- From: Dave Kristol <dmk@bell-labs.com>
- Date: Fri, 07 Aug 1998 17:10:18 -0400
- To: Henrik Frystyk Nielsen <frystyk@w3.org>
- CC: ietf-http-ext@w3.org, lawrence@agranat.com, paulle@microsoft.com
Henrik Frystyk Nielsen wrote: > > The CGI problem of accepting (returning 200 OK) to arbitrary methods is a > very serious problem and we need a solution urgently in order to be able to > extend HTTP beyond GET, HEAD, PUT, and POST. > > Currently, you can't even do a DELETE and know that it works even if you > get 200 OK back which means that neither HTTP/1.1, nor DAV nor Mandatory > can be used reliably. > > Here are the possible solutions that I can think of: [Solutions deleted] The problem is between the server and a CGI, rather than between the server and the client. Old servers, which really only understand HEAD/GET/POST, will continue to do them the same. If you can get "new servers" to define an updated CGI interface, then there's another possibility. A new server might require a CGI to return a Method: header with the method it thought it interpreted. Such a server would require such a header of any non-HEAD/GET/POST request and ensure that it matches the request method. Just as with the Status: header from CGIs, Method: would be removed by the server before it forwards the response. "Old CGIs" with "new servers" would be safe: if the CGI failed to return Method: on an unusual method, the response would be dropped. Dave Kristol
Received on Friday, 7 August 1998 17:09:41 UTC