Split up attribute grammars into the corresponding sections

httpwg · Nov 1, 2021 · 38fc7af · 38fc7af
1 parent 6728b5b
commit 38fc7af
Showing 1 changed file with 98 additions and 62 deletions.
diff --git a/draft-ietf-httpbis-rfc6265bis.md b/draft-ietf-httpbis-rfc6265bis.md
@@ -1219,6 +1219,39 @@ said to "receive a cookie" from the request-uri with name cookie-name,
 value cookie-value, and attributes cookie-attribute-list. (See {{storage-model}}
 for additional requirements triggered by receiving a cookie.)
 
+### Syntax {#ua-abnf-syntax}
+
+Based on the parsing algorithms defined above, the following grammar defines
+the syntax requirements enforced by user agents when parsing set-cookie-strings:
+
+~~~ abnf
+set-cookie            = set-cookie-string
+set-cookie-string     = cookie-pair *( BWS ";" OWS cookie-av)
+cookie-pair           = *1(BWS cookie-name BWS "=") BWS cookie-value BWS
+                          ; the sum of the lengths of cookie-name and
+                          ; cookie-value must be less than or equal to 4096
+                          ; octets.
+
+cookie-name           = *4096(cookie-name-octet)
+cookie-value          = *4096(cookie-value-octet)
+cookie-name-octet     = %x09 / %x20-3A / %x3C / %x3E-7E / %x80-FF
+                          ; octets excluding non-whitespace CTLs,
+                          ; semicolon, and equals.
+cookie-value-octet    = %x09 / %x20-3A / %x3C-7E / %x80-FF
+                          ; octets excluding non-whitespace CTLs and
+                          ; semicolon.
+
+cookie-attr           = 1*cookie-name-octet BWS cookie-attr-eq-value BWS
+cookie-attr-eq-value  = "" / ("=" BWS optional-attr-value)
+    ; cookie-attr defines the base syntax for all cookie attributes. More
+    ; specific grammars for each of the recognized attribute names can be
+    ; found in the sections below.
+
+optional-attr-value   = *1024(cookie-value-octet)
+ignored-attr-eq-value = "" / ("=" BWS ignored-atrr-value)
+ignored-attr-value    = optional-attr-value
+~~~
+
 ### The Expires Attribute
 
 If the attribute-name case-insensitively matches the string "Expires", the
@@ -1243,6 +1276,15 @@ user agent MUST process the cookie-av as follows.
 6.  Append an attribute to the cookie-attribute-list with an attribute-name
     of Expires and an attribute-value of expiry-time.
 
+Based on the parsing algorithm above, the syntax requirements for the Expires
+attribute are represented by the grammar below. Expires attributes not
+conforming to this grammar are ignored.
+
+~~~ abnf
+expires-av = "Expires" BWS "=" BWS cookie-date BWS
+               ; cookie-date is defined in the "Dates" section.
+~~~
+
 ### The Max-Age Attribute
 
 If the attribute-name case-insensitively matches the string "Max-Age", the
@@ -1268,6 +1310,16 @@ user agent MUST process the cookie-av as follows.
 7.  Append an attribute to the cookie-attribute-list with an attribute-name
     of Max-Age and an attribute-value of expiry-time.
 
+Based on the parsing algorithm above, the syntax requirements for the Max-Age
+attribute are represented by the grammar below. Max-Age attributes not
+conforming to this grammar are ignored.
+
+~~~ abnf
+max-age-av       = "Max-Age" BWS max-age-eq-value BWS
+max-age-eq-value = "" / ("=" BWS max-age-value)
+max-age-value    = *1024(DIGIT) / ("-" *1023(DIGIT))
+~~~
+
 ### The Domain Attribute
 
 If the attribute-name case-insensitively matches the string "Domain", the user
@@ -1283,6 +1335,18 @@ agent MUST process the cookie-av as follows.
 4.  Append an attribute to the cookie-attribute-list with an attribute-name
     of Domain and an attribute-value of cookie-domain.
 
+Based on the parsing algorithm above, the syntax requirements for the Domain
+attribute are represented by the grammar below. Domain attributes not
+conforming to this grammar are ignored.
+
+~~~ abnf
+domain-av       = "Domain" BWS domain-eq-value BWS
+domain-eq-value = "" / ("=" BWS domain-value)
+domain-value    = optional-attr-value
+                    ; a leading %x2E (period) in domain-value will be
+                    ; removed if present.
+~~~
+
 ### The Path Attribute
 
 If the attribute-name case-insensitively matches the string "Path", the user
@@ -1300,18 +1364,42 @@ agent MUST process the cookie-av as follows.
 2.  Append an attribute to the cookie-attribute-list with an attribute-name
     of Path and an attribute-value of cookie-path.
 
+Based on the parsing algorithm above, the syntax requirements for the Path
+attribute are represented by the grammar below. Path attributes not conforming
+to this grammar are ignored.
+
+~~~ abnf
+path-av       = "Path" BWS path-eq-value BWS
+path-eq-value = "" / ("=" BWS path-value)
+path-value    = optional-attr-value
+~~~
+
 ### The Secure Attribute
 
 If the attribute-name case-insensitively matches the string "Secure", the
 user agent MUST append an attribute to the cookie-attribute-list with an
 attribute-name of Secure and an empty attribute-value.
 
+The syntax requirements for the Secure attribute are represented by the
+grammar below. Secure attributes not conforming to this grammar are ignored.
+
+~~~ abnf
+secure-av = "Secure" BWS ignored-attr-eq-value BWS
+~~~
+
 ### The HttpOnly Attribute
 
 If the attribute-name case-insensitively matches the string "HttpOnly", the
 user agent MUST append an attribute to the cookie-attribute-list with an
 attribute-name of HttpOnly and an empty attribute-value.
 
+The syntax requirements for the HttpOnly attribute are represented by the
+grammar below. HttpOnly attributes not conforming to this grammar are ignored.
+
+~~~ abnf
+httponly-av = "HttpOnly" BWS ignored-attr-eq-value BWS
+~~~
+
 ### The SameSite Attribute
 
 If the attribute-name case-insensitively matches the string "SameSite", the
@@ -1331,6 +1419,16 @@ user agent MUST process the cookie-av as follows:
 5.  Append an attribute to the cookie-attribute-list with an attribute-name
     of "SameSite" and an attribute-value of `enforcement`.
 
+Based on the parsing algorithm above, the syntax requirements for the SameSite
+attribute are represented by the grammar below. SameSite attributes not
+conforming to this grammar are ignored.
+
+~~~ abnf
+samesite-av       = "SameSite" BWS samesite-eq-value BWS
+samesite-eq-value = "" / ("=" BWS samesite-value)
+samesite-value    = "Strict" / "Lax" / "None" / ignored-attr-value
+~~~
+
 #### "Strict" and "Lax" enforcement {#strict-lax}
 
 Same-site cookies in "Strict" enforcement mode will not be sent along with
@@ -1401,68 +1499,6 @@ with
            elapsed since the cookie's creation-time is at most a duration of the
            user agent's choosing.
 
-## Syntax {#ua-abnf-syntax}
-
-Based on the parsing algorithms defined above, the following grammar defines
-the syntax requirements enforced by user agents when parsing
-set-cookie-strings:
-
-~~~ abnf
-set-cookie         = set-cookie-string
-set-cookie-string  = cookie-pair *( BWS ";" OWS cookie-av)
-cookie-pair        = *1(BWS cookie-name BWS "=") BWS cookie-value BWS
-                       ; the sum of the lengths of cookie-name and cookie-value
-                       ; must be less than or equal to 4096 octets
-
-cookie-name        = *4096(cookie-name-octet)
-cookie-value       = *4096(cookie-value-octet)
-cookie-name-octet  = %x09 / %x20-3A / %x3C / %x3E-7E / %x80-FF
-                       ; octets excluding non-whitespace CTLs,
-                       ; semicolon, and equals
-cookie-value-octet = %x09 / %x20-3A / %x3C-7E / %x80-FF
-                       ; octets excluding non-whitespace CTLs and
-                       ; semicolon
-
-cookie-av          = expires-av / max-age-av / domain-av /
-                     path-av / secure-av / httponly-av /
-                     samesite-av / extension-av
-                       ; attributes that don't conform to the grammars
-                       ; below are ignored
-
-ignored-eq-value   = "" / ("=" BWS ignored-value)
-ignored-value      = optional-value
-optional-value     = *1024(cookie-value-octet)
-
-expires-av         = "Expires" BWS "=" BWS cookie-date BWS
-                       ; cookie-date is defined in a separate grammar
-                       ; in a previous section
-
-max-age-av         = "Max-Age" BWS max-age-eq-value BWS
-max-age-eq-value   = "" / ("=" BWS max-age-value)
-max-age-value      = *1024(DIGIT) / ("-" *1023(DIGIT))
-
-domain-av          = "Domain" BWS domain-eq-value BWS
-domain-eq-value    = "" / ("=" BWS domain-value)
-domain-value       = optional-value
-                       ; a leading %x2E (period) in domain-value will be
-                       ; removed if present
-
-path-av            = "Path" BWS path-eq-value BWS
-path-eq-value      = "" / ("=" BWS path-value)
-path-value         = optional-value
-
-secure-av          = "Secure" BWS ignored-eq-value BWS
-
-httponly-av        = "HttpOnly" BWS ignored-eq-value BWS
-
-samesite-av        = "SameSite" BWS samesite-eq-value BWS
-samesite-eq-value  = "" / ("=" BWS samesite-value)
-samesite-value     = "Strict" / "Lax" / "None" / ignored-value
-
-extension-av       = 1*cookie-name-octet BWS extension-eq-value BWS
-extension-eq-value = "" / ("=" BWS optional-value)
-~~~
-
 ## Storage Model {#storage-model}
 
 The user agent stores the following fields about each cookie: name, value,