forked from json-schema-org/json-schema-spec
-
Notifications
You must be signed in to change notification settings - Fork 0
/
jsonschema-hyperschema.xml
1333 lines (1256 loc) · 57.6 KB
/
jsonschema-hyperschema.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY rfc2045 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2045.xml">
<!ENTITY rfc2046 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2046.xml">
<!ENTITY rfc2119 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml">
<!ENTITY rfc3986 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3986.xml">
<!--<!ENTITY rfc4287 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4287.xml">-->
<!--<!ENTITY rfc5226 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5226.xml">-->
<!ENTITY rfc5789 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5789.xml">
<!ENTITY rfc5988 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5988.xml">
<!ENTITY rfc6570 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6570.xml">
<!ENTITY rfc7231 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.7231.xml">
]>
<?rfc toc="yes"?>
<?rfc symrefs="yes"?>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<?rfc strict="no"?>
<?rfc rfcedstyle="yes"?>
<?rfc comments="yes"?>
<?rfc inline="yes" ?>
<rfc category="info" docName="draft-wright-json-schema-hyperschema-02" ipr="trust200902">
<front>
<title abbrev="JSON Hyper-Schema">
JSON Hyper-Schema: A Vocabulary for Hypermedia Annotation of JSON
</title>
<author fullname="Austin Wright" initials="A" surname="Wright" role="editor">
<address>
<email>[email protected]</email>
</address>
</author>
<author fullname="Henry Andrews" initials="H" surname="Andrews" role="editor">
<organization>Cloudflare, Inc.</organization>
<address>
<email>[email protected]</email>
</address>
</author>
<author fullname="Geraint Luff" initials="G" surname="Luff">
<address>
<postal>
<street></street>
<city>Cambridge</city>
<country>UK</country>
</postal>
<email>[email protected]</email>
</address>
</author>
<date year="2017" />
<workgroup>Internet Engineering Task Force</workgroup>
<keyword>JSON</keyword>
<keyword>Schema</keyword>
<keyword>JavaScript</keyword>
<keyword>Object</keyword>
<keyword>Notation</keyword>
<keyword>Hyper Schema</keyword>
<keyword>Hypermedia</keyword>
<abstract>
<t>
JSON Schema is a JSON based format for defining the structure of JSON data.
This document specifies hyperlink- and hypermedia-related keywords of JSON Schema
for annotating JSON documents with hyperlinks and instructions for processing and
manipulating remote JSON resources through hypermedia environments like HTTP.
</t>
</abstract>
<note title="Note to Readers">
<t>
The issues list for this draft can be found at
<eref target="https://github.com/json-schema-org/json-schema-spec/issues"/>.
</t>
<t>
For additional information, see
<eref target="http://json-schema.org/"/>.
</t>
<t>
To provide feedback, use this issue tracker, the communication methods listed on the
homepage, or email the document editors.
</t>
</note>
</front>
<middle>
<section title="Introduction">
<t>
JSON Schema is a JSON based format for defining the structure of JSON data.
This document specifies hyperlink- and hypermedia-related keywords of JSON Schema.
</t>
<t>
The term JSON Hyper-Schema is used to refer to a JSON Schema that uses these
keywords.
</t>
<t>
This specification will use the concepts, syntax, and terminology defined by the
<xref target="json-schema">JSON Schema core</xref> and
<xref target="json-schema-validation">JSON Schema validation</xref> specifications.
It is advised that readers have a copy of these specifications.
</t>
</section>
<section title="Conventions and Terminology">
<t>
<!-- The text in this section has been copied from the official boilerplate,
and should not be modified.-->
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD",
"SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be
interpreted as described in <xref target="RFC2119">RFC 2119</xref>.
</t>
<t>
The terms "schema" and "instance" are to be interpreted as defined in the
<xref target="json-schema">JSON Schema core specification</xref>.
</t>
</section>
<section title="Overview">
<t>
This document describes how JSON Schema can be used to define hyperlinks on instance
data.
It also defines how to provide additional information required to interpret JSON
data as rich multimedia documents.
</t>
<t>
As with all JSON Schema keywords, all the keywords described in the "Schema
Keywords" section are optional. The minimal valid JSON Hyper-schema is the blank
object.
</t>
<figure>
<preamble>
Here is an example JSON Schema defining hyperlinks, and providing a multimedia
interpretation for the "imgData" property:
</preamble>
<artwork>
<![CDATA[
{
"title": "Written Article",
"type": "object",
"properties": {
"id": {
"title": "Article Identifier",
"type": "number",
"readOnly": true
},
"title": {
"title": "Article Title",
"type": "string"
},
"authorId": {
"type": "integer"
},
"imgData": {
"title": "Article Illustration (thumbnail)",
"type": "string",
"media": {
"binaryEncoding": "base64",
"type": "image/png"
}
}
},
"required" : ["id", "title", "authorId"],
"links": [
{
"rel": "self",
"href": "/article{?id}"
},
{
"rel": "author",
"href": "/user?id={authorId}"
}
]
}
]]>
</artwork>
<postamble>
This example schema defines the properties of the instance. For the "imgData"
property, it specifies that that it should be base64-decoded and the resulting
binary data treated as a PNG image.
It also defines link relations for the instance, with URIs incorporating values
from the instance.
<cref>
"id" probably should not normally be a required keyword, since new instances
will have an unknown "id" property until is it assigned by the server.
However, this property is used in a link, and without it, multiple different
instances would be given the same rel=self URI!
</cref>
</postamble>
</figure>
<figure>
<preamble>
An example of a JSON instance described by the above schema might be:
</preamble>
<artwork>
<![CDATA[
{
"id": 15,
"title": "Example data",
"authorId": 105,
"imgData": "iVBORw...kJggg=="
}
]]>
</artwork>
<postamble>
The base-64 data has been abbreviated for readability.
</postamble>
</figure>
<section title="Interaction with validation">
<t>
Hyper-schema keywords can be applied when the instance is valid against
the schema that includes those keywords.
</t>
<t>
Hyper-schemas MUST NOT be applied to an instance if the instance fails to
validate against the validation keywords within or containing the hyper-schema.
Hyper-schema keywords in branches of an "anyOf" or "oneOf" that do not validate,
or in a "dependencies" subschema that is not relevant to the instance, MUST be
ignored.
</t>
<t>
Hyper-schema keywords in a subschema contained within a "not", at any depth,
including any number of intervening additional "not" subschemas, MUST be
ignored.
</t>
<t>
If the subschema for a "contains" keyword contains hyper-schema keywords they
MUST be applied to all array elements that validate against the schema. While
finding a single validating element is sufficient to determine the validation
outcome, when hyper-schema keywords are present, the subschema MUST be evaluated
against all array elements.
</t>
</section>
</section>
<section title="Meta-schema">
<t>
The current URI for the JSON Hyper-Schema meta-schema is
<http://json-schema.org/draft-06/hyper-schema#>.
</t>
</section>
<section title="Schema keywords">
<section title="base">
<t>
If present, this keyword is resolved against the current URI base that the
entire instance is found within, and sets the new URI base for URI references
within the instance.
It is therefore the first URI Reference resolved, regardless of which order it
was found in.
</t>
<t>
The URI is computed from the provided URI template using the same process
described for the <xref target="href">"href"</xref> property of a Link
Description Object.
</t>
<figure>
<preamble>
An example of a JSON schema using "base":
</preamble>
<artwork>
<![CDATA[
{
"base": "/object/{id}",
"links": [
{
"rel": "self",
"href": ""
},
{
"rel": "next",
"href": "{nextId}"
}
]
}
]]>
</artwork>
</figure>
<figure>
<preamble>
An example of a JSON instance using this schema to produce rel="self" and
rel="next" links:
</preamble>
<artwork>
<![CDATA[
{
"id": 41,
"nextId": 42
}
]]>
</artwork>
</figure>
<t>
If the document URI is <http://example.com/?id=41>, then the new URI base
becomes <http://example.com/object/41>
</t>
<t>
Resolving the two Link Description Objects against this URI base creates two
links exactly equivalent to these absolute-form HTTP Link headers:
<list style="symbols">
<t>Link: <http://example.com/object/41>;rel=self</t>
<t>Link: <http://example.com/object/42>;rel=next</t>
</list>
</t>
</section>
<section title="links">
<t>
The "links" property of schemas is used to associate Link Description Objects
with instances. The value of this property MUST be an array, and the items in
the array must be Link Description Objects, as defined below.
</t>
<figure>
<preamble>
An example schema using the "links" keyword could be:
</preamble>
<artwork>
<![CDATA[{
"title": "Schema defining links",
"links": [
{
"rel": "self",
"href": "{id}"
},
{
"rel": "parent",
"href": "{parent}"
}
]
}]]>
</artwork>
</figure>
</section>
<section title="media">
<t>
The "media" property indicates that this instance contains non-JSON data encoded
in a JSON string.
It describes the type of content and how it is encoded.
</t>
<t>
The value of this property MUST be an object.
The value of this property SHOULD be ignored if the instance described is not a
string.
</t>
<section title="Properties of "media"">
<t>
The value of the "media" keyword MAY contain any of the following
properties:
</t>
<section title="binaryEncoding">
<t>
If the instance value is a string, this property defines that the string
SHOULD be interpreted as binary data and decoded using the encoding
named by this property.
<xref target="RFC2045">RFC 2045, Sec 6.1</xref> lists the possible
values for this property.
</t>
</section>
<section title="type">
<t>
The value of this property must be a media type, as defined by
<xref target="RFC2046">RFC 2046</xref>. This property defines the media
type of instances which this schema defines.
</t>
<t>
If the "binaryEncoding" property is not set, but the instance value is a
string, then the value of this property SHOULD specify a text document
type, and the character set SHOULD be the character set into which the
JSON string value was decoded (for which the default is Unicode).
</t>
</section>
</section>
<section title="Example">
<figure>
<preamble>
Here is an example schema, illustrating the use of "media":
</preamble>
<artwork>
<![CDATA[
{
"type": "string",
"media": {
"binaryEncoding": "base64",
"type": "image/png"
}
}
]]>
</artwork>
<postamble>
Instances described by this schema should be strings, and their values
should be interpretable as base64-encoded PNG images.
</postamble>
</figure>
<figure>
<preamble>
Another example:
</preamble>
<artwork>
<![CDATA[
{
"type": "string",
"media": {
"type": "text/html"
}
}
]]>
</artwork>
<postamble>
Instances described by this schema should be strings containing HTML,
using whatever character set the JSON string was decoded into (default
is Unicode).
</postamble>
</figure>
</section>
</section>
<section title="readOnly">
<t>
If it has a value of boolean true, this keyword indicates that the value of the
instance is managed exclusively by the server or the owning authority, and
attempts by a user agent to modify the value of this property are expected to be
ignored or rejected by a server.
</t>
<t>
For example, this property would be used to mark a server-generated serial
number as read-only.
</t>
<t>
The value of this keyword MUST be a boolean.
The default value is false.
</t>
</section>
</section>
<section title="Link Description Object">
<t>
A Link Description Object (LDO) is used to describe a single link relation from the
instance to another resource.
A Link Description Object must be an object.
</t>
<t>
The link description format can be used without JSON Schema, and use of this format
can be declared by referencing the normative link description schema as the schema
for the data structure that uses the links.
The URI of the normative link description schema is:
<eref target="http://json-schema.org/draft-06/links">http://json-schema.org/draft-06/links</eref>
(draft-06 version).
</t>
<section title="Links, operations, and data">
<t>
<cref>
Note that while the current draft does not provide a way to explicity
indicate HTTP method support, some way of providing a non-authoritative
hint may be added in a future draft (see issue #73 in the GitHub repository).
</cref>
</t>
<t>
An operation is a specific use of a link described by an LDO, after any
template variables have been resolved.
</t>
<t>
There are several ways that a client can use data with a link:
<list>
<t> URI Template variables resolved from server-supplied instance data </t>
<t> URI Template variables resolved from user agent data </t>
<t> Replacing or modifying the target resource's representation </t>
<t> Submitting data for processing, where the data has no
inherent relation to the target resource's representation</t>
</list>
The three ways to use client-supplied data are each addressed by a separate
schema keyword within the link description object. When performing operations,
clients SHOULD ignore schemas that are not relevant to their semantics.
</t>
<t>
Link Description Objects do not directly indicate what operations, such
as HTTP methods, are supported by the target resource. Instead, operations
should be inferred primarily from link <xref target="rel">relation types</xref>
and URI schemes. Note, however, that a resource may always decline an operation
at runtime, for instance due to application state that controls the operation's
availability.
</t>
<section title="Resolving templated URIs">
<t>
URI Template variables in <xref target="href">"href"</xref> resolve from
server-supplied instance data by default.
<xref target="hrefSchema">"hrefSchema"</xref> allows a link to specify
a schema for resolving template variables from client-supplied data.
Regular JSON Schema validation features can be used to require resolution
from user agent data, forbid it, or allow user agent data while falling back
to server-supplied instance data if no user agent data is provided.
</t>
<t>
The common pattern of resolving a templated path component with
server-supplied instance data while accepting user agent data to build
a query string can be implemented by setting the "hrefSchema" subschemas
for the path template variables to false, while giving the query string
template variables names that do not appear in the instance. This ensures
that the path variables can only be resolved from the instance, and the
query string variables can only be resolved from user agent data.
See the "hrefSchema" section for an example of this approach.
</t>
</section>
<section title="Manipulating the target resource representation">
<t>
In JSON Hyper-Schema, <xref target="targetSchema">"targetSchema"</xref>
supplies a non-authoritative description of the target resource's
representation. A client can use "targetSchema" to structure input for
replacing or modifying the representation. Alternatively, if "targetSchema"
is absent or if the client prefers to only use authoritative information, it
can interact with the target resource to confirm or discover its
representation structure.
</t>
<t>
"targetSchema" is not intended to describe link operation responses,
except when the response semantics indicate that it is a representation
of the target resource. In all cases, the schema indicated by the response
itself is authoritative. See the
<xref target="targetHTTP" /> for guidance
specific to each HTTP method when using "targetSchema" with HTTP URIs.
</t>
</section>
<section title="Submitting data for processing">
<t>
The <xref target="submissionSchema">"submissionSchema"</xref> and
<xref target="submissionEncType">"submissionEncType"</xref> keywords
describe the domain of the processing function implemented by the target
resource. Otherwise, as noted above, the submission schema and encoding are
ignored for operations to which they are not relevant.
</t>
</section>
</section>
<!-- Possibly include a short section on motivations, including triples, resources, and progressive disclosure -->
<section title="href" anchor="href">
<t>
The value of the "href" link description property is a template used to
determine the target URI of the related resource.
The value of the instance property MUST be resolved as a
<xref target="RFC3986">URI-reference</xref> against the base URI of the
instance.
</t>
<t>
This property is REQUIRED.
</t>
<section title="URI Templating">
<t>
<cref>
The pre-processing rules present in earlier drafts have been removed due
to their complexity and inability to address all limitations with URI
templating.
This section is subject to significant change in upcoming drafts to
replace the old pre-processing with a comprehensive solution.
</cref>
</t>
<t>
The value of "href" is to be used as a URI Template, as defined in
<xref target="RFC6570">RFC 6570</xref>.
However, some special considerations apply:
</t>
<section title="Values for substitution">
<t>
The URI Template is filled out using data from some combination of an
external source and the instance.
Where either instance data or user agent data may be used, this section
will refer simply to "data" or to a "value".
When the source is important, it is specified explicitly.
To allow the use of any object property (including the empty string) or
array index, the following rules are defined:
</t>
<t>
For a given variable name in the URI Template, the value to use is
determined as follows:
<list>
<t>
If the data is an array, and the variable name is a
representation of a non-negative integer, then the value at the
corresponding array index MUST be used (if it exists).
</t>
<t>
Otherwise, the variable name should be percent-decoded, and the
corresponding object property MUST be used (if it exists).
</t>
</list>
</t>
<t>
If <xref target="hrefSchema">"hrefSchema"</xref> is present and
user agent data is provided, the data MUST be a valid instance according
to the value of "hrefSchema".
Template variables, after the process listed above, MUST first
be resolved from the user agent data instance. Any variables left
unresolved MUST be resolved from the resource instance data.
</t>
<section title="Converting to strings">
<t>
When any value referenced by the URI template is null, a boolean or
a number, then it should first be converted into a string as
follows:
<list>
<t>
null values SHOULD be replaced by the text "null"
</t>
<t>
boolean values SHOULD be replaced by their lower-case
equivalents: "true" or "false"
</t>
<t>
numbers SHOULD be replaced with their original JSON
representation.
</t>
</list>
</t>
<t>
In some software environments the original JSON representation of a
number will not be available (there is no way to tell the difference
between 1.0 and 1), so any reasonable representation should be used.
Schema and API authors should bear this in mind, and use other types
(such as string or boolean) if the exact representation is
important.
</t>
</section>
</section>
<section title="Missing values">
<t>
Sometimes, the appropriate values will not be available.
For example, the template might specify the use of object properties,
but no such data was provided (or "hrefSchema" is not present), and the
instance is an array or a string.
</t>
<t>
If any of the values required for the template are neither present in
the user agent data (if relevant) nor the JSON instance, then substitute
values MAY be provided from another source (such as default values).
Otherwise, the link definition SHOULD be considered not to apply to the
instance.
</t>
</section>
</section>
</section>
<section title="hrefSchema" anchor="hrefSchema">
<t>
The value of the "hrefSchema" link description property MUST be
a valid JSON Schema. This schema is used to validate user input
or other user agent data for filling out the URI Template in
<xref target="href">"href"</xref>, as described in that section.
</t>
<t>
Omitting "hrefSchema" or setting the entire schema to "false" prevents
any user agent data from being accepted.
</t>
<t>
Implementations MUST NOT attempt to validate values resolved from
resource instance data with "hrefSchema". This allows for different
validation rules for user agent data, such as supporting spelled-out
months for date-time input but using the standard date-time
format for storage.
</t>
<figure>
<preamble>
For example, this defines a schema for each of the query string
parameters in the URI template:
</preamble>
<artwork>
<![CDATA[{
"href": "/foos{?condition,count,query}",
"hrefSchema": {
"properties": {
"condition": {
"type": "boolean",
"default": true
},
"count": {
"type": "integer",
"minimum": 0,
"default": 0
},
"query": {
"type": "string"
}
}
}
}]]>
</artwork>
</figure>
<figure>
<preamble>
In this example, the schema for "extra" is given as a reference
to keep the user agent data validation constraints identical to the
instance validation constraints for the corresponding property,
while "id" is given a false schema to prevent user agent data for
that variable.
</preamble>
<artwork>
<![CDATA[{
"definitions": {
"extra": {
"type": "string",
"maxLength": 32
}
},
"type": "object",
"properties": {
"id": {
"type": "integer",
"minimum": 1,
"readOnly": true
},
"extra": {"$ref": "#/definitions/extra"}
},
"links": [{
"rel": "self",
"href": "/things/{id}{?extra}",
"hrefSchema": {
"properties": {
"id": false,
"extra": {"$ref": "#/definitions/extra"}
}
}
}]
}]]>
</artwork>
</figure>
<t>
<cref>
The above example simulates the behavior handled in earlier drafts
with a "method" of "get" by using the new "hrefSchema" keyword.
</cref>
</t>
</section>
<section title="rel" anchor="rel">
<t>
The value of the "rel" property indicates the name of the relation to the target
resource. The value MUST be a registered link relation from the
<xref target="RFC5988">IANA Link Relation Type Registry established in RFC 5988</xref>,
or a normalized URI following the <xref target="RFC3986">URI production of RFC 3986</xref>.
</t>
<t>
As defined by RFC 5988, a link connects a context resource
to a target resource, where the nature of the connection
is described by the link relation type. The context
resource is the instance to which the schema (or sub-schema)
applies, rather than any larger document in which the
instance may have been found. The context may be changed
with the <xref target="anchor">"anchor"</xref> property.
</t>
<t>
Depending on the media type of the instance, it may or may
not be possible to assign a URI to the exact default context
resource. In particular, application/json does not define
URI fragment resolution semantics, so properties or array
elements within a plain JSON document cannot be identified
by a URI.
</t>
<t>
Relationship definitions are not normally media type
dependent, and users are encouraged to utilize existing
accepted relation definitions.
</t>
<figure>
<preamble>
For example, if a hyper-schema is defined:
</preamble>
<artwork>
<![CDATA[{
"type": "array",
"items": {
"links": [{
"rel": "item",
"href": "{id}"
}, {
"rel": "up",
"href": "{upId}"
}]
}
}]]>
</artwork>
</figure>
<figure>
<preamble>
And if a collection of instance resources were retrieved with JSON
representation:
</preamble>
<artwork>
<![CDATA[GET /Resource/
[{
"id": "thing",
"upId": "parent"
}, {
"id": "thing2",
"upId": "parent"
}]]]>
</artwork>
<postamble>
This would indicate that for the first item in the collection, its URI as
its own resource would resolve to "/Resource/thing" and the first item's
"up" relation SHOULD be resolved to the resource at "/Resource/parent".
</postamble>
</figure>
<t>
Note that these relationship values are case-insensitive, consistent with their
use in HTML and the <xref target="RFC5988">HTTP Link header</xref>.
</t>
<section title="Security Considerations for "self" links">
<t>
When link relation of "self" is used to denote a full representation of an
object, the user agent SHOULD NOT consider the representation to be the
authoritative representation of the resource denoted by the target URI if
the target URI is not equivalent to or a sub-path of the URI used to request
the resource representation which contains the target URI with the "self"
link.
<figure>
<preamble>
For example, if a hyper-schema was defined:
</preamble>
<artwork>
<![CDATA[{
"links": [{
"rel": "self",
"href": "{id}"
}]
}]]>
</artwork>
</figure>
<figure>
<preamble>
And a resource was requested from somesite.com:
</preamble>
<artwork>
<![CDATA[
GET /foo/
]]>
</artwork>
</figure>
<figure>
<preamble>
With a response of (with newlines and whitespace added):
</preamble>
<artwork>
<![CDATA[Content-Type: application/json; profile="http://example.com/alpha"
[{
"id": "bar",
"name": "This representation can be safely treated
as authoritative "
}, {
"id": "/baz",
"name": "This representation should not be treated as
authoritative the user agent should make request the
resource from '/baz' to ensure it has the authoritative
representation"
}, {
"id": "http://othersite.com/something",
"name": "This representation
should also not be treated as authoritative and the
target resource representation should be retrieved
for the authoritative representation"
}]]]>
</artwork>
</figure>
</t>
</section>
</section>
<section title="anchor" anchor="anchor">
<t>
This property sets the context URI of the link.
The value of the property MUST be resolved as a
<xref target="RFC3986">URI-reference</xref> against
the base URI of the instance.
</t>
</section>
<section title="title">
<t>
This property defines a title for the link.
The value MUST be a string.
</t>
<t>
User agents MAY use this title when presenting the link to the user.
</t>
</section>
<section title="description">
<t>
This property provides additional information beyond what
is present in the title. The value MUST be a string.
While a title is preferably short, a description can be
used to go into more detail about the purpose and usage
of the link.
</t>
<t>
User agents MAY use this description when presenting
the link to the user.
</t>
</section>
<section title="targetSchema" anchor="targetSchema">
<t>
This property provides a schema that is expected to describe
the link target's representation. Depending on the protocol,
the schema may or may not describe the response to any particular
request sent to the link. This property is advisory only.
</t>
<section title=""targetSchema" and HTTP" anchor="targetHTTP">
<t>
The relationship between a resource's representation and HTTP requests and
responses is determined by <xref target="RFC7231">RFC 7231, section 4.3.1 -
"GET", section 4.3.4 "PUT", and section 3.1.4.2,
"Content-Location"</xref>. In particular, "targetSchema" suggests what a
client can expect for the response to an HTTP GET or any response for which
the "Content-Location" header is equal to the request URI, and what a client
should send if it replaces the resource in an HTTP PUT request. Per <xref
target="RFC5789">RFC 5789</xref>, the request structure for an HTTP
PATCH is determined by the combination of "targetSchema" and the request
media type.
</t>
</section>
<section title="Security Considerations for "targetSchema"">
<t>
This property has similar security concerns to that of "mediaType".
Clients MUST NOT use the value of this property to aid in the interpretation
of the data received in response to following the link, as this leaves
"safe" data open to re-interpretation.
</t>
<t>
<figure>
<preamble>
For example, suppose two programmers are having a discussion about
web security using a text-only message board.
Here is some data from that conversation, with a URI of:
http://forum.example.com/topics/152/comments/13
</preamble>
<artwork>
<![CDATA[{
"topicId": 152,
"commentId": 13,
"from": {
"name": "Jane",
"id": 5
},
"to": {
"name": "Jason",
"id": 8
},
"message": "It's easy, just add some HTML like
this: <script>doSomethingEvil()</script>"
}]]>
</artwork>
<postamble>
The message string was split over two lines for readability.
</postamble>
</figure>
</t>
<t>
A third party might then provide the following Link Description Object at
another location:
<figure>
<artwork>
<![CDATA[{
"rel": "evil-attack",
"href": "http://forum.example.com/topics/152/comments/13",
"targetSchema": {