W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2004

Re: MIME registration for application/gdiff

From: Roy T. Fielding <fielding@gbiv.com>
Date: Tue, 28 Sep 2004 03:55:02 -0700
Message-Id: <D97E22C4-113C-11D9-92CC-000393753936@gbiv.com>
Cc: HTTP working group <ietf-http-wg@w3.org>, Linus Walleij <triad@df.lth.se>, Lisa Dusseault <lisa@osafoundation.org>, Martin Duerst <duerst@w3.org>
To: Julian Reschke <julian.reschke@gmx.de>

On Sep 27, 2004, at 9:47 AM, Julian Reschke wrote:
> As far as I know, the current wisdom seems to disallow put on a  
> content-negotiated resource, and to modify the "content" resource  
> (Content-Location response header, see  
> <http://greenbytes.de/tech/webdav/rfc2616.html#header.content- 
> location>) instead.

That is correct.  The best response from an HTTP server to an authoring
type of method on a negotiated resource is either "not allowed" or a
300 response that explains the resource is negotiated and lists the
URI(s) that might be authorable.  On a PUT, servers will either disallow
the request or change the URI's resource to having the fixed content.

Providing those URIs is a hard problem in general because it depends
on the algorithm used by the server to determine what representations
are available for a given URI.  For example, the Multiviews method in
Apache works by filename extensions, whereas another method uses
mappings defined in a URI".var" file, and mod_rewrite could do just
about anything.

A server should never attempt to "guess" while authoring -- any
redirection of the content must be controlled by the user (for
privacy reasons) and must not be assumed by the server (for
security reasons).

....Roy
Received on Tuesday, 28 September 2004 11:02:55 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:35 GMT