Reconsider: Request / Response Execution Context Header Requirement (#108)

travisgosselin · web-flow · commit 55b2b09984ea · 2025-10-29T14:27:04.000-04:00
Clarified requirements for header values in requests and responses for
execution context. The original intent was that there may be scenarios
where the response value provides a different alias, or redirected
version that is available. This was worded carefully in the statement
before and after in the original content. Adding this line in the last
update overrides that intent.

---------

Signed-off-by: Travis Gosselin &lt;travis.gosselin@live.ca&gt;
diff --git a/standards/request-response.md b/standards/request-response.md
@@ -509,9 +509,7 @@ Sps-Cors-Error: bad origin
   - It **MUST** only contain ASCII lowercase letters (a–z), digits (0–9), underscore (`_`), or hyphen (`-`).
   - It **MUST NOT** contain accented/diacritic or non-ASCII characters.
 - The header value **SHOULD** contain human-readable tag for the context.
-- The original request header value **SHOULD** be propagated to any outgoing requests to retain the context for downstream usage.
-- The header **MUST** be supplied in the response for every request containing the header, and match the original requested value.
-- The header **SHOULD** be supplied in the response for every request in general, if applicable to the API, even if just defaulting to __prod__.
+- The header **SHOULD** be propagated to outgoing requests for downstream context retention and **MUST** be supplied in responses when provided in the request, reflecting either the requested value or the properly transformed value utilized for execution.
 
 ```note
 The allowed character set is intentionally conservative and may expand in the future. Implementations should avoid hard-coding assumptions and be prepared for a broader set if the standard is updated.
