HTTP/1.1 From header and FOAF use in RSS aggregators

Privacy issues aside (for the moment), there is a request header called "FROM", RFC 2616 s14.22 describes it.

Now, it does say it should, if given, contain an Internet e-mail address for the human user who controls the requesting user agent. SHOULD isn't MUST though, so what putting the user's homepage there?

It also says "In particular, robot agents SHOULD include this header so that the person responsible for running the robot can be contacted if problems occur on the receiving end."

Ask a stupid question , get a smart answer .

Last year, I thought it was a good idea to abuse referers in order to leave footprints behind when I consume RSS feeds. Then, this past January, the abuse in the practice was revealed and using the User-Agent header was recommended for this.

So, just for the hell of it, I asked about the User-Agent header for use in the context over at Mark’s place to see what responses I’d get. The one that seemed most informative was from Eric Scheid as quoted above, referring me to the HTTP/1.1 spec, section 14.22

As per Eric’s comment and the spec, the value of a “From” header SHOULD be an email address, but I would think that using a URL wouldn’t be too much an abuse of this header. Seems like a good idea to stick either the URL to a blog here, or even better, stick the URL to your FOAF file here.

I’d really like to see this get built into aggregators as an option, though not turned on by defauilt for privacy’s sake. I like the idea of leaving my name or a trail back to me at the doorstep of people whose feeds I’m reading, and I like the idea of standardizing the practice as cleanly as possible. Using the “From” header seems to be the best option so far, versus header abuse and User-Agent overloading.

Man. One of these days, I really have to get around to studying those specs in full, rather than just sporadically referencing them. Thank goodness for smart guys like Mark and Eric (among others) who actually take the time to read these things and try to communicate the gist to the rest of us busy developers!

shortname=from_foaf_rss

Archived Comments

  • Oh yeah. I would love to be able to visit the web sites of those that visit my site.
  • Why not for the From: header use a hash of the e-mail address? Preferably a secure one like SHA or MD5.
  • Well, a hash would work if I already knew the person or had them in my FOAF network somewhere. But, I want to know about new and unexpected readers and follow them back to their blogs and feeds.
  • I would recommend that if you do this with the From: header, to put the URL in parenthesis, as according to RFC-2822 this is considered a comment and code using RFC-2822 parsing for this field (since it's intended to contain an email address) won't choke on it.
  • I would recommend that if you do this with the From: header, to put the URL in parenthesis, as according to RFC-2822 this is considered a comment and code using RFC-2822 parsing for this field (since it's intended to contain an email address) won't choke on it.
  • Sorry about the double post there; the feedback on posting isn't clear that it was actually posted. Also, it is instructive to read through the specs from time to time. A friend is writing a webserver by following RFC-2616 and it's not always exactly clear what needs to be done; there have been times when we've had discussions over what this or that means in the spec (and occasionally we cheat by looking at Apache “under the hood” (so to speak—bet you didn't know you could include comments in header fields, eh?)
  • Please note that pointing to a FoaF file may not be enough to identify a specific person - usually more than one person is described in each file.
Finding the RSS in Amazon searches  Previous This evening's sleep brought to me by science. Next