3.1.5.1.1.2.3.3 st_wopi-url-source

Office

The st_wopi-url-source simple type specifies the URI that is used to call the associated WOPI action.

When a WOPI server receives a request from the browser that is required to use a WOPI action, an HTTP POST request MUST be sent from the WOPI server that navigates the browser along with a query string WOPISrc parameter and the access_token access token as the request body.

A WOPI server can also send an access_token_TTL as the request body.

access_token: A parameter that is the <token> (see section 2.2.2).

The URI parameter MUST have the form "access_token=<token>".

Because the token represents user credentials it needs to be protected. To protect the token the WOPI client MUST accept the token as part of the body of an HTTP POST. The format of the POST body MUST be "access_token=<token>"

The WOPI client SHOULD NOT include the URI parameter access_token and the POST body content in the same request.

access_token_TTL: A 64-bit integer containing the number of milliseconds since January 1, 1970 UTC and representing the expiration date and time stamp of the access_token.

The WOPI client MUST accept the access_token_TTL as part of the body of an HTTP POST. The format of the POST body MUST be "access_token_TTL=[a 64-bit integer as described above]"

The WOPI client SHOULD NOT include the URI parameter access_token_TTL and the POST body content in the same request.

WOPISrc: A URI that conforms to the pattern http://server/<...>/wopi*/files/<id> (see section 3.3.5.1). The URI MUST be encoded to a URL string.

There are a number of optional query string parameters that this simple type could contain. As described in the following, the WOPI servers MUST replace each optional parameter when using URI of this type, either by removing them, or processing them by providing the corresponding string in place of the placeholder value. Each optional parameter conforms to the pattern <name=PLACEHOLDER_VALUE[&]>. The WOPI server MAY omit the optional parameter, but MUST only process it if the placeholder value is understood and the corresponding replacement value can be determined. If the value is understood, the "<" and ">" MUST be removed, the name left intact, and the optional "&" MUST be preserved if present. As an example, "<ui=UI_LLCC&>" could be rewritten to "ui=en-us&".

Placeholder Values:

UI_LLCC: Indicates that the WOPI server includes the preferred UI language in the format described in [RFC1766].

DC_LLCC: Indicates that the WOPI server includes preferred data language in the format described in [RFC1766] for cases where language can affect data calculation.

EMBEDDED: Indicates that the WOPI server includes the value "true" to use the output of this action embedded in a web page.

DISABLE_ASYNC: Indicates that the WOPI server includes the value "true" to prevent the attendee from navigating a file. For example, when using the attendee action (see st_wopi-action-values in section 3.1.5.1.1.2.3.1).

DISABLE_BROADCAST: Indicates that the WOPI server includes the value "true" to load a view of the document that does not create or join a broadcast session. This view looks and behaves like a regular broadcast frame.

FULLSCREEN: Indicates that the WOPI server includes the value "true" to load the file type in full-screen mode.

RECORDING: Indicates that the WOPI server includes the value "true" to load the file type with a minimal user interface.

THEME_ID: Indicates that the WOPI server includes a value to designate the theme used. Current values are "1" to indicate a light-colored theme and "2" to indicate a darker colored theme.

BUSINESS_USER: Indicates that the WOPI server includes the value "1" to indicate that the user is a business user.

DISABLE_CHAT: Indicates that the WOPI server includes the value "1" to load a view of the document that does not create or join a chat session.

The following W3C XML schema ([XMLSCHEMA1] section 2.1) fragment specifies the contents of this simple type.

 <xs:simpleType name="st_wopi-url-source">
   <xs:restriction base="xs:string">
     <xs:pattern value="/^([a-z0-9+.-]+):(?://(?:((?:[a-z0-9-._~!$&'()*+,;=:]|%[0-9A-F]{2})*)@)?((?:[a-z0-9-._~!$&'()*+,;=]|%[0-9A-F]{2})*)(?::(\d*))?(/(?:[a-z0-9-._~!$&'()*+,;=:@/]|%[0-9A-F]{2})*)?|(/?(?:[a-z0-9-._~!$&'()*+,;=:@]|%[0-9A-F]{2})+(?:[a-z0-9-._~!$&'()*+,;=:@/]|%[0-9A-F]{2})*)?)(?:\?((?:[a-z0-9-._~!$&'()*+,;=:/?@]|%[0-9A-F]{2})*))?(?:#((?:[a-z0-9-._~!$&'()*+,;=:/?@]|%[0-9A-F]{2})*))?$/i" />
   </xs:restriction>
 </xs:simpleType>

Additionally, WOPI servers MUST append to the WOPISrc any query string parameters included with the WOPI server URL that begin with the characters: "wd". That is, if the WOPI server receives a request from a browser that indicates to the WOPI server that the browser wishes to call a WOPI client action, then all query string parameters included on the request to the WOPI server MUST be passed through on the WOPISrc.

Show: