HTTP 451 Unavailable For Legal Reasons
December 21, 2015 6:56 PM Subscribe
The Internet Engineering Task Force (IETF) has approved the use of the HTTP 451 status code to indicate a web page that has been blocked for legal reasons. A rise in online censorship was mentioned as driving the approval of this status code, first proposed in 2013.
Prior to the IETF approval, some websites had already started using HTTP 451. HTTP 451 is meant to provide more useful information than the generic "403 Forbidden" status code. However, a regulatory body could still bypass it by issuing a court order specifying not only that a page should be blocked, but also which HTTP return code should be used.
The IETF memo notes that "in many cases clients can still access the denied resource by using technical countermeasures such as a VPN or the Tor network."
Previously
Prior to the IETF approval, some websites had already started using HTTP 451. HTTP 451 is meant to provide more useful information than the generic "403 Forbidden" status code. However, a regulatory body could still bypass it by issuing a court order specifying not only that a page should be blocked, but also which HTTP return code should be used.
The IETF memo notes that "in many cases clients can still access the denied resource by using technical countermeasures such as a VPN or the Tor network."
Previously
MetaFilter: This one isn’t an joke.
posted by Wolfdog at 7:02 PM on December 21, 2015 [1 favorite]
posted by Wolfdog at 7:02 PM on December 21, 2015 [1 favorite]
What a discouraging development.
posted by indubitable at 7:48 PM on December 21, 2015
posted by indubitable at 7:48 PM on December 21, 2015
However, a regulatory body could still bypass it by issuing a court order specifying not only that a page should be blocked, but also which HTTP return code should be used
Introducing Forrest, the 451 Canary. 🐦
posted by ChurchHatesTucker at 8:02 PM on December 21, 2015 [13 favorites]
Introducing Forrest, the 451 Canary. 🐦
posted by ChurchHatesTucker at 8:02 PM on December 21, 2015 [13 favorites]
Needs more Ray Bradbury.
posted by riverlife at 8:02 PM on December 21, 2015 [1 favorite]
posted by riverlife at 8:02 PM on December 21, 2015 [1 favorite]
"This book on the shelf indicates that a HTTP 451 is not in action."
posted by Thella at 8:14 PM on December 21, 2015
posted by Thella at 8:14 PM on December 21, 2015
I get the Bradbury reference, but surely it should be a 5xx code? (Or if people want to get clever, 3xx? 305 would be nice…)
I guess HTTP status codes have gone the way of TLDs and everybody's just given up on the hierarchy meaning anything…
posted by Pinback at 8:27 PM on December 21, 2015 [1 favorite]
I guess HTTP status codes have gone the way of TLDs and everybody's just given up on the hierarchy meaning anything…
posted by Pinback at 8:27 PM on December 21, 2015 [1 favorite]
I didn't get the Bradbury reference until just now...
posted by subdee at 8:31 PM on December 21, 2015 [2 favorites]
posted by subdee at 8:31 PM on December 21, 2015 [2 favorites]
The Net interprets censorship as damage and routes around it pretty much the way things work now.
posted by double block and bleed at 8:37 PM on December 21, 2015 [1 favorite]
posted by double block and bleed at 8:37 PM on December 21, 2015 [1 favorite]
Metafilter: ████ the ██ ███ and/or █ ████████ secure ███!
posted by blue_beetle at 8:38 PM on December 21, 2015 [1 favorite]
posted by blue_beetle at 8:38 PM on December 21, 2015 [1 favorite]
4xx makes sense because it would mean don't retry. It seems unlikely you'd use this status and it be possible to retry for the resource in a short time frame. 3xx doesn't seem to make sense since you'd have to include a resource to redirect to.
posted by R343L at 8:55 PM on December 21, 2015
posted by R343L at 8:55 PM on December 21, 2015
Nope, 4xx codes are meant for client errors (e.g. 404 means "client requested a resource which could not be found") - which this isn't. 5xx codes are for when the server can't fulfil an otherwise valid client request.
I offered 3xx as an amusing workaround because 305 means "Use Proxy" (& should be accompanied by a proxy address, although there's bugger-all that supports it).
posted by Pinback at 9:12 PM on December 21, 2015 [4 favorites]
I offered 3xx as an amusing workaround because 305 means "Use Proxy" (& should be accompanied by a proxy address, although there's bugger-all that supports it).
posted by Pinback at 9:12 PM on December 21, 2015 [4 favorites]
Hrm. I suppose so. Though "client error" is a pretty broad variety. The garden variety 404 is pretty common even for resources that are not really client error (eg a site with links on one page back to non-existence resource on the same site.)
posted by R343L at 9:50 PM on December 21, 2015
posted by R343L at 9:50 PM on December 21, 2015
HTTP 451: Fascists killed this machine
posted by quonsar II: smock fishpants and the temple of foon at 9:52 PM on December 21, 2015 [12 favorites]
posted by quonsar II: smock fishpants and the temple of foon at 9:52 PM on December 21, 2015 [12 favorites]
The NY Times doesn't call it censorship, it's called "limiting"
posted by RobotVoodooPower at 10:05 PM on December 21, 2015 [3 favorites]
posted by RobotVoodooPower at 10:05 PM on December 21, 2015 [3 favorites]
“Client Error” doesn’t mean it’s necessarily the client’s fault; it just means that the error is a property of the particular request. Or in the words of RFC 2616 § 10.4, “The request contains bad syntax or cannot be fulfilled.” See also response code 410 Gone.
Or in the words of Mark Nottingham, chairman of the HTTP Working Group:
Or in the words of Mark Nottingham, chairman of the HTTP Working Group:
Status code ranges are less about fault than they are about determining whether the client can retry the request without changing it.posted by mbrubeck at 10:10 PM on December 21, 2015 [12 favorites]
5xx means that the client can, because there's a chance repeating the request will succeed. 4xx means the client shouldn't, because it needs to change in some fashion before it will work.
This is so that clients that don't understand a specific status code can fall back to the more generic x00 code and still behave sensibly.
4xx is appropriate. Client is at fault for requesting the resource. The security agencies aren't going to take the fall. It's the requester's fault for requesting That Which Shall Not Be Requested. Off to the gulag for you!
posted by five fresh fish at 11:38 PM on December 21, 2015 [1 favorite]
posted by five fresh fish at 11:38 PM on December 21, 2015 [1 favorite]
There's already "403 forbidden" - the user is trying to access a page which is not permitted according to access controls on the server. The user's action was incorrect, even if they didn't know it.
451 is similar, but the access control is required by a government.
posted by BinaryApe at 1:02 AM on December 22, 2015 [1 favorite]
451 is similar, but the access control is required by a government.
posted by BinaryApe at 1:02 AM on December 22, 2015 [1 favorite]
Everyone complaining about the coming dystopia, remember that the governments were already doing this. The engineers are just engineeringly fighting back.
posted by pan at 8:00 AM on December 22, 2015
posted by pan at 8:00 AM on December 22, 2015
403 signals to me that someone doesn't know how a to configure permissions on a web server. I would much prefer to know why content is blocked so I can search for a mirrored or cached version.
posted by mattoxic at 11:43 PM on December 22, 2015
posted by mattoxic at 11:43 PM on December 22, 2015
The claim that a regulatory body could block a resource AND also specify the return code that the server must give is interesting. Its likely not true in the US where I think you could plausibly claim it would be compelled speech and probably a violation of the First Amendment. In other jurisdictions, though, that might be something the government could do and get away with.
posted by Inkoate at 6:29 AM on December 23, 2015 [1 favorite]
posted by Inkoate at 6:29 AM on December 23, 2015 [1 favorite]
« Older I Don't Want to Go to There | Ballantine: An elegant IPA for a more civilized... Newer »
This thread has been archived and is closed to new comments
posted by surazal at 6:59 PM on December 21, 2015 [2 favorites]