draft-ietf-trade-mime-detector-00.txt   draft-ietf-trade-mime-detector-01.txt 
INTERNET-DRAFT MIME Handler Detection INTERNET-DRAFT MIME Handler Detection
May 1999 August 1999
Expires November 1999 Expires February 2000
draft-ietf-trade-mime-detector-01.txt
HTTP MIME Type Handler Detection HTTP MIME Type Handler Detection
---- ---- ---- ------- --------- ---- ---- ---- ------- ---------
Donald E. Eastlake 3rd Donald E. Eastlake 3rd
Chris J. Smith Chris J. Smith
David M. Soroka David M. Soroka
Status of This Document Status of This Document
This draft, file name draft-ietf-trade-mime-detector-00.txt, is This draft, file name draft-ietf-trade-mime-detector-01.txt, is
intended to become an Informational RFC. Distribution of this intended to become an Informational RFC. Distribution of this
document is unlimited. Comments should be sent to the TRADE WG document is unlimited. Comments should be sent to the TRADE WG
mailing list <ietf-trade@eListX.com> or to the authors. mailing list <ietf-trade@eListX.com> or to the authors.
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of [RFC 2026]. Internet-Drafts are all provisions of Section 10 of [RFC 2026]. Internet-Drafts are
working documents of the Internet Engineering Task Force (IETF), its working documents of the Internet Engineering Task Force (IETF), its
areas, and its working groups. Note that other groups may also areas, and its working groups. Note that other groups may also
distribute working documents as Internet-Drafts. distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet- Drafts as reference time. It is inappropriate to use Internet- Drafts as reference
material or to cite them other than as "work in progress". material or to cite them other than as "work in progress".
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft http://www.ietf.org/ietf/1id-abstracts.txt
Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
Abstract Abstract
Entities composing web pages to provide services over HTTP frequently Entities composing web pages to provide services over HTTP frequently
have the problem of not knowing what MIME types have handlers have the problem of not knowing what MIME types have handlers
installed at a user's browser. For example, whether an IOTP or VRML installed at a user's browser. For example, whether an IOTP or VRML
or SET or some streaming media handler is available. In many cases or SET or some streaming media handler is available. In many cases
they would want to display different web pages or content depending they would want to display different web pages or content depending
on a MIME handler's availability. This document summarizes a on a MIME handler's availability. This document summarizes a
reasonable technique to solve this problem for most of the browsers reasonable technique to solve this problem for most of the browsers
actually deployed on the Internet as of April 1999. It is intended actually deployed on the Internet as of August 1999. It is intended
to be of practical use to implementors during the period before the to be of practical use to implementors during the period before the
wide deployment of superior standards based techniques which may be wide deployment of superior standards based techniques which may be
developed. developed.
Table of Contents Table of Contents
Status of This Document....................................1 Status of This Document....................................1
Abstract...................................................2 Abstract...................................................2
Table of Contents..........................................2 Table of Contents..........................................2
1. Introduction............................................3 1. Introduction............................................3
2. The HTTP 'Accepts' Header...............................3 2. The HTTP 'Accept' Header................................3
3. JavaScript..............................................3 3. JavaScript..............................................3
4. Microsoft ActiveX and the Windows Registry..............4 4. Microsoft ActiveX and the Windows Registry..............4
5. Putting It All Together.................................5 5. ECML, The Electronic Commerce Modeling Language.........5
6. Future Development......................................6 6. Putting It All Together.................................5
7. Security Considerations.................................6 7. Future Development......................................6
8. IANA Considerations.....................................6 8. Security Considerations.................................6
9. IANA Considerations.....................................7
References.................................................7 References.................................................8
Appendix A: Browser Version Sniffer Code...................8 Appendix A: Browser Version Sniffer Code...................9
Authors Addresses.........................................12 Authors Addresses.........................................13
Expiration and File Name..................................12 Expiration and File Name..................................13
1. Introduction 1. Introduction
Entities composing web pages to provide services over [HTTP] Entities composing web pages to provide services over [HTTP]
frequently have the problem of not knowing what [MIME] types have frequently have the problem of not knowing what [MIME] types have
handlers installed at a user's browser. For example, whether an handlers installed at a user's browser. For example, whether an
[IOTP] or VRML or SET or some streaming media handler is available. [IOTP] or VRML or [SET] or some streaming media handler is available.
In many cases they would want to display different web pages or In many cases they would want to display different web pages or
content depending on a MIME handler's availability. Sending a content depending on a MIME handler's availability. Sending a
response with a MIME type that is not supported frequently results in response with a MIME type that is not supported frequently results in
interrupting the flow of the user experience, browser queries as to interrupting the flow of the user experience, browser queries as to
what to do with the data being provided, and, of course, failure to what to do with the data being provided, and, of course, failure to
provide the behavior that would have occurred had the correct MIME provide the behavior that would have occurred had the correct MIME
type handler been installed. type handler been installed.
This document describes reasonable techniques to solve this problem This document describes reasonable techniques to solve this problem
for most of the browsers actually deployed on the Internet as of for most of the browsers actually deployed on the Internet as of
April 1999. It is intended to be of practical use to implementors August 1999. It is intended to be of practical use to implementors
during the period before the wide deployment of superior standards during the period before the wide deployment of superior standards
based techniques which may be developed. It is written in terms of based techniques which may be developed. It is written in terms of
determining whether a handler for application/iotp or application/x- determining whether a handler for application/iotp or application/x-
iotp exists but is equally applicable to other MIME types. iotp exists but is equally applicable to other MIME types.
2. The HTTP 'Accepts' Header 2. The HTTP 'Accept' Header
The problem should be solved by the Hyper Text Transport Protocol The problem should be solved by the Hyper Text Transport Protocol
[HTTP] request "Accepts" header which lists accepted [MIME] types. [HTTP] request "Accept" header which lists accepted [MIME] types.
This header is present in both Version 1.0 and 1.1 of HTTP and its This header is present in both Version 1.0 and 1.1 of HTTP and its
content is supposed to be a list of MIME types and subtypes that are content is supposed to be a list of MIME types and subtypes that are
accepted. The only problem is that many browsers just send "*/*". accepted. The only problem is that many browsers just send "*/*".
If the particular MIME type you are looking for is present in the If the particular MIME type you are looking for is present in the
Accepts header, it is generally safe to assume that some specific Accept header, it is generally safe to assume that some specific
handler for it is actually installed or part of the browser. handler for it is actually installed or part of the browser.
NOTE: Although not part of the main topic of this document, if you NOTE: Although not part of the main topic of this document, if you
are designing MIME type handler software and have access to a browser are designing MIME type handler software and have access to a browser
interface that allows you to request the insertion of the MIME type interface that allows you to request the insertion of the MIME type
or types your software handles into the Accepts header, you generally or types your software handles into the Accept header, you generally
should do so. It will make it easier for servers sensitive to that should do so. It will make it easier for servers sensitive to that
MIME type to respond correctly. MIME type to respond correctly.
3. JavaScript 3. JavaScript
Most recent browsers support one or more scripting languages of which Most recent browsers support one or more scripting languages of which
the most widely deployed is "JavaScript". These scripting languages the most widely deployed is "JavaScript". These scripting languages
appear in web pages and permit the interpretive execution of appear in web pages and permit the interpretive execution of
programing language constructs that can probe the browser programing language constructs that can probe the browser
environment, conditionally cause different page contents to be environment, conditionally cause different page contents to be
displayed, etc. For example, Appendix A shows JavaScript available displayed, etc. For example, Appendix A shows JavaScript available
from the Netscape web site for determining what operating system, from the Netscape web site for determining what operating system,
browser, and version you are running on. browser, and version you are running on.
NOTE: JavaScript is a trademark of Netscape Corporation. It was NOTE: JavaScript is a trademark of SUN Microsystems, Inc. It was
originally called LiveScript. It has nothing to do with Java. originally called LiveScript. It has nothing to do with the Java
language.
The syntax for script use appears to be a Hyper Text Markup Language The syntax for script use appears to be a Hyper Text Markup Language
(HTML) comment so that bowsers that do not support scripting will (HTML) comment so that bowsers that do not support scripting will
ignore such items. That is, script use if preceeded by "<!--" and ignore such items. That is, script use if preceeded by "<!--" and
terminated by "-->". The following is a simple example of terminated by "-->". The following is a simple example of
conditional execution of parts of a web page based on JavaScript MIME conditional execution of parts of a web page based on JavaScript MIME
type handler detection. type handler detection.
<SCRIPT LANGUAGE=JAVASCRIPT> <SCRIPT LANGUAGE=JAVASCRIPT>
<!-- hide it <!-- hide it
skipping to change at page 4, line 39 skipping to change at page 4, line 40
} }
} }
// end and hide --> // end and hide -->
</SCRIPT> </SCRIPT>
4. Microsoft ActiveX and the Windows Registry 4. Microsoft ActiveX and the Windows Registry
If running on Internet Explorer version 3 or 4, it is necessary to If running on Internet Explorer version 3 or 4, it is necessary to
query to Windows Registry to determine local MIME type support. query to Windows Registry to determine local MIME type support.
Although these broswers support JavaScript, in v3 the mimeTypes array Although these broswers support JavaScript, in v3 the mimeTypes array
is not present and in v4 it is present but always empty. For is not present and in v4 the mimeTypes array is present but always
example, executing the following code will test for support of the empty. For example, executing the following code will test for
iotp types: support of the IOTP types:
CString iotpString, xiotpString; CString iotpString, xiotpString;
char* Key, Keyx; char* Key, Keyx;
int rc, rcx; int rc, rcx;
iotpString = iotpString =
"SOFTWARE\Classes\MIME\Database\Content Type\application/iotp"; "SOFTWARE\Classes\MIME\Database\Content Type\application/iotp";
xiotpString = xiotpString =
"SOFTWARE\Classes\MIME\Database\Content Type\application/x-iotp"; "SOFTWARE\Classes\MIME\Database\Content Type\application/x-iotp";
Key = iotpString.GetBuffer(1); Key = iotpString.GetBuffer(1);
skipping to change at page 5, line 21 skipping to change at page 5, line 31
else else
{ {
// No IOTP Handler // No IOTP Handler
} }
NOTE: Active X is a trademark of Microsoft and was originally called NOTE: Active X is a trademark of Microsoft and was originally called
Sweeper. Sweeper.
[TBD Stuff about ActiveX glue...?] [TBD Stuff about ActiveX glue...?]
5. Putting It All Together 5. ECML, The Electronic Commerce Modeling Language
[..] A industry group has recently proposed a standard for fields used in
electronic commerce. This fields allow "wallet" software acting for
the consumer to convey standardized information to a merchant,
including information as to what payment related protocols are
supported at the customer site. See [ECML].
6. Putting It All Together
[..]
start>-----+ start>-----+
| |
+------------------+ +------------------+
| Was desired type | NO +-------------------------+ | Was desired type | NO +-------------------------+
|found in Accepts? |------------>| Is JavaScript available | |found in Accept? |------------>| Is JavaScript available |
+------------------+ |and does it show type? | +------------------+ |and does it show type? |
| +-------------------------+ | +-------------------------+
YES | | | | YES | | | |
|<---------------------------+ | NO | |<---------------------------+ | NO |
| YES | | | YES | |
| +---<explorer<--+ | | +---<explorer<--+ |
| | | | | |
| +----------------------+ | | +----------------------+ |
| | Is ActiveX available | | | | Is ActiveX available | |
| |and does it show type?| | | |and does it show type?| |
skipping to change at page 6, line 5 skipping to change at page 6, line 31
|<-----------+ | +----------------->| |<-----------+ | +----------------->|
| V | | V |
remember | Indeterminate remember | remember | Indeterminate remember |
that |. take default that type | that |. take default that type |
type IS | action. is NOT | type IS | action. is NOT |
supported| supported | supported| supported |
X done X X done X
[...] [...]
6. Future Development 7. Future Development
Active work is proceeding in the IETF and World Wide Web Consortium Active work is proceeding in the IETF, World Wide Web Consortium
[W3C], and Electronic Commerce Modeling Language Alliance [ECML]
concerning content and capabilities negotiation. This work is likely concerning content and capabilities negotiation. This work is likely
to lead to superior methods to implement the functionality described to lead to superior methods to implement the functionality described
herein. However, near universal deployment of such new herein. However, near universal deployment of such new
standards/features will take some time. Thus you should expect the standards/features will take some time. Thus you should expect the
methods given herein to be obsoleted, but perhaps not for a few methods given herein to be obsoleted, but perhaps not for a few
years. years.
7. Security Considerations 8. Security Considerations
It should be noted that the type of Active X control suggested above It should be noted that the variety of Active X control suggested
is reader the user's registry, that is, examining their computer and above is reading the user's registry, that is, examining their
reporting back some information it has discovered. This may be a computer and reporting back some information it has discovered. This
concern among some users. may be a concern among some users.
Security of web interactions is normally provided by adopting channel Security of web interactions is normally provided by adopting channel
encryption on the browser to server connections, such as [TLS]. In encryption on the browser to server connections, such as [TLS]. In
the absence of some such additional security outside of HTTP, the absence of some such additional security outside of HTTP,
requests and/or responses may be forged or tampered with. requests and/or responses may be forged or tampered with.
8. IANA Considerations 9. IANA Considerations
None specific to the techniques described herein. For MIME types and None specific to the techniques described herein. For MIME types and
type registration procedures, see [RFCs 2046, 2048]. type registration procedures, see [RFCs 2046, 2048].
References References
[ECML] draft-eastlake-ecom-fields-*.txt, D. Eastlake, T. Goldstein,
<www.ecml.org>.
[HTTP] RFC 1945 - "Hypertext Transfer Protocol -- HTTP/1.0", T. [HTTP] RFC 1945 - "Hypertext Transfer Protocol -- HTTP/1.0", T.
Berners-Lee, R. Fielding & H. Frystyk. May 1996. Berners-Lee, R. Fielding & H. Frystyk. May 1996.
RFC 2068 - "Hypertext Transfer Protocol -- HTTP/1.1", R. RFC 2616 - "Hypertext Transfer Protocol -- HTTP/1.1", R.
Fielding, J. Gettys, J. Mogul, H. Frystyk, T. Berners-Lee. January Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, T.
1997. Berners-Lee. June 1999.
[IOTP] draft-ietf-trade-iotp-v1.0-protocol-*.txt - David Burdett [IOTP] draft-ietf-trade-iotp-v1.0-protocol-*.txt - David Burdett,
1999.
[MIME] RFC 2045 - "Multipurpose Internet Mail Extensions (MIME) Part [MIME] RFC 2045 - "Multipurpose Internet Mail Extensions (MIME) Part
One: Format of Internet Message Bodies", N. Freed & N. Borenstein. One: Format of Internet Message Bodies", N. Freed & N. Borenstein.
November 1996. November 1996.
RFC 2046 - "Multipurpose Internet Mail Extensions (MIME) Part RFC 2046 - "Multipurpose Internet Mail Extensions (MIME) Part
Two: Media Types", N. Freed & N. Borenstein. November 1996. Two: Media Types", N. Freed & N. Borenstein. November 1996.
RFC 2047 - "MIME (Multipurpose Internet Mail Extensions) Part RFC 2047 - "MIME (Multipurpose Internet Mail Extensions) Part
Three: Message Header Extensions for Non-ASCII Text", K. Moore. Three: Message Header Extensions for Non-ASCII Text", K. Moore.
November 1996. November 1996.
RFC 2048 - "Multipurpose Internet Mail Extensions (MIME) Part RFC 2048 - "Multipurpose Internet Mail Extensions (MIME) Part
Four: Registration Procedures", N. Freed, J. Klensin & J. Postel. Four: Registration Procedures", N. Freed, J. Klensin & J. Postel.
November 1996. November 1996.
[SET] [SET]- Secure Electronic Transaction (SET) Specification, Version
1.0, May 31, 1997, available from <http://www.setco.org>.
Book 1: Business Description
Book 2: Programmer's Guide
Book 3: Formal Protocol Definition
[TLS] RFC 2246 - "The TLS Protocol Version 1.0", T. Dierks, C. Allen. [TLS] RFC 2246 - "The TLS Protocol Version 1.0", T. Dierks, C. Allen.
[W3C] Wolrd Wide Web Constortium, <www.w3.org>
Appendix A: Browser Version Sniffer Code Appendix A: Browser Version Sniffer Code
<SCRIPT LANGUAGE="JavaScript"> <SCRIPT LANGUAGE="JavaScript">
<!-- hide JavaScript from non-JavaScript browsers <!-- hide JavaScript from non-JavaScript browsers
//Ultimate client-side JavaScript client sniff. //Ultimate client-side JavaScript client sniff.
//(C)Netscape Communications 1998. Permission granted to reuse and distribute. //(C)Netscape Communications 1998. Permission granted to reuse and distribute.
//Revised 20 April 98 to add is.nav4up and is.ie4up (see below). //Revised 20 April 98 to add is.nav4up and is.ie4up (see below).
// Everything you always wanted to know about your JavaScript client // Everything you always wanted to know about your JavaScript client
// but were afraid to ask ... "Is" is the constructor function for "is" object, // but were afraid to ask ... "Is" is the constructor function for "is" object,
skipping to change at page 12, line 36 skipping to change at page 13, line 36
David M. Soroka David M. Soroka
IBM IBM
Raleigh, NC Raleigh, NC
Telephone: +1 919-486-2684 Telephone: +1 919-486-2684
Fax: +1 919-543-4653 Fax: +1 919-543-4653
email: dsoroka@us.ibm.com email: dsoroka@us.ibm.com
Expiration and File Name Expiration and File Name
This draft expires November 1999. This draft expires February 2000.
Its file name is draft-ietf-trade-mime-detector-00.txt. Its file name is draft-ietf-trade-mime-detector-01.txt.
 End of changes. 

This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/