The Atom Publishing Protocol

The PostURI is used to create entries. These can be either full entries, such as a weblog post, or they can be comments, or even a wiki page. The client POSTs a filled-in Atom Entry to this URI. If the request is successful, one or more Web resources MAY be created. For example, POSTing an Atom entry to a PostURI may create two new Web resources, an HTML representation and an Atom representation.

The PostURI can be discovered in a link element with an @rel of 'service.post'. The link element containing a PostURI used to create a new entry MAY be discovered in three different places. The first place it may be found is in a <link> element in the 'head' element of an HTML document. The second place a PostURI may be found an atom:link element that is a child of the atom:feed element. The third place a PostURI may be found is in the atom:link element of an atom:entry. @@ TBD @@ - Discuss subordinate resources and what a PostURI means based on where the URI was found.

The request contains a filled-in Atom entry, subject to the constraints in section .

The possible status codes from a POST are 201, 303, 400, 404, 409, 410 and 500.

The Response MUST include a Location: header with the URI of the created resource. The URI returned must be the EditURI of the entry just created. The body of the response SHOULD contain the newly created entry. If the entry is present in the response body then it MUST conform to the same constraints listed for responses to a GET on an EditURI. User agents MUST NOT depend on the server returning a response body. If the server does return a response body then the user agents MUST NOT depend on the response body having a content-type of 'application/atom+xml". Note that the server may choose to omit the content in the response, particularly if it is large. A 201 response MAY contain an ETag response header field indicating the current value of the entity tag for the requested variant just created. If the entry returned is subsequently changed the user agent can update the entry by submitting it via PUT to the EditURI. If an ETag was returned with the creation of the entry then the user agent SHOULD include an If-Match: header in the request that contains that ETag.

The body of this response does not contain the filled-in Entry, but the filled-in Entry can be found under a different URI and can be retrieved using a GET method on that resource. The URI SHOULD be given by the Location field in the response.

Indicates that the server believes that the data sent constitutes an invalid request. As an example, the data posted may not be well-formed XML. The server SHOULD include an entity containing an explanation of the error situation, and whether it is a temporary or permanent condition.

The request contained a valid Atom Entry, but it conflicts with state on the server. The response SHOULD contain enough for information for the user to resolve the conflict. [[@@TBD@@ more about response body format]]

Indicates that the server detected an internal error on the server processing this request (such as an unhandled exception). The server SHOULD include an entity containing an explanation of the error situation, and whether it is a temporary or permanent condition.

An EditURI is used to edit a single entry. Each entry that is editable MUST have a unique URI. This URI supports both GET and PUT and they are used in tandem for an editing cycle. The client GETs the representation which is formatted as an Atom entry. The client may then update the entry and then PUT it back to the same URI. The PUT will cause all the related resources to be updated, for example, the HTML representation. Note that the value of the content element in the Atom entry does not have to exactly match the content element for the same entry when it is represented in an Atom feed. For example, a server may allow the client to post entries whose content is formatted as WikiML, yet the server may clean up such markup and transform it into well-formed XHTML before placing it in the publicly available Atom feed. Another scenario is summaries--the EditURI is for editing the full content of an entry, but the server may only present excerpts when it produces an Atom feed. A client will send a DELETE to the EditURI to delete an entry.

For editing a site Entry, the link tag is used. Note that a link tag is used in both HTML and in the Atom format. A link tag of the following format points to the EditURI for a site. In HTML, the link tags for editing are always found in the head element, while in Atom they may appear as children of the entry elements.

A PUT request, and a GET response both contain a filled-in Atom entry, subject to the constraints in section . The expected status codes from a GET are 200, 301, 307, and 500. 400, 404, and 410 are also possible. The expected status codes from a PUT are 2xx, 301, 307, 500 and 501. 400, 404, 409, and 410 are also possible.

Servers MUST indicate successful GET requests with a 200 response. Servers MUST indicate successful PUT requests with a 2xx response. Servers MAY include additional information in the PUT response. Clients SHOULD NOT expect any additional information in a PUT response.

The entry has moved permanently, the new URI is given in the Location header. The client SHOULD retry the GET using the URI returned in the Location header. When a PUT operation is attempted the user agent should prompt the user before attempting the PUT on the URI returned in the Location header.

The entry has moved temporarily, the new URI is given in the Location header. The client SHOULD retry the GET using the URI returned in the Location header. When a PUT operation is attempted the user agent should prompt the user before attempting the PUT on the URI returned in the Location header.

The request contained a valid Atom Entry, but it conflicts with the state of the resource, or other state on the server. For example, a server could signal that the client has erred in this manner if it receives a request containing an atom:id element whose value differs from that of the resource found at the requested URI. The response SHOULD contain enough for information for the user to resolve the conflict. [[@@TBD@@ more about response body format ]]

Indicates that the requested resource is gone permanently. The client SHOULD NOT repeat the request.

The FeedURI is used to retrieve a representation in Atom format. Note that this feed is different from a typical Atom feed in that it contains "link" elements for navigating and manipulating the content of the site. For example there should be a "link" element with rel="next" whose URI points to the next block of entries on the site. Similarly, the feed element can contain a "link" element with rel="service.post", the URI of which is a PostURI. Individual entries should contain "link" elements with rel="service.edit" whose URIs are EditURIs. This document only uses some of the methods available for each type of URI. For example, the only method described by this document for the FeedURI is GET. Any other method may be supported by the URI types described, but defining their behavior is beyond the scope of this document. In this light you may notice that the PostURI only supports the POST method. It is possible, and allowable, that for some implementations the PostURI and the FeedURI are the same URI. @@ Editor's Note: @@ Note that the "service.feed" takes the place of the Introspection File and the Search facet in previous versions of the specification. That is, facet discovery, which was previously done by inspecting the Introspection file is now done by looking for "link" tags with an attribute "rel" set to "service.[something]" in the "service.feed" file. At the same time the same representation replaces the search facet by having "link" tags that point to other feeds using well-known 'rel' attribute values such as 'next' and 'prev', or the search can branch in multiple directions by specifying multiple link tags with rel="service.feed" and having differing title attributes that announce the kind of search results in that feed.

A link tag of the following format points to the FeedURI.

The request is a simple GET. No other verbs are currently specified for this URI.

The expected status codes from a GET are 200, 301, 307, and 500. 401, 404, and 410 are also possible.

The Feed has moved permanently, the new URI is given in the Location header. The client SHOULD do a GET on the URI returned in the Location header.

The Feed has moved temporarily, the new URI is given in the Location header. The client SHOULD do a GET on the URI returned in the Location header.

The ResourcePostURI is used to create new non-entry resources. The client POSTs a resource of the desired MIME type directly to this URI.

For creating a new non-entry resource, the link tag is used. Note that a link tag is used in both HTML and in the Atom format. A link tag of the following format points to the ResourcePostURI for a site. In HTML the link tags are always found in the head element, while in Atom they may appear as children of the Feed and entry elements. <link rel="resource.post" href="URI for Resource Posting goes here" title="The name of the site.">

The request contains a resource, sent through a standard HTTP POST, e.g.:

POST /_do/exampleblog/post_resource HTTP/1.1 Host: www.example.com Content-Type: image/jpeg Content-Length: nnn ...raw bytes of image go here...

The expected status codes from a POST are 201, 303, 400, 415, and 500. 401, 404, 409, and 410 are also possible.

The response MUST include a Location: header with the URI of the created resource, i.e. the URI used to retrieve the resource representation in a subsequent HTTP GET. The server SHOULD omit the content of the resource in the response, since it would be redundant to return it to the client.

Similar to 201 but no caching is allowed. The response MUST include a Location: header.

Indicates that the server believes that the data sent constitutes an invalid request. The server SHOULD include an entity containing an explanation of the error situation, and whether it is a temporary or permanent condition.

The MIME type of the request entity is not supported by the server for this resource. The response SHOULD contain enough for information for the user to resolve the conflict. [[@@TBD@@ more about response body format ]]

Indicates that the server detected an internal error on the server processing this request (such as an unhandled exception). A short description of the error will appear on the status line itself. A longer description will appear in the body.

The link tag is used in both HTML and Atom formats. There are slight differences between the two usages. Here are the commonalities, differences, and a list of well-known values for the rel attribute. The link tag in HTML documents appears in the 'head' of the document. The 'head' section only allows a linear list of 'link' tags. The Atom format allows 'link' tags as children of both the 'feed' element and of the 'entry' element. Note that this gives the information present in the link tag more context. For example ... @@ TBD @@

This attribute describes the relationship from the current document, be it HTML or Atom, to the anchor specified by the href attribute. The value of this attribute is a space-separated list of link types. Note that these values are case insensitive. When used in concert with type="application/atom+xml", the relations may be interpreted as follows. The URI in the href attribute points to an alternate representation of the containing resource. The Atom feed at the URI supplied in the href attribute contains the first feed in a linear sequence of entries. The Atom feed at the URI supplied in the href attribute contains the next N entries in a linear sequence of entries. The Atom feed at the URI supplied in the href attribute contains the previous N entries in a linear sequence of entries. The URI given in the href attribute is used to edit a representation of the referred resource. The URI in the href attribute is used to create new resources. The URI given in the href attribute is a starting point for navigating content and services.

URI of the resource being described by this link element.

Offers advisory information about the link. Rendered to the user to help them choose among a set of links with the same rel and type attributes.

The content type of the resource available at the URI given in the href attribute of the link element. Most of the link types in this specification are on type 'application/atom+xml'.

The Atom format is used as the representation of all the resources in this specification. As it is used in differing contexts, there are different constraints of which elements may be present, and how their values should be interpreted.

MUST NOT be present. MUST be present. MUST be present. MUST be present.

MAY be present. Servers MAY use the information to determine the URI of the created resource. Relative URLs are to be interpreted relative to xml:base. MUST be present. MUST be present. MUST be present.

MUST be present. The element may be empty, to explicitly indicate "no title". Servers SHOULD NOT try to generate a title if one is not provided. The type attribute MAY be present, and if not it defaults to "text/plain". If present, it MUST represent a MIME type that the server supports. The mode attribute MAY be present. If not present, it defaults to "xml". If present, it MUST be "xml", "base64", or "escaped". MUST be present. MUST be present. MUST be present. The element may be empty, to explicitly indicate "no title". Servers SHOULD NOT try to generate a title if one is not provided.

MAY be present. If not present, the server is welcome to produce its own summary. If present but empty, the server SHOULD NOT generate a summary of its own. The type attribute MAY be present. If not, it defaults to "text/plain". If present, it must represent a MIME type that the server supports. The mode attribute MAY be present and defaults to "xml". If present, it must be "xml","base64", or "escaped". MAY be present. MAY be present. MAY be present. The element may be empty, to explicitly indicate "no summary". Servers SHOULD NOT try to generate a title if one is not provided.

MAY be present but may be empty, to explicitly indicate "no content". The type attribute MAY be present, but defaults to "text/plain" if not present. It must represent a MIME type that the server supports. The MODE attribute may be present and defaults to "xml" if not present. It must be "xml","base64", or "escaped". MAY be present. MAY be present. MAY be present. The element may be empty, to explicitly indicate "no content".

MUST be present, but may be empty, in which case it signifies "now" in the time zone of the server. MUST be present. MUST be present. MUST be present. Server policy determines if an updated time is accepted.

MUST NOT be present. MAY be present. MAY be present. MAY be present. The element may be empty, to explicitly indicate that 'now' on the server time is to be used.

MAY be present. MAY be present. MAY be present. MAY be present. The server may or may not accept an updated value. If the server does not allow updating the issued time then any PUT request with a different issued value MUST be rejected.

MAY be present. If not present, the server determines the author. If present, and conflicting with valid values as determined by the server, then the server may change the value of author. MAY be present. MAY be present. MAY be present.

MAY be present. MAY be present. MAY be present. MAY be present.

MUST be present and contain a URI. The value of the element indicates the code base used to create this request. MUST also have an attribute 'version' with a version number. MUST NOT be present. MUST NOT be present. MUST NOT be present.

All instances of publishing Atom entries SHOULD be protected by authentication to prevent posting or editing by unknown sources. Atom servers and clients MUST support one of the following authentication mechanisms, and SHOULD support both. HTTP Digest Authentication [@@TBD@@ CGI Authentication ref] Atom servers and clients MAY support encryption of the Atom session using TLS . There are cases where an authentication mechanism may not be required, such as a publicly editable Wiki, or when using the PostURI to post comments to a site that does not require authentication to create comments.

This authentication method is included as part of the protocol to allow Atom servers and clients that cannot use HTTP Digest Authentication but where the user can both insert its own HTTP headers and create a CGI program to authenticate entries to the server. This scenario is common in environments where the user cannot control what services the server employs, but the user can write their own HTTP services.