As the title says which should take precedence when replying back to a UAS. I have a provider that sends a VIA header that is different to the contact header. They are stating that I should be sending SIP signalling back to the URI in the contact header. But Kamailio is sending it back to URI in the VIA header.
I can not find an RFC which shows the precedence.
Thanks
Via and Contact Header serves different purpose:
Via Header: It indicates the list of all the network node (server,proxy-server etc.) the request traversed from originating point to the endpoint.
Via Header is used by the User Agent Server (UAS) to return/reply the SIP status responses (e.g. SIP 100 Trying, 180 Ringing, etc.)
Contact Header: Contact header basically contains the SIP URI of the end user, that the originating user can use to send future requests to. That is, requests that belong to the same dialog, such as re-INVITE, BYE and ACK messages. (The Contact header field has a role similar to the Location header field in HTTP.)
There is no precedence, they serve different purposes.
The response should be sent to the URI in the VIA header.
You can use the Contact header URI to compute the Request URI for new requests within this session.
Related
For a POST request in my Restful API I want to record requests from certain users for audit purposes. I know who the users are in these cases so I can ask them to include their email address in the request. Since this is really metadata for the request, the From request header seems a natural place to require the email to be sent. However, I can't remember anyone ever actually using this header.
Would it feel strange to other developers to see the From header being used in a modern application?
RFC 7231
The From header field is rarely sent by non-robotic user agents. A user agent SHOULD NOT send a From header field without explicit configuration by the user, since that might conflict with the user's privacy interests or their site's security policy.
A server SHOULD NOT use the From header field for access control or authentication, since most recipients will assume that the field value is public information.
My interpretation is that the From header is there to allow the client to volunteer information, not so that the server can require it. For your situation, where you control the clients, using the header is fine, but given that your intent is to "record requests from certain users for audit purposes" I would expect the Authorization header to be more appropriate.
I am working with SIP protocol, and I have an issue with an endpoint (ZTE). The endpoint sends a lot of SUBSCRIBE method messages and I want to stop that because i don't whant to implement it.
I already tried to respond with 403 (Method Forbibben) and 405 (Method Not Allowed), but the endpoint is still sending SUBSCRIBE.
What is the propper way to stop an endpoint to send that method?
Thanks!
Sending a 405 (Method not allowed) response is correct. You should also add an Allow header with the methods you DO support.
Omit the SUBSCRIBE method from the Allow headers in (all) your requests and responses to the endpoint. This indicates that you don't support the SUBSCRIBE method.
Of course, you can't control whether the endpoint complies. If it's poorly implemented it could still send SUBSCRIBEs despite you indicating not to send them.
A well-behaved UAC should inspect the Allow-Event header in any response and only subscribe to those event packages listed in the header. If there is no Allow-Event header, or an empty value, the assumption should be that the UAS does not support any event package.
Try to include an empty Allow-Event header in the preceding response.
…API/emailMessage/?emailId=test123
I have written the above URL using Web API to get the email in JSON data format(email body, sender, CC, To, etc).
Also, I have the requirement to allow download of email along with attachment for the same URL.
One way to do it is using content negotiation. I can use “MediaTypeHeaderValue("application/octet-stream")” to send the content as downloadable.
Question is….
1. Which parameter in the GET request the user should request for JSON content or download of content? Or what is the correct way of asking the content type from HTTP client?
2. On the server side I can read what content type the user is asking and send the appropriate data just using case statement. Is there anything to be considered on the server side in this scenarios?
Thank you,
Eric
The Accept request header is used to inform the server what media types the client supports. However, do not be concerned about adding a format= parameter to your URI to request a different format. It will not have a negative impact on your application.
I have a form that allows the user to send invites to others. The amount of invites is configurable by the user in the user interface, and could theoretically be infinite. The user needs to define an email address per invite.
When clicking 'send' it should ideally post one request to the server, wrapping all records in one bulk submit. Even though this is not truly RESTful (I heard), it seems favourable over sending possibly 50 separate requests. However, what would be the proper way to do this?
It gets tricky when one of the invites fails, due to a malformed email address or duplicate invites or so. It is fine to properly process the other valid requests, and provide errors on the invalid requests, but what response status code would one use for this?
Generally I try to use the JSONAPI request format. The errors would be in a top object called errors and would be an array consisting of multiple objects. The field key within an error object would point to the record index number (as received in the request) and field name of the error, i.e. "field": "/invites/0/email" for an error on the email field in the first received record.
The best solution I've seen to the "batch request" problem is Google Calendar's API. It is a RESTful API, and therefore there is a URL for every resource which you can manipulate using standard REST sematics (i.e. GET, POST, PUT, DELETE). But the API also exposes a "/batch" endpoint, which accepts a content-type of "mixed/multipart", and the request body contains several nested HTTP requests, each with their own headers, method, url and everything. The response is also one HTTP response with a content-type of "mixed/multipart" containing a collection of individual HTTP response, one response per request.
This advantage of this solution is that
1. It allows you to design your system in a RESTful manner, which we all know and love.
2. It generalizes well to any combination of HTTP requests that your system can deal with.
For more info see: https://developers.google.com/google-apps/calendar/batch
The SIP "BYE" message is usually delivered from one SIP user agent to the other directly if the call is finished. How then can a SIP proxy, switch or exchange monitor if a call has ended?
If a proxy is interested in a call - in particular, it wants to know about BYEs - it requests its addition to the SIP route by adding a Record-Route header.
The SIP RFC has some example call flows illustrating the use of the header, but briefly, dialog-establishing requests (like INVITE, REFER, etc.) en route to the callee pass through various proxies. These add themselves to the route set of the dialog. When the callee constructs its response - or sends its own in-dialog request - it adds these servers' URIs to the messages it sends as Route headers. (I'm skipping some hairy details around Route headers and the Request-URI and RFC 2543 compatibility.)
Alternatively, a UA may be configured to use a certain chain of proxies: when it sends its INVITE, it will use Route headers (and the Request-URI) to force the message to travel a particular route.