 +432,6 @@ Usage of message encryption {{RFC8291}} and VAPID {{RFC8292}} is RECOMMENDED. If
373
432
374
433
Support for the Web Push transport is indicated by the `web-push` element in the `transports` collection property.
375
434
376
-
A WebDAV-Push server SHOULD use the collection topic as `Topic` header in push messages to replace previous notifications for the same collection.
377
-
378
435
379
436
## Subscription Registration
380
437
@@ -395,30 +452,10 @@ Example:
395
452
396
453
The push message is delivered via `POST` to the push resource, with `Content-Type: application/xml; charset="UTF-8"`.
397
454
398
-
The push topic SHOULD be used to generate the `Topic` header. Since RFC 8030 limits the `Topic` header to 32 characters from the URL and filename-safe Base64 alphabet, it's RECOMMENDED to use a hash of the push topic that meets these requirements as the header value.
399
-
400
-
The exact algorithm to derive the `Topic` header from the push topic can be chosen by the server.
455
+
The server MAY send the push message with a `Topic` header so that an undelivered push message can be replaced by an updated one. The server MUST ensure that the meaning doesn't change when a push message is potentially replaced. Usually this means that the value is derived from the collection topic and the information whether the push message indicates a content and/or property update. The `Topic` header is visible to the push service, so its value MUST NOT contain sensitive information.
401
456
402
457
The server MAY use the `Urgency` header to set the priority of the push message. For instance, a CalDAV server may send push notifications for new/changed events with alarms that are scheduled within the next 15 minutes with `Urgency: high` so that users receive the alarm as soon as possible. Updates that are not that time-critical for the user, for instance in slowly changing collections like a holiday calendar may be sent with `Urgency: low`.
0 commit comments