|
528 | 528 | </section> |
529 | 529 |
|
530 | 530 | <section title="Base URI and Dereferencing"> |
| 531 | + <t> |
| 532 | + To differentiate between schemas in a vast ecosystem, schemas are |
| 533 | + identified by <xref target="RFC3986">URI</xref>, and can embed references to other schemas by specifying their URI. |
| 534 | + </t> |
| 535 | + |
531 | 536 | <section title="Initial Base URI"> |
532 | 537 | <t> |
533 | 538 | <xref target="RFC3986">RFC3986 Section 5.1</xref> defines how to determine the |
|
557 | 562 | <section title="Identifying the root schema"> |
558 | 563 | <t> |
559 | 564 | The root schema of a JSON Schema document SHOULD contain an "$id" keyword with |
560 | | - a URI (containing a scheme). This URI SHOULD either not have a fragment, or |
561 | | - have one that is an empty string. |
| 565 | + an <xref target="RFC3986">absolute-URI</xref> (containing a scheme, but no fragment), |
| 566 | + or this absolute URI but with an empty fragment. |
562 | 567 | <!-- All of the standard meta-schemas use an empty fragment in their id/$id values. --> |
563 | 568 | </t> |
564 | 569 | </section> |
|
583 | 588 | without requiring JSON Pointer references to be updated. |
584 | 589 | </t> |
585 | 590 | <t> |
586 | | - To name subschemas in a JSON Schema document, |
587 | | - subschemas can use "$id" to give themselves a document-local identifier. |
588 | | - This is done by setting "$id" to a URI reference consisting |
589 | | - only of a plain name fragment (not a JSON Pointer fragment). |
590 | | - The fragment identifier MUST begin with a letter ([A-Za-z]), followed by |
591 | | - any number of letters, digits ([0-9]), hyphens ("-"), underscores ("_"), colons |
592 | | - (":"), or periods ("."). |
| 591 | + To specify such a subschema identifier, |
| 592 | + the "$id" keyword is set to a URI reference with a plain name fragment (not a JSON Pointer fragment). |
| 593 | + This value MUST begin with the number sign that specifies a fragment ("#"), |
| 594 | + then a letter ([A-Za-z]), |
| 595 | + followed by any number of letters, digits ([0-9]), hyphens ("-"), underscores ("_"), |
| 596 | + colons (":"), or periods ("."). |
593 | 597 | </t> |
594 | 598 | <t> |
595 | | - The effect of defining a fragment-only "$id" URI reference that neither |
596 | | - matches the above requirements nor is a valid JSON pointer |
597 | | - is not defined. |
| 599 | + The effect of using a fragment in "$id" that isn't blank or doesn't follow the |
| 600 | + plain name syntax is undefined. |
598 | 601 | <cref> |
599 | 602 | How should an "$id" URI reference containing a fragment with other components |
600 | 603 | be interpreted? There are two cases: when the other components match |
|
711 | 714 | </t> |
712 | 715 | <section title="Loading a referenced schema"> |
713 | 716 | <t> |
714 | | - To differentiate schemas between each other in a vast ecosystem, schemas are |
715 | | - identified by URI. As specified above, this does not necessarily mean |
716 | | - anything is downloaded, but instead JSON Schema implementations SHOULD |
717 | | - already understand the schemas they will be using, including the URIs that |
718 | | - identify them. |
| 717 | + The use of URIs to identify remote schemas does not necessarily mean anything is downloaded, |
| 718 | + but instead JSON Schema implementations SHOULD understand ahead of time which schemas they will be using, |
| 719 | + and the URIs that identify them. |
| 720 | + </t> |
| 721 | + <t> |
| 722 | + When schemas are downloaded, |
| 723 | + for example by a generic user-agent that doesn't know until runtime which schemas to download, |
| 724 | + see <xref target="hypermedia">Usage for Hypermedia</xref>. |
719 | 725 | </t> |
720 | 726 | <t> |
721 | 727 | Implementations SHOULD be able to associate arbitrary URIs with an arbitrary |
|
728 | 734 | <t> |
729 | 735 | A schema MAY (and likely will) have multiple URIs, but there is no way for a |
730 | 736 | URI to identify more than one schema. When multiple schemas try to identify |
731 | | - with the same URI, validators SHOULD raise an error condition. |
| 737 | + as the same URI, validators SHOULD raise an error condition. |
732 | 738 | </t> |
733 | 739 | </section> |
734 | 740 | <section title="Dereferencing"> |
|
829 | 835 | </t> |
830 | 836 | </section> |
831 | 837 |
|
832 | | - <section title="Usage for Hypermedia"> |
| 838 | + <section title="Usage for Hypermedia" anchor="hypermedia"> |
833 | 839 |
|
834 | 840 | <t> |
835 | 841 | JSON has been adopted widely by HTTP servers for automated APIs and robots. This |
@@ -974,12 +980,12 @@ User-Agent: product-name/5.4.1 so-cool-json-schema/1.0.2 curl/7.43.0 |
974 | 980 | <t> |
975 | 981 | Instances and schemas are both frequently written by untrusted third parties, to be |
976 | 982 | deployed on public Internet servers. |
977 | | - Validators should take care that the parsing of schemas doesn't consume excessive |
| 983 | + Validators should take care that the parsing and validating against schemas doesn't consume excessive |
978 | 984 | system resources. |
979 | 985 | Validators MUST NOT fall into an infinite loop. |
980 | 986 | </t> |
981 | 987 | <t> |
982 | | - Servers need to take care that malicious parties can't change the functionality of |
| 988 | + Servers MUST ensure that malicious parties can't change the functionality of |
983 | 989 | existing schemas by uploading a schema with an pre-existing or very similar "$id". |
984 | 990 | </t> |
985 | 991 | <t> |
|
0 commit comments