Issue 17380: Intermediaries Consideration (hdata-ftf) Source: HL7 (Mr. Grahame Grieve, grahame(at)healthintersections.com.au) Nature: Uncategorized Issue Severity: Summary: The HTTP protocol may be routed through an HTTP proxy such as squid. Such proxies are transparent to the applications, though implementors should be alert to the effects of rogue caching. Interface engines may also be placed between the consumer and the provider; these differ from proxies because they actively alter the content and/or destination of the HTTP exchange and are not bound the rules that apply to HTTP proxies. Such agents are allowed, but must mark the http header to assist with troubleshooting. Any agent that modifies an HTTP request or Response content other than under the rules for HTTP proxie must add a stamp to the HTTP headers like this: request-modified-[identity]: [purpose] response-modified-[identity]: [purpose] The identity must a single token defined by the administrator of the agent that will sufficiently identify the agent in the context of use. The header must specify the agents purpose in modifying the content. End point systems must not use this header for any purpose; it's aim is to assist with system troubleshooting. ." Resolution: Revised Text: Actions taken: May 20, 2012: received issue Discussion: End of Annotations:===== s is issue # 17380 From: Grahame Grieve Intermediaries Consideration Please add to the spec the following clarification for intermediary handling. Intermediaries are somewhat unusual in a web context, but are ubiquitious in a line-of-business context, and both FHIR and hData will be used in both contexts. " Intermediaries The HTTP protocol may be routed through an HTTP proxy such as squid. Such proxies are transparent to the applications, though implementors should be alert to the effects of rogue caching. Interface engines may also be placed between the consumer and the provider; these differ from proxies because they actively alter the content and/or destination of the HTTP exchange and are not bound the rules that apply to HTTP proxies. Such agents are allowed, but must mark the http header to assist with troubleshooting. Any agent that modifies an HTTP request or Response content other than under the rules for HTTP proxie must add a stamp to the HTTP headers like this: request-modified-[identity]: [purpose] response-modified-[identity]: [purpose] The identity must a single token defined by the administrator of the agent that will sufficiently identify the agent in the context of use. The header must specify the agents purpose in modifying the content. End point systems must not use this header for any purpose; it's aim is to assist with system troubleshooting. ."