Handling HTTP POST Command Requests

The server parses HTTP POST requests from clients as specified in section 2.2.1. The ActiveSync command contained within an HTTP POST request is parsed as specified in [MS-ASCMD] section 2.2.1. The server MUST conform to the protocol version that is specified by the MS-ASProtocolVersion header (section in the client request. The server formats an HTTP POST response, as specified in section 2.2.2, with an appropriate HTTP status code, as specified in section

If the server returns an HTTP 451 error and knows the URL of the correct server, it SHOULD include an X-MS-Location header (section with the URL of the correct server. If the server returns an HTTP 503 error, it MAY<7> include a Retry-After header, as specified in [RFC2616], in the response with an estimate of the number of seconds that will elapse before the server is expected to be able to process the request. If the server returns an HTTP 457 error, it MUST include the X-MS-Credential-Service-Url header (section in its response.

If the user's password is near expiration, the server SHOULD include the X-MS-Credentials-Expire header (section in its response. This header provides advance warning to the client of password expiration. The point at which the server begins this warning is determined by the implementer.

If the client sends a request to synchronize the folder hierarchy with a synchronization key of 0 or the server requires the client to reinitialize its synchronization state, the server SHOULD include an X-MS-RP header, an MS-ASProtocolCommands header, and an MS-ASProtocolVersions header in its response to the client.

The server MAY<8> track the value of the User-Agent header for consecutive command requests from a specific device and block devices that change the value of this header more than a configured limit within a configured timespan. Servers that do this tracking SHOULD use the algorithm specified in section