Issues for Mailing list of the hData REST Binding for RLUS 1.0 (hData) Finalization Task Force
To comment on any of these issues, send email to hdata-ftf@omg.org. (Please include the issue number in the Subject: header, thusly: [Issue ###].) To submit a new issue, send email to issues@omg.org.
List of issues (green=resolved, yellow=pending Board vote, red=unresolved)
Issue 16914: RESTful vs. REST
Issue 16915: Lack of a Normative References section
Issue 16916: Section 3, 3rd definition: typo “is access”
Issue 16917: 6.1.1 penultimate sentence, typo “this documents”
Issue 16918: 7.1 line 2: “This pattern may be combined” – unclear what it may be combined with.
Issue 16919: 8.5 first line type RECOMMEDED
Issue 16920: Annex A: reference [1] is normative for this specification but there is no indication of how it can be obatined
Issue 17233: 6.2 Operations on the Base URL
Issue 17234: 6.3 baseURL/root.xml
Issue 17235: 6.4 baseURL/sectionpath
Issue 17236: GET operation on baseURL/root.xml needs explicit MUST in the requirement
Issue 17237: OPTIONS operation on not-existing baseURL should return 404 status code
Issue 17238: GET operation on non-existing baseURL or sectionpath SHOULD return 404 status code
Issue 17239: DELETE on invalid or not-existing documentname URL should return 404 status code
Issue 17271: Missing action in 6.4.2.2 when not including metadata
Issue 17287: Creating sub-secton incorrectly describes updating the root document
Issue 17308: Wrong target context in 6.5.4 - change 'section' to 'document'
Issue 17313: Minor deletion or rewrite to PUT operation wording
Issue 17348: Section 6.5.1 should specify allowing negotiation through HTTP Accept headers
Issue 17375: separate the general RESTful pattern use from the hData specific features
Issue 17376: Enable the use of version-aware resource URLs
Issue 17377: Alternate content negotiation
Issue 17378: Validation service
Issue 17379: Simple search
Issue 17380: Intermediaries Consideration
Issue 17381: Metadata Communication
Issue 17382: no clear conformance point
Issue 17383: Comments on Section
Issue 17384: Comments on Section 3
Issue 17385: Comments on Section 6
Issue 17386: Pattern for reliability
Issue 17387: Comments on Section 8
Issue 17388: Comments on Section 9
Issue 17566: Need clarificaton for server response to client request using the Max-Forwards header field
Issue 17579: Inconsistent spelling for extensionId in parameter list for 6.2.2
Issue 18133: mime type for format parameter (text/xml vs. xml)
Issue 18134: Represent DELETE in Atom: XML Fragment in Atom:Content
Issue 18135: Content override in two party update
Issue 18136: Atom feed link:rel needs to be version specific
Issue 18137: search extensions (include as non-normative examples)
Issue 18138: subscription push
Issue 18139: Conformance statement
Issue 18221: Revise current (20121004) JSON representation of Atom feed and data in section 6.1.2
Issue 18222: discuss impact of deletion of resources/SectionDocuments onto the Section level Atom feed/JSON bundle to section 6.4.4
Issue 18227: Change 6.5.3 to allow PUT creation of new documents to allow the client to suggest location. Same semantics as 6.4.2.2
Issue 18290: Create a subsection in section 6.1.2 to identify forbidden keywords in paths for URLs
Issue 18291: Create a paragraph in section 6.5 clarifying how resource URL paths are constructed
Issue 18316: security negotiation through the use of custom HTTP headers
Issue 16914: RESTful vs. REST (hdata-ftf)
Click here for this issue's archive.
Source: Unisys (Dr. Doug Tolbert, dtolbert408(at)gmail.com)
Nature: Clarification
Severity: Minor
Summary:
Throughout the text of the RFC document, you refer to "RESTful" while the cover page uses the term "REST" in the title of the RFC. Please reconcile the use of these terms throughout the document.
Resolution: Replaced REST globally with RESTful
Revised Text: (Global replacement)
Actions taken:
January 9, 2012: received issue
April 1, 2013: closed issue
Issue 16915: Lack of a Normative References section (hdata-ftf)
Click here for this issue's archive.
Source: Adaptive (Mr. Pete Rivett, pete.rivett(at)adaptive.com)
Nature: Uncategorized Issue
Severity:
Summary: Lack of a Normative References section e.g. including Atom and other documents referenced as being required for an implementation
Resolution: Update Annex A – Normative References
Revised Text: New Appendix Title for Appendix A is “Annex A – Normative References” and the content has been updated:
“Annex A – Normative References
[1] G. Beuchelt et al., "hData Record Format V1", Draft Standard for Trial Use, Health Layer 7, 2012, online at http://www.hl7.org/documentcenter/public/standards/dstu/HL7_V3_ITS_HDATA_RF_DSTU_R1.pdf
[2] T. Dierks, E. Rescorla “Transport Layer Security (TLS) 1.1,” RFC 4346, IETF, April 2006, online at http://tools.ietf.org/html/rfc4346
[3] M. Nottingham, R. Sayre, “The Atom Syndication Format”, RFC 4287, IETF, December 2005, online at http://tools.ietf.org/html/rfc4287
[4] B. Ramsdell, S. Turner, “S/MIME 3.2 Message Specification,” RFC 5751, IETF, January 2010, online at http://tools.ietf.org/html/rfc5751
[5] S. Josefsson, “Storing Certificates in the Domain Name System (DNS)” RFC 4398, IETF, March 2006, online at http:// tools.ietf.org/html/rfc4398
[6] J. Franks, et al., “HTTP Authentication: Basic and Digest Access Authentication,” RFC 2617, IETF, June 1999, online at http://tools.ietf.org/html/rfc2617
[7] T. Dierks, C. Allen, “The TLS Protocol Version 1.0,” RFC 2246, IETF, January 1999, online at http://tools.ietf.org/html/rfc2246
[8] R. Fielding, et al., “Hypertext Transfer Protocol – HTTP 1.1,” RFC 2616, IETF, June 1999, online at http://tools.ietf.org/html/rfc2616
[9] HL7 Resource Location and Updating Service (RLUS), DSTU Release 1, Health Level Seven, Inc., December 2006, online at http://www.hl7.org/documentcenter/public/standards/dstu/2006SEP/SUPPORT_POOL_V3_RLUS_R1_D1_2006SEP_20061220112743.pdf
[10] B. Ramsdell, “Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification,” RFC 3851, IETF, July 2004, online at http://tools.ietf.org/html/rfc3851
[11] “Cookbook:Preparing the IHE Profile Security Section,” IHE International, October 2008, online at http:// www.ihe.net/Technical_Framework/upload/IHE_ITI_Whitepaper_Security_Cookbook_2008- 11-1 0.pdf
[12] J. Snell, “The Atom ‘deleted-entry’ Element’, RFC 6721, IETF, September 2012, online at http://tools.ietf.org/html/rfc6721
[13] “Retrieve, Locate, and Update Service (RLUS) Specification Version 1.0.1”, Object Management Group, July 2011, online at http://www.omg.org/spec/RLUS/1.0.1”
[14] “Unified Modeling Language Version 2.4.1”, Object Management Group, August 2011, online at http://www.omg.org/spec/UML/2.4.1
[15] “MOF 2 XMI Mapping Version 2.4.1”, Object Management Group, August 2011, online at http://www.omg.org/spec/XMI/2.4.1
Actions taken:
December 15, 2011: received issue
April 1, 2013: closed issue
Issue 16916: Section 3, 3rd definition: typo “is access” (hdata-ftf)
Click here for this issue's archive.
Source: Adaptive (Mr. Pete Rivett, pete.rivett(at)adaptive.com)
Nature: Uncategorized Issue
Severity:
Summary: Section 3, 3rd definition: typo “is access”
Resolution: Corrected to “is accessed”.
Revised Text: OMG hData Restful Transport – the current specification, defining how the abstract hierarchical organization defined within the HRF specification is accessed and modified through a RESTful approach, using HTTP as the access protocol.
Actions taken:
December 15, 2011: received issue
April 1, 2013: closed issue
Issue 16917: 6.1.1 penultimate sentence, typo “this documents” (hdata-ftf)
Click here for this issue's archive.
Source: Adaptive (Mr. Pete Rivett, pete.rivett(at)adaptive.com)
Nature: Uncategorized Issue
Severity:
Summary: 6.1.1 penultimate sentence, typo “this documents”
Resolution: Corrected to “this document.”
Revised Text: When implementers use these extension points, the interoperability assertion of this specification does not extend to such extensions, but only covers those parts of an implementation that are in conformance with this document.
Actions taken:
December 15, 2011: received issue
April 1, 2013: closed issue
Issue 16918: 7.1 line 2: “This pattern may be combined” – unclear what it may be combined with. (hdata-ftf)
Click here for this issue's archive.
Source: Adaptive (Mr. Pete Rivett, pete.rivett(at)adaptive.com)
Nature: Uncategorized Issue
Severity:
Summary: 7.1 line 2: “This pattern may be combined” – unclear what it may be combined with.
Resolution: Clarify this sentence to reference operations in section 6 of the document; add clarification regarding potentially explicit exclusion.
Revised Text: This pattern MAY be combined with any operation in section 6 when interacting with an hData Record or with other message patterns, as long as there is no overloading of HTTP methods or it is explicitly forbidden by this document or the HTTP specification.
Actions taken:
December 15, 2011: received issue
April 1, 2013: closed issue
Issue 16919: 8.5 first line type RECOMMEDED (hdata-ftf)
Click here for this issue's archive.
Source: Adaptive (Mr. Pete Rivett, pete.rivett(at)adaptive.com)
Nature: Uncategorized Issue
Severity:
Summary: 8.5 first line type RECOMMEDED
Resolution: Corrected to RECOMMENDED. Note: this was already corrected in the Beta 1 version
Revised Text: : It is highly RECOMMENDED to perform a comprehensive risk analysis prior to deploying any clinical application.
Actions taken:
December 15, 2011: received issue
April 1, 2013: closed issue
Issue 16920: Annex A: reference [1] is normative for this specification but there is no indication of how it can be obatined (hdata-ftf)
Click here for this issue's archive.
Source: Adaptive (Mr. Pete Rivett, pete.rivett(at)adaptive.com)
Nature: Uncategorized Issue
Severity:
Summary: Annex A: reference [1] is normative for this specification but there is no indication of how it can be obatined
Resolution: Added reference on how to obtain HRF DSTU
Revised Text: [1] G. Beuchelt et al., "hData Record Format V1", Draft Standard for Trial Use, Health Layer 7, 2012, online at http://www.hl7.org/documentcenter/public/standards/dstu/HL7_V3_ITS_HDATA_RF_DSTU_R1.pdf
Actions taken:
December 15, 2011: received issue
April 1, 2013: closed issue
Issue 17233: 6.2 Operations on the Base URL (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Uncategorized Issue
Severity:
Summary: 6.2.5 OPTIONS
OPTIONS on HDR baseURL MUST return 200 status
The implied requirement here is following:
If there is no HDR at the base URL, the server SHOULD return a 404 - Not found status code.
This would then be consistent with requirement in section 6.2.1 for GET operation.
Resolution: Duplicate of Issue 17237, with exception of adding 404. Added the 404 error to address this.
Revised Text:
Actions taken:
March 13, 2012: received issue
April 1, 2013: closed issue
Discussion:
Issue 17234: 6.3 baseURL/root.xml (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Uncategorized Issue
Severity:
Summary: 6.3.1 GET
This operation returns an XML representation of the current root document, as defined by the HRF specification.
Status Code: 200
It can be inferred from this requirement that this is an implied “SHALL” or “MUST” mandatory requirement not an implied SHOULD/RECOMMENDED.
This implies the HTTP response contentType is text/xml or application/xml and the target namespace in the returned document ishttp://projecthdata.org/hdata/schemas/2009/06/core as defined by the HRF spec.
Likewise, not defined if the baseURL does not exist, which should return 404 status code as done with similar HTTP operations.
Recommend rewriting this requirement as follows:
6.3.1 GET
This operation MUST return an XML representation of the current root document, as defined by the HRF specification.
If there is no HDR at the base URL, the server SHOULD return a 404 - Not found status code.
Status Code: 200, 404
Resolution: Rewritten as recommended by submitter. Note that due to renumbering, this section is now 6.3.1.1.
Revised Text: “This operation MUST return an XML representation of the current root document, as defined by the HRF specification. If the server supports non-XML representations of the root Document, the client MAY request different media types through the content negotiation mechanisms.
If there is no HDR at the base URL, the server SHOULD return a 404 - Not found status code. “
Actions taken:
March 13, 2012: received issue
April 1, 2013: closed issue
Issue 17235: 6.4 baseURL/sectionpath (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Uncategorized Issue
Severity:
Summary: 6.4.1 GET This operation MUST return an Atom 1.0 compliant feed of all section documents and child sections contained in this section.
Status Code: 200
The implied requirement here is following:
If baseURL does not exist or no sectionpath of name sectionpath exists, the implementation MUST (SHOULD) return a HTTP status code 404.
This would then be consistent with section 6.5.1 for an invalid/non-existing documentname in the URL.
Resolution: issue withdrawn by submitter, replaced by issue 17238
Revised Text:
Actions taken:
March 13, 2012: received issue
April 20, 2012: closed issue
Issue 17236: GET operation on baseURL/root.xml needs explicit MUST in the requirement (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Clarification
Severity: Minor
Summary: The requirements reads as "This operation returns an XML representation of the current root document, as defined by the HRF specification."
It can be inferred from this requirement that this is an implied “SHALL” or “MUST” mandatory requirement not an implied SHOULD/RECOMMENDED.
Likewise, not defined if the baseURL does not exist, which should return 404 status code as done with similar HTTP operations. This would then be consistent with requirement in section 6.2.
Revised requirement:
This operation MUST return an XML representation of the current root document, as defined by the HRF specification.
If there is no HDR at the base URL, the server SHOULD return a 404 - Not found status code.
Resolution: Resolved with 17234.
Revised Text: : “This operation MUST return an XML representation of the current root document, as defined by the HRF specification. If the server supports non-XML representations of the root Document, the client MAY request different media types through the content negotiation mechanisms.
If there is no HDR at the base URL, the server SHOULD return a 404 - Not found status code. “
Actions taken:
March 13, 2012: received issue
April 1, 2013: closed issue
Issue 17237: OPTIONS operation on not-existing baseURL should return 404 status code (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Clarification
Severity: Minor
Summary: The requirements reads as "OPTIONS on HDR baseURL MUST return 200 status".
The implied requirement is the following which should be appended to this requirement:
If there is no HDR at the base URL, the server SHOULD return a 404 - Not found status code.
This would then be consistent with requirement in section 6.2.1 for the GET operation.
Resolution: Changed in section 6.2.5 to reflect the fact that this only applies to HDR records.
Revised Text: “If the baseURL does not correspond to an HDR, it should not respond with a successful OPTIONS response.”
Actions taken:
March 13, 2012: received issue
April 1, 2013: closed issue
Discussion:
Issue 17238: GET operation on non-existing baseURL or sectionpath SHOULD return 404 status code (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Clarification
Severity: Minor
Summary: 6.4.1 defines a GET with a 200 for success but doesn't address the not found case as defined in other GET operations (e.g. 6.2.1 and 6.5.1)
The implied requirement here is the following, which should be added to the section:
If baseURL does not exist or no sectionpath of name sectionpath exists, the implementation SHOULD (or MUST) return a HTTP status code 404.
This would then be consistent with section 6.5.1 for an invalid/non-existing documentname in the URL
Resolution: Changed as suggested by submitter
Revised Text: “If baseURL does not exist or no sectionpath of name sectionpath exists, the implementation MUST return a HTTP status code 404.
Status Code: 200, 404, 415”
Actions taken:
March 13, 2012: received issue
April 1, 2013: closed issue
Discussion:
Issue 17239: DELETE on invalid or not-existing documentname URL should return 404 status code (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Clarification
Severity: Minor
Summary: Context: 6.5.4 DELETE baseURL/sectionpath/documentname
The implied requirement here is the following, which should be appended to the section to make it consistent with 6.4.4 and 6.5.1:
If baseURL, sectionpath, or target document name does NOT exist, the implementation SHOULD return a 404 - Not found HTTP status code.
Resolution: Changed as suggested by submitter
Revised Text: "If baseURL, sectionpath, or target document name does NOT exist, the implementation SHOULD return a 404 - Not found HTTP status code.
Status Code: 204, 404, 410”
Actions taken:
March 13, 2012: received issue
April 1, 2013: closed issue
Discussion:
Issue 17271: Missing action in 6.4.2.2 when not including metadata (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Revision
Severity: Significant
Summary: Section 6.4.2.2 (Adding new document) describes the case when including metadata in POST operation using
"multipart/form-data", however, it does not describe when not including metadata.
Here's text for the implied requirement:
If POST does not include metadata then MUST POST with a Content Type conforming to the media type of the section. The body of the POST MUST contain the document of the new document. Document metadata in this case MUST be computed from the new document.
This text or something like it must be inserted in this context:
"It is to be treated as informational, since the service MUST compute the valid new metadata based on the requirements found in the HRF specification <INSERT HERE>
The content media type MUST conform..."
Resolution: Added: “If POST does not include metadata then MUST POST with a Content Type conforming to the media type of the section. The body of the POST MUST contain the document of the new document. Document metadata in this case MUST be created by the system, based on instructions in the hData Content Profile applying to the system.”
Revised Text: “If the content cannot be validated against the media type and the XML schema identified by the content type of this section, the server MUST return a status code of 400.
If POST does not include metadata then MUST POST with a Content Type conforming to the media type of the section. The body of the POST MUST contain the document of the new document. Document metadata in this case MUST be created by the system, based on instructions in the hData Content Profile applying to the system.
If the request is successful, the new section document MUST show up in the document feed for the section.”
Actions taken:
March 26, 2012: received issue
April 1, 2013: closed issue
Issue 17287: Creating sub-secton incorrectly describes updating the root document (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Revision
Severity: Significant
Summary: Context:
6.4 baseURL/sectionpath
6.4.2.1 Add new section
OLD text: When creating the section resource, the server MUST update the root document: in the node of the parent section a new child node must be inserted.
This is the same text copied verbatim from section 6.2.2 which describes creating a new Section at the root of the document: "when creating the section resource, the server MUST update the root document: in the node of the parent section a new child node must be inserted" but in the context of creating a sub-section this is incorrect.
The correct rewording should be:
NEW: When creating the sub-section resource, the server MUST update the Atom 1.0 [3] compliant feed for the parent section: a new child node must be inserted as an entry in the Atom content with a link to the new section.
Resolution: The suggested update to the parent section’s Atom feed is correct. At the same time, the root document must also be updated to reflect the changed sectional outlay. The suggested text above is added to the paragraph, but does not replace it.
Revised Text: “When creating the section resource, the server MUST update the root document: in the node of the parent section a new child node must be inserted. When creating a sub-section resource, the server MUST also update the Atom 1.0 [3] compliant feed for the parent section: a new child node must be inserted as an entry in the Atom content with a link to the new section. The server MUST return a 201 status code. The extensionId and path parameters are REQUIRED, the name parameter is OPTIONAL.”
Actions taken:
March 30, 2012: received issue
April 1, 2013: closed issue
Issue 17308: Wrong target context in 6.5.4 - change 'section' to 'document' (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Revision
Severity: Minor
Summary: Context:
6.5 baseURL/sectionpath/documentname
6.5.4 DELETE
Text: Future requests to the *section* URL MAY return a status code of 410, unless the record is restored.
"section" here should be changed to "document" because that is the context here.
Also for clarification does future request mean only GET requests or does it include any/all operations on the document { POST, PUT, DELETE, etc. }
Resolution: The issue is valid and a change was made to address the concern
Revised Text: “If DELETE is implemented, special precautions should be taken to assure against accidental or malicious deletion. Future requests (GET, PUT, POST, DELETE) to the document URL MAY return a status code of 410, unless the record is restored.”
Actions taken:
April 13, 2012: received issue
April 1, 2013: closed issue
Issue 17313: Minor deletion or rewrite to PUT operation wording (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Revision
Severity: Minor
Summary: Context:
6.5 baseURL/sectionpath/documentname
6.5.2 PUT
The text "If the request is successful, the *new* section document MUST show up in the document feed for the section" is not applicable for a document update since it's not a new document but an update.
This is text verbatim from section 6.4.2.2 [Add new document].
The text could be deleted or reworded to something like this:
"If the request is successful, the *updated* section document MUST [continue to] show up in the document feed for the section".
Resolution: Changed as suggested by submitter. Note that this applied to the new section 6.5.3, since it was exchanged with 6.5.2.
Revised Text: “If the request is successful, the updated section document MUST show up in the document feed for the section.”
Actions taken:
April 16, 2012: received issue
April 1, 2013: closed issue
Issue 17348: Section 6.5.1 should specify allowing negotiation through HTTP Accept headers (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Clarification
Severity: Minor
Summary: Section 6.5.1 should specify that content negotiation through HTTP Accept headers is possible, and indicate how this interacts with the metadata specified in the HL7 spec.
Resolution: Accepted, but this was added to section 6.1.2, since this may apply to all resources. Issue 17377 is also fixed in 6.1.2.
Revised Text: Section 6.1.2 has the following paragraph to address this: “Content Negotiation
All URLs within this section MUST support HTTP content negotiation through the use of the HTTP Accept header (see [8]). The client MUST NOT ask for media types not supported by the Content Model. If the client requests an unsupported media type, the server MUST return a HTTP status code 415. “
Actions taken:
May 3, 2012: received issue
April 1, 2013: closed issue
Issue 17375: separate the general RESTful pattern use from the hData specific features (hdata-ftf)
Click here for this issue's archive.
Nature: Uncategorized Issue
Severity:
Summary: The specification as it is describes a particular pattern of use
that includes
aspects that are specific to hData. It would help us greatly to separate the
general RESTful pattern use from the hData specific features; this way, we could
reference the specification directly and it would be clear how we
could conform to it.
Resolution:
Revised Text:
Actions taken:
May 20, 2012: received issue
Discussion: Issue clarified – section 6.1.3 will need to be revised
Issue 17376: Enable the use of version-aware resource URLs (hdata-ftf)
Click here for this issue's archive.
Source: HL7 (Mr. Grahame Grieve, grahame(at)healthintersections.com.au)
Nature: Uncategorized Issue
Severity:
Summary: Most of the changes requested in this section apply to 6.5 of the
hData specification.
FHIR will need to be able to access different versions of a resource.
To enable this most
effectively, the spec should support the following URL extensions on
SectionDocuments
for GET, PUT, and POST operations:
(resourceURL) = (baseURL)/(sectionPath)/(sectionDocument)
(versionAwareResourceURL) = (resource)/history/(version-id)
where (version-id) is any unique string. Also, a GET on the (resourceURL) should
return the representation of the resource in the HTTP body, a status
code of 200, and
a Content-Location header containing the (versionAwareResourceURL) of
the current
version of that resource.
If the resource was deleted with a DELETE, the service SHOULD return a
HTTP status
code 410, with no body. However it MAY return a 404 as alternative.
To enable safe updates, the following process MUST be used:
• The client reads obtains the representation of the current version
by performing a GET
on the (resourceURL). This contains the reference to (versionAwareResourceURL).
• The client makes the necessary changes to the state.
• The client MUST then PUT the updates representation to the
(resourceURL) and quote the versionAwareResourceURL in the Content-Location
header of the PUT operation.
• If the (versionAwareResourceURL) provided by the client is the
current version, the
server accepts the representation and persists the change, and returns a HTTP
response with
• a status code of 202 ok,
• a Content-Location header with the (versionAwareResourceURL) of the new
version, and
• the representation of the new version of the resource in the
• If the (versionAwareResourceURL) represents no longer the current version, the
server MUST return a HTTP response with status code 412, a Content-Location
header with the new (versionAwareResourceURL), and a representation of
the latest
version of the resource.
Resolution: Added version-aware scheme to 6.5, edited 6.5.1 and 6.5.3 (formerly 6.5.2) to address concern
Revised Text: Added to 6.5:
“Versioning
To support versioning and optimistic concurrency control (OCC) of SectionDocuments this specification uses a version-aware URL naming scheme. The implementation MUST support the following extension mechanism:
(versionAwareResourceURL) = (resourceURL)/history/(versionId)
where versionId can be any permissible URL-encoded string. Note that other HTTP-based protocols use ETags for caching and OCC. This specification does not use ETags for two reasons: (i) ETags are optional in HTTP 1.1 and especially disadvantaged devices may decide not to support them. (ii) ETags have been used in the past to enable privacy violating tracking. As a result, some user may decide to disable ETags altogether. “
Changed 6.5.1 to
“6.5.1 GET
A GET on the (resourceURL) MUST return the representation of the document that is identified by documentname within the section identified by sectionpath in the HTTP body, a status code of 200, and a Content-Location header containing the (versionAwareResourceURL) of the current version of that resource. The documentname is typically assigned by the underlying system and is not guaranteed to be identical across two different systems. Implementations MAY use identifiers contained within the infoset of the document as documentnames. If the resource was deleted with a DELETE, the service SHOULD return a HTTP status code 410, with no body. It MAY include a (versionAwareResourceURL) that points to the last valid version before it got deleted. Alternatively it MAY return a 404 status code instead.”
Added to 6.5.3 (formerly 6.5.2)
“To enable safe updates, the following process MUST be used:
• The client reads obtains the representation of the current version by performing a GET on the (resourceURL). This contains the reference to (versionAwareResourceURL).
• The client makes the necessary changes to the state.
• The client MUST then PUT the updates representation to the (resourceURL) and quote the (versionAwareResourceURL) in the Content-Location header of the PUT operation.
• If the (versionAwareResourceURL) provided by the client is the current version, the server accepts the representation and persists the change, and returns a HTTP response with a status code of 202 OK, a Content-Location header with the (versionAwareResourceURL) of the new version, and the representation of the new version of the resource in the response
• If the (versionAwareResourceURL) no longer represents the current version, the server MUST return a HTTP response with status code 412, a Content-Location header with the new (versionAwareResourceURL), and a representation of the latest version of the resource.”
Actions taken:
May 20, 2012: received issue
April 1, 2013: closed issue
Issue 17377: Alternate content negotiation (hdata-ftf)
Click here for this issue's archive.
Source: HL7 (Mr. Grahame Grieve, grahame(at)healthintersections.com.au)
Nature: Uncategorized Issue
Severity:
Summary: Throughout section 6. of the hData spec, the server should accept the
following HTTP
query string to perform alternate media type negotiation:
(URL)?format=(mediaType)
where (mediaType) MUST be a valid Internet Media type. This explicit content
negotiation takes precedence over the Accept-Header negotiation. The
reason why this
is needed is the unreliable support of the Accept-Header mechanism in
clients, particularly
in older development stacks. While we strongly encourage adoption of
the content negotiation
framework per the HTTP specification, we wish to be as inclusive as possible
Resolution: Added text defining this mechanism to section 6.1.2
Revised Text: “In addition, the service SHOULD support alternate content negotiation by allowing to append a HTTP query string of the following form: (URL)?$format=(mediaType) where (URL) is the URL for the resource and (mediaType) is a valid media type supported by the content type of the resource.”
Actions taken:
May 20, 2012: received issue
April 1, 2013: closed issue
Issue 17378: Validation service (hdata-ftf)
Click here for this issue's archive.
Source: HL7 (Mr. Grahame Grieve, grahame(at)healthintersections.com.au)
Nature: Uncategorized Issue
Severity:
Summary: Similar to the version-aware resource structure, the following URL for
sectionDocuments is reserved:
(baseURL)/(sectionPath)/(sectionDocument)/validate/
This allows a client to ask the server whether the attached POSTed
content would be
acceptable as a PUT. By this means that client can
(a) validate business logic during testing concerning correct content
(b) implement a lite two-phase commit alternative that reduces the
chance of partial success of multi-resource operations.
The second functionality overlaps a little with existing functionality
around safe commit,
though what is there now solves a different problem. From the point of
view of FHIR, the
first is at least as important: a real world way to test content
without only having to rely
on claims.
Resolution: Added text defining this mechanism to section 6.5.
Revised Text: : “Validation
Similar to the version-aware resource structure, the following URL for sectionDocuments is reserved:
(validationResourceURL) = (resourceURL)/validate/
This allows a client to ask the server whether the attached POSTed content would be acceptable as a PUT. By this means that client can
• validate business logic during testing concerning correct content, and
• implement a light-weight two-phase commit alternative that reduces the chance of partial success of multi-resource operations.
Implementation of the validation mechanism is NOT REQUIRED.”
Actions taken:
May 20, 2012: received issue
April 1, 2013: closed issue
Issue 17379: Simple search (hdata-ftf)
Click here for this issue's archive.
Source: HL7 (Mr. Grahame Grieve, grahame(at)healthintersections.com.au)
Nature: Uncategorized Issue
Severity:
Summary: To support simple searches over Sections and the entire record, for
the section 6.2 and
6.4, the following URL structure is reserved:
5.1. (baseURL)/search?(queryParameter)
This allows a search over the entire record. The (queryParameter) can
be arbitrary,
but it is RECOMMENDED to use HTTP form-encoding style key/value parameters.
The server returns the results of the query in the form of an Atom
feed, with each Entry
representing a search result.
5.2. (baseURL)/(sectionPath)/search?(queryParameter)
The semantics for this query are identical to the one in 4.1., but the
scope is limited to
the section described by the sectionPath.
Resolution: Created new section 6.6 to implement requested capability.
Added section 6.3.3
Revised Text: New section 6.6:
“6.6 Queries
To support simple queries over the entire hData Record as identified by the (baseURL) as well as individual Sections identified by (baseURL)/(sectionpath) the system MUST support the following extension:
(baseURL)/search?(querystring)
This allows a search over the entire record. The (querystring) can be arbitrary, but it is RECOMMENDED to use HTML form-encoding style key/value parameters, as documented in HTML 4.01, section 17.13.4. The server returns the results of the query in the form of an Atom feed, with each Entry representing a search result. “
(baseURL)/(sectionpath)/search?(querystring)
The semantics for this query are identical to the one above., but the scope is limited to the section described by the (sectionpath). “
“6.3.3 baseURL/search
6.3.3.1 GET
Please refer to section 6.6 for a definition of the query mechanism.
6.3.3.2 POST, PUT, DELETE
These operations MUST NOT be implemented.
Status Code: 405”
Actions taken:
May 20, 2012: received issue
April 1, 2013: closed issue
Issue 17380: Intermediaries Consideration (hdata-ftf)
Click here for this issue's archive.
Source: HL7 (Mr. Grahame Grieve, grahame(at)healthintersections.com.au)
Nature: Uncategorized Issue
Severity:
Summary: The HTTP protocol may be routed through an HTTP proxy such as squid.
Such proxies are transparent to the applications, though implementors
should be alert to the effects of rogue caching.
Interface engines may also be placed between the consumer and the
provider; these differ from proxies because they actively alter the
content and/or destination of the HTTP exchange and are not bound the
rules that apply to HTTP proxies. Such agents are allowed, but must
mark the http header to assist with troubleshooting.
Any agent that modifies an HTTP request or Response content other than
under the rules for HTTP proxie must add a stamp to the HTTP headers
like this:
request-modified-[identity]: [purpose]
response-modified-[identity]: [purpose]
The identity must a single token defined by the administrator of the
agent that will sufficiently identify the agent in the context of use.
The header must specify the agents purpose in modifying the content.
End point systems must not use this header for any purpose; it's aim
is to assist with system troubleshooting.
."
Resolution: This concern is added as another General Consideration to section 6.1.2.
Revised Text: Added to 6.1.2: “Intermediaries Consideration
The HTTP protocol may be routed through an HTTP proxy such as squid. Such proxies are transparent to the applications, though implementers should be alert to the effects of rogue caching. Interface engines may also be placed between the consumer and the provider; these differ from proxies because they actively alter the content or destination of the HTTP exchange, and are not bound by the rules that apply to HTTP proxies. Such agents are allowed, but MUST mark the HTTP header to assist with troubleshooting. Any agent that modifies an HTTP request or response content other than permitted under the rules for HTTP proxies must add a stamp to the HTTP headers like this:
• request-modified-[identity]: [purpose]
• response-modified-[identity]: [purpose]
The identity must be a single token defined by the administrator of the agent that will sufficiently identify the agent in the context of use. The header must specify the agent’s purpose in modifying the content. End point systems must not use this header for any purpose; its aim is to assist with system troubleshooting.”
Actions taken:
May 20, 2012: received issue
April 1, 2013: closed issue
Issue 17381: Metadata Communication (hdata-ftf)
Click here for this issue's archive.
Source: HL7 (Mr. Grahame Grieve, grahame(at)healthintersections.com.au)
Nature: Uncategorized Issue
Severity:
Summary: Section 6.2.5 and 6.3 can be combined into a single way to query for
metadata about
the service. The additional HTTP headers created in 6.2.5 are
problematic for some
clients and/or servers to implement. As such the OPTION operation on
the (baseURL)
could return a body with a XML document instead, which contains the information
contained in the 6.2.5. headers, as well at the root.xml manifest.
This would reduce the
number of roundtrips significantly. There should also be a way to
access this information
without using the OPTIONS command to enable the same information to be available
via a <a href=""> link in a web page.
Resolution: Partially accept. Make OPTIONS on base URL a SHOULD (instead of MUST), and add baseURL/metadata as a reserved URL. Make that document available at baseURL/metadata and also allow sending with OPTIONS body.
Revised Text: Added section 6.3.2: “6.3.2 baseURL/metadata
6.3.2.1 GET
The resource at this URL represents the metadata associate with the operations of this service. Any request to this URL MUST be completed without prior authentication or authorization. The service MUST return an XML document describing implementation specific metadata. The semantics of this records are identical to the values of the header fields in 6.2.5.
Status Code: 200, 415
6.3.2.2 POST, PUT, DELETE
These operations MUST NOT be implemented. Status Code: 405”
Actions taken:
May 20, 2012: received issue
April 1, 2013: closed issue
Issue 17382: no clear conformance point (hdata-ftf)
Click here for this issue's archive.
Source: THALES (Mr. Hugues Vincent, hugues.vincent(at)thalesgroup.com)
Nature: Clarification
Severity: Minor
Summary: There is no clear conformance point but the understatement made by the use of the RFC2119. I propose to rename section 4 "Conformance point" and to add "Implementations must support the entire mapping" before the description of keywords.
Resolution: Section 4 modified as suggested
Revised Text: “4 Conformance Point
Implementations must support the entire mapping of this specification excluding non-normative portions. The keywords “MUST,” “MUST NOT,” “REQUIRED,” “SHALL,” “SHALL NOT,” “SHOULD,” “SHOULD NOT,” “RECOMMENDED,” “MAY,” and “OPTIONAL” in this document are to be interpreted as described in RFC 2119.”
Actions taken:
May 21, 2012: received issue
April 1, 2013: closed issue
Issue 17383: Comments on Section (hdata-ftf)
Click here for this issue's archive.
Source: THALES (Mr. Hugues Vincent, hugues.vincent(at)thalesgroup.com)
Nature: Clarification
Severity: Minor
Summary: How is this wpecification supposed to evolve wrt the version of OMG's RLUS and HL7's RLUS? I believe this should be a bit explained in section 1.
- Complex operations as well as Security need to be also introduced in this section.
- Last paragraph: add reference [12] when speaking of the OMG RLUS PIM.
Resolution: Add clarifying paragraph at the end of section 1
Revised Text: Added:
“The current specification is specific to the current RLUS PIM. If RLUS evolves and adds new functionalities and conformance profiles, the hData specification will need to be updated to reflect these changes accordingly.
In addition to the RLUS conformant operations, this specification introduces a number of additional features and operations specific to the operational needs of REST compliant set of HTTP services in the context of health information exchange: section 7 describes a mechanism to provide receipt confirmation of the message exchange to both client and server. Section 8 provides a general framework for the server to provide information about the supported security mechanisms to the client. “
Actions taken:
May 21, 2012: received issue
April 1, 2013: closed issue
Issue 17384: Comments on Section 3 (hdata-ftf)
Click here for this issue's archive.
Source: THALES (Mr. Hugues Vincent, hugues.vincent(at)thalesgroup.com)
Nature: Clarification
Severity: Minor
Summary: In the paragraph "hData REST Binding for RLUS": "... HRF specification is access..." -> is accessed
- The paragraph "Semantic signifier" speaks about "The UML diagram below..." while there is no UML diagram. If you decided to add such a UML diagram, the matching XMI would be necessary.
Resolution: Corrected typo. Removed sentence for Semantic Signifier.
Revised Text: : “OMG hData Restful Transport – the current specification, defining how the abstract hierarchical organization defined within the HRF specification is accessed and modified through a RESTful approach, using HTTP as the access protocol. It creates a unique mapping to an URL structure, and defines how HTTP verbs such as GET, PUT, DELETE, etc. affect the underlying information.”
Actions taken:
May 21, 2012: received issue
April 1, 2013: closed issue
Issue 17385: Comments on Section 6 (hdata-ftf)
Click here for this issue's archive.
Source: THALES (Mr. Hugues Vincent, hugues.vincent(at)thalesgroup.com)
Nature: Clarification
Severity: Minor
Summary: The Get/Put/Delete/Post subsection are not allways listed in the same order, which doesn't ease the reading and the finding of information.
- Section 6.2.5: add a reference to the section 8 which is also speaking about this point.
- Section 6.4.1: ", is RECOMMENDED" -> ", it is RECOMMENDED"
Resolution: Accepted the request to swap 6.5.2 and 6.5.3.
Revised Text: (Exchange sections in the text).
Actions taken:
May 21, 2012: received issue
April 1, 2013: closed issue
Issue 17386: Pattern for reliability (hdata-ftf)
Click here for this issue's archive.
Source: THALES (Mr. Hugues Vincent, hugues.vincent(at)thalesgroup.com)
Nature: Revision
Severity: Significant
Summary: Section 7.1: in which way this pattern is "reliable"? A clear explanation of which risks are covered is needed here.
Resolution: Expanded the introduction in 7.1 to address concerns
Revised Text: Added to 7.1:
In the context of this specification, “reliable” means that both sender and service provider have confirmation that the other side has successfully received the information exactly once. For example, in a medication administration scenario, the sender would be the prescribing provider, and the service would be an order system that informs the staff to administer a given product. In this case, the system would need to make sure that:
(i) the prescription is sent only once,
(ii) the sender receives an acknowledgement from the medication administration service that received the information, and
(iii) the medication service is assured that the sender received that acknowledgement.
Items (i) is guaranteed by the idempotency of the operations, item (ii) is achieved through the standard HTTP request/response pattern, and item (iii) is achieved through the pattern described in this section. “
Actions taken:
May 21, 2012: received issue
April 1, 2013: closed issue
Issue 17387: Comments on Section 8 (hdata-ftf)
Click here for this issue's archive.
Source: THALES (Mr. Hugues Vincent, hugues.vincent(at)thalesgroup.com)
Nature: Clarification
Severity: Significant
Summary: Section 8.1 - 2nd paragraph: sentence not parsable: "If the custom security mechanism The URIs..."
- Bullet 2: should be "URI or none" on account of the HTTP Transport Security
- Bullet 5: "State Diagram": what is the format of this UML state diagram? XMI?
- Section 8.3 - last sentence: which "template" are you speaking of?
- Section 8.4 and 8.5: these sections should be noted as informative or non-normative (in their title)
Resolution: : Incorporated suggested changes for 8.1, 8.4, and 8.5. The reference in section 8.3 was broken and should have pointed back to section 8.1. An additional clarification was added to the 2nd paragraph in section 8.1.
Revised Text: Section 8.1, 2nd paragraph:
“It is RECOMMENDED that hData Content Profiles include a detailed specification of any required custom security mechanisms. The URIs for identifying these additional security mechanisms SHOULD be made unique by using the DNS domain name in the first part of the URI. Below is the template for specifying such a security mechanism.”
Section 8.1, Bullet 2:
“2. Identifier (REQUIRED) – URI or none, recommended to include the originating organization’s DNS domain name for uniqueness. NOT REQUIRED for transport security (see 4.2.1). It is RECOMMENDED to use a URL that resolves into the HTML representation of the security mechanism specification.”
Section 8.1, Bullet 5:
“5. State diagram (RECOMMENDED) – UML state diagram, identifies all actors and illustrates all allowed interaction patterns. The state diagram SHOULD be encoded in the latest released version of XMI.”
Section 8.3, last sentence: “The security mechanism description MUST comply with the template specified in Section 8.1.”
Title Section 8.4: “General Web Security Considerations (Non-Normative)”
Title Section 8.5: “Risk Assessment Approach and Best Practices (Non-Normative)”
Actions taken:
May 21, 2012: received issue
April 1, 2013: closed issue
Issue 17388: Comments on Section 9 (hdata-ftf)
Click here for this issue's archive.
Source: THALES (Mr. Hugues Vincent, hugues.vincent(at)thalesgroup.com)
Nature: Clarification
Severity: Significant
Summary: This section must be noted as non-normative (in the title)
- Section 9.2 - in the table: replace "(version 1.0.1...)" with the reference [12]
Resolution: Update the title and reference in the table
Revised Text: Updated title and reference in table.
Title Section 9: “Realization of RLUS Profiles (Non-Normative)”.
Actions taken:
May 21, 2012: received issue
April 1, 2013: closed issue
Issue 17566: Need clarificaton for server response to client request using the Max-Forwards header field (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Clarification
Severity: Minor
Summary: Section 6.2.5 states "client MUST NOT use the Max-Forward header when requesting the security mechanisms for a given HDR" but no action is defined for the server.
If Max-Forwards field is truly not permitted on the OPTION operation then recommend adding expected the server action. Suggest to return a 403 Forbidden status code with optional message "Request cannot include Max-Forwards header field".
References:
Max-forwards usage:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.2
HTTP status codes
http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
Resolution: Change section 6.2.5 accordingly
Revised Text: Add: If it does, the server MUST return a 403 Forbidden status code with optional message "Request cannot include Max-Forwards header field".
Actions taken:
August 27, 2012: received issue
April 1, 2013: closed issue
Issue 17579: Inconsistent spelling for extensionId in parameter list for 6.2.2 (hdata-ftf)
Click here for this issue's archive.
Source: MITRE (Mr. Jason Mathews, mathews(at)mitre.org)
Nature: Revision
Severity: Minor
Summary: 6.2.2 POST Parameters:extensionID, path, name
But the body of the section defines the 'extensionId' parameter with different spelling.
This should be consistent with created sub-section as defined in 6.4.2.1 which uses extensionId in all occurrences.
extensionID should be corrected and renamed to "extensionId".
Resolution: Make changes to 6.2.2
Revised Text: Change header to
“6.2.2 POST – Parameters:extensionId, path, name”
Actions taken:
September 11, 2012: received issue
April 1, 2013: closed issue
Issue 18133: mime type for format parameter (text/xml vs. xml) (hdata-ftf)
Click here for this issue's archive.
Source: Demandware (Mr. Gerald Beuchelt, gbeuchelt(at)demandware.com)
Nature: Uncategorized Issue
Severity:
Summary: mime type for format parameter (text/xml vs. xml)
- exception for xml and json
- MUST accept full MIME types
Resolution: Add text to section 6.1.2 (General Conventions and Considerations) to allow clients to use simplified media types and require server to support this.
Revised Text: “. Since XML and JSON based formats will be commonly used, clients MAY use “xml” instead of “text/xml” and “json” instead of “application/json”, respectively. Servers MUST understand these abbreviated media types.”
Actions taken:
October 5, 2012: received issue
April 1, 2013: closed issue
Issue 18134: Represent DELETE in Atom: XML Fragment in Atom:Content (hdata-ftf)
Click here for this issue's archive.
Source: Demandware (Mr. Gerald Beuchelt, gbeuchelt(at)demandware.com)
Nature: Uncategorized Issue
Severity:
Summary: Represent DELETE in Atom: XML Fragment in Atom:Content
- Needs to be for 410 resources, not for 404
Resolution: Add text to section 6.5.4 indicating that this SHOULD be done for SectionDocuments that are DELETED and return a 410.
Revised Text: In section 6.5.4: “In this case, the Atom feed for the Section formerly containing the SectionDocument SHOULD inject a <at:deleted-entry> node into the feed as described in [12] and use the same representation in the JSON representation, if used.”
In the Normative References Appendix: “[12] J. Snell, “The Atom ‘deleted-entry’ Element’, RFC 6721, IETF, September 2012, online at http://www.rfc-editor.org/rfc/rfc6721.txt”
Actions taken:
October 5, 2012: received issue
April 1, 2013: closed issue
Issue 18135: Content override in two party update (hdata-ftf)
Click here for this issue's archive.
Source: Demandware (Mr. Gerald Beuchelt, gbeuchelt(at)demandware.com)
Nature: Uncategorized Issue
Severity:
Summary: Describe obligations and error codes around create/updates
- Server can deny update request when update is incorrect
- (HTTP PUT)
- This may be best suited to be resolved at the FHIR specification level
Resolution: Clarification in section 6.1.2, “Incorrect Updates”
Revised Text: "Servers are permitted to reject update operations because of integrity concerns or business rules implemented on the server, and return HTTP status code 409 Conflict."
Actions taken:
October 5, 2012: received issue
April 1, 2013: closed issue
Issue 18136: Atom feed link:rel needs to be version specific (hdata-ftf)
Click here for this issue's archive.
Source: Demandware (Mr. Gerald Beuchelt, gbeuchelt(at)demandware.com)
Nature: Uncategorized Issue
Severity:
Summary: - MUST support version specific retrieval of current version
- MAY support version specific retrieval of older version
Resolution: Add text to the paragraphs on section Atom feed in section 6.4, and version-specific URLs for SectionDocuments in section 6.5.
Revised Text: Add to section 6.4: “For section documents, this link MUST be the version specific link (see section 6.5).
Add to Section 6.5; “The server MUST support version specific retrieval of the current version, and MAY support version specific retrieval of older versions. “
Actions taken:
October 5, 2012: received issue
April 1, 2013: closed issue
Issue 18137: search extensions (include as non-normative examples) (hdata-ftf)
Click here for this issue's archive.
Source: Demandware (Mr. Gerald Beuchelt, gbeuchelt(at)demandware.com)
Nature: Uncategorized Issue
Severity:
Summary: - $INCLUDE
- others
Resolution: Add clarifying paragraph to section 6.6. on searching
Revised Text: “The entries in the Atom feed (or its JSON representation) have a defined order, though there is not necessarily an underlying meaning in the ordering. Other specifications using the hData REST Transport MAY assign a specific semantic to the ordering of the Atom feed resulting from a query."
Actions taken:
October 5, 2012: received issue
April 1, 2013: closed issue
Issue 18138: subscription push (hdata-ftf)
Click here for this issue's archive.
Source: Demandware (Mr. Gerald Beuchelt, gbeuchelt(at)demandware.com)
Nature: Uncategorized Issue
Severity:
Summary: - client pushes feed
- enable "bulk" update
- POST to Section (see 6.4.2.2)
Resolution: Add paragraph to section 6.4.2.2 that implements this function
Revised Text: “The server MAY support bulk updates of sections: if the media type is set to “application/xml+atom”, the client MUST send a valid Atom 1.0 feed that complies with the requirements for the Atom feed provided by the section. The server will parse the feed and add any <atom:entry> as a new SectionDocument to the section. If the client intends to update a server resource, it MUST include the server URL for that resource in the <atom:link rel=”self”> element of the entry. If the client intends to create a new SectionDocument, it MUST NOT use <atom:link rel=”self”>.
If the POSTed feed contains entries that the server already knows about, it MUST update these entries if they are different from the server’s version.”
Actions taken:
October 5, 2012: received issue
April 1, 2013: closed issue
Issue 18139: Conformance statement (hdata-ftf)
Click here for this issue's archive.
Source: Demandware (Mr. Gerald Beuchelt, gbeuchelt(at)demandware.com)
Nature: Uncategorized Issue
Severity:
Summary: - use baseURL/metadata to allow service information
- provide current baseURL/conf as non-normative example
Resolution: Added the following text as section 6.3.2.
Revised Text: “6.3.2 baseURL/metadata
6.3.2.1 GET
The resource at this URL represents the metadata associate with the operations of this service. Any request to this URL MUST be completed without prior authentication or authorization. The service MUST return an XML document describing implementation specific metadata. The semantics of this records are identical to the values of the header fields in 6.2.5.
Status Code: 200, 415
6.3.2.2 POST, PUT, DELETE
These operations MUST NOT be implemented.
Status Code: 405”
Actions taken:
October 5, 2012: received issue
April 1, 2013: closed issue
Issue 18221: Revise current (20121004) JSON representation of Atom feed and data in section 6.1.2 (hdata-ftf)
Click here for this issue's archive.
Source: Demandware (Mr. Gerald Beuchelt, gbeuchelt(at)demandware.com)
Nature: Uncategorized Issue
Severity:
Summary: revise current (20121004) JSON representation of Atom feed and data in section 6.1.2, and incorporate lessons-learned from FHIR implementation
Resolution: Updated Section 6.1.2 and added non-normative Annex C
Revised Text: In Section 6.1.2:
“For Section-level URLs and query responses it is RECOMMENDED to allow representation of the Atom feed in at least the standard application/atom+xml media type, as well as in application/json media type. This is achieved by representing the Atom feed through a JSON object. This object is built as follows:
• The object SHOULD have an attribute “updated” with the time of the completion of the query rendered by calling the JavaScript Date.toString method.
• The object SHOULD include an attribute “self” with a URL pointing to the URL corresponding to the query.
• The object MUST include an array called “entries” that contains objects corresponding to the results of the query.
The objects contained in the entries correspond to SectionDocuments, and each object in the array MUST contain the following attributes:
• An attribute called “id” that is set to the path segment of the documentname in the URL for the SectionDocument (see section 6.5).
• An attribute called “self” that MUST contain a URL which points to the (resourceURL), as defined in section 6.5.
• An attribute called “updated” that MUST contain the time of the last update to the SectionDocument. It is rendered according to the rules of ECMAScript Date interchange format (see ECMA-262, section 15.9.1.15).
Example (non-normative):
{
“updated”:”2012-10-21T12:34:28Z”,
“self”:http://example.com/foo/bar”,
“entries”:[
{
“id”:”123456”,
“self”:http://example.com/foo/bar/123456”,
“updated”:”2012-10-21T12:34:28Z”
},
{
“id”:”9876”,
“self”:http://example.com/foo/bar/9876”,
“updated”:”2012-10-21T12:34:28Z”
}
]
}
This example is equivalent to the following Atom feed:
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>Example Query</title>
<link rel=“self”
href="http://example.com/foo/bar"/>
<updated>2012-10-21T12:34:28Z</updated>
<entry>
<title>123456</title>
<link rel=“self” href="http://example.com/foo/bar/123456"/>
<id>123456</id>
<updated>2012-10-21T12:34:28Z</updated>
</entry>
<entry>
<title>9876</title>
<link rel=“self” href="http://example.com/foo/bar/9876"/>
<id>9876</id>
<updated>2012-10-21T12:34:28Z</updated>
</entry>
</feed>”
In Annex C;
“JSON Bundles (Atom feeds)
There are several initiatives to define a JSON format for Atom, all of which are suffering from having to simulate properties, namespaces and other xml-specific features. Instead, FHIR defines a JSON format that is tailored to the specific needs for bundles. Each element in the Xml feed definition has a JSON corresponding JSON object member with the same name. Here is an example feed returning search results for a person query:
{
"title" : "Search result",
"updated" : "2012-09-20T12:04:45.6787909+00:00",
"id" : "50ea3e5e-b6a7-4f55-956c-caef491bbc08",
"link" : [
{
"rel" : "self",
"href" : "http://ip-
0a7a5abe:16287/fhir/person?format=json"
}
],
"entry" : [
{
"title" : "Resource of type Person,
with id = 1 and version = 1",
"link" : [
{
"rel" : "self",
"href" : "http://example.com/
person/@1/history/@1"
}
],
"id" : "http://example.com/
person/@1",
"updated" : "2012-05-29T23:45:32+00:00",
"published" : "2012-09-
20T12:04:47.3012429+00:00",
"author" : [
{
"name" : "John Doe"
}
],
"category" : [
{
"term" : "Person",
"scheme" : "http://example.com/
/resource-types"
}
],
"content" : {
"Person" : { ...person content in JSON... }
},
"summary" : "<div xmlns=\"http://www.w3.org/1999/xhtml\">(text summary)</div>",
"version" : "1"
},
... other entries ....
]
}
Note that property names for elements that can repeat are not pluralized for consistency of overall approach.
Bundling versions - deletion
When returning a set of versions for a resource, a version might indicate a deletion. While the XML format follows RFC 6721, the JSON format needs to use an entry item to retain the logical order of entries:
.. feed ..
"entry" : [
... other entries ....,
{
"deleted" : "2012-05-29T23:45:32+00:00",
"link" : [
{
"rel" : "self",
"href" : "http://example.com/
person/@1/history/@1"
}
],
"id" : "http://example.com/person/@1",
},
... other entries ....
]
... feed ...
The entry is known to be deleted because a date of deletion is given. An id must be provided, and a link may be provided.
Actions taken:
October 24, 2012: received issue
April 1, 2013: closed issue
Issue 18222: discuss impact of deletion of resources/SectionDocuments onto the Section level Atom feed/JSON bundle to section 6.4.4 (hdata-ftf)
Click here for this issue's archive.
Source: HL7 (Mr. Grahame Grieve, grahame(at)healthintersections.com.au)
Nature: Uncategorized Issue
Severity:
Summary: discuss impact of deletion of resources/SectionDocuments onto the Section level Atom feed/JSON bundle to section 6.4.4
Resolution: This should apply to section 6.4.1 – GET on baseURL/sectionpath.
Added text clarifying the impact of DELETE of a document (as described in section 6.5.4).
Revised Text: Add a the end of first paragraph:
“For documents that were deleted using the DELETE operation in section 6.5.4, the server SHOULD create an Atom entry with a <at:deleted-entry> node set as described in section 6.5.4. “
Actions taken:
October 24, 2012: received issue
April 1, 2013: closed issue
Issue 18227: Change 6.5.3 to allow PUT creation of new documents to allow the client to suggest location. Same semantics as 6.4.2.2 (hdata-ftf)
Click here for this issue's archive.
Source: Demandware (Mr. Gerald Beuchelt, gbeuchelt(at)demandware.com)
Nature: Uncategorized Issue
Severity:
Summary: Change 6.5.3 to allow PUT creation of new documents to allow the client to suggest location. Same semantics as 6.4.2.2, if conflict return 409
Resolution: Change section 6.5.3 to reflect updated semantics
Revised Text: Delete: “The PUT operation MUST NOT be used to create a new document; new documents MUST be created by POSTing to the section. If the client attempts to create a new document this way, the server MUST return a 404.”
Add to the end of section:
“This operation MAY be used to create a new document at a specific location, if the client desires to suggest naming of the resource. The document creation rules in section 6.4.2.2 apply to this operation with the following changes:
• If the server cannot create a document this way, it MUST return a HTTP status code of 409 – Conflict.
• Bulk updates MUST NOT be attempted through this operation. If the client sends an Atom media type, the server MUST return a status code of 415 – Unsupported Media type. “
Add status codes 409 and 415; remove status code 404.
Actions taken:
October 24, 2012: received issue
April 1, 2013: closed issue
Issue 18290: Create a subsection in section 6.1.2 to identify forbidden keywords in paths for URLs (hdata-ftf)
Click here for this issue's archive.
Source: Demandware (Mr. Gerald Beuchelt, gbeuchelt(at)demandware.com)
Nature: Clarification
Severity:
Summary: Create a subsection in section 6.1.2 to identify forbidden keywords in paths for URLs
Resolution: Added text in section 6.1.2
Revised Text: Added:
“Forbidden Keywords
To allow optional extensions, the sectionpath and the SectionDocument documentname MUST NOT use any of the following keywords
• history
• root
• search
• validate”
Actions taken:
December 13, 2012: received issue
April 1, 2013: closed issue
Issue 18291: Create a paragraph in section 6.5 clarifying how resource URL paths are constructed (hdata-ftf)
Click here for this issue's archive.
Source: Demandware (Mr. Gerald Beuchelt, gbeuchelt(at)demandware.com)
Nature: Uncategorized Issue
Severity:
Summary: Create a paragraph in section 6.5 clarifying how resource URL paths are constructed
Resolution: Added text in section 6.1.2.
Revised Text: Added:
“The resource URL for a SectionDocument is constructed as follows:
(resourceURL) = baseURL/sectionpath/documentname
Note that the sectionpath may contain more than one path segment. To support the functionality described in this section, the (resourceURL) can be extended in different ways.”
Actions taken:
December 13, 2012: received issue
April 1, 2013: closed issue
Issue 18316: security negotiation through the use of custom HTTP headers (hdata-ftf)
Click here for this issue's archive.
Source: Demandware (Mr. Gerald Beuchelt, gbeuchelt(at)demandware.com)
Nature: Uncategorized Issue
Severity:
Summary: We had identified a potential issue for a future hData RTF regarding the security negotiation through the use of custom HTTP headers. A future version of hData should use the WWW-Authenticate header instead of any X-hdata-* custom headers.
Resolution:
Revised Text:
Actions taken:
December 13, 2012: received issue