W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2008

Re: i24: Requiring Allow in 405 responses

From: Julian Reschke <julian.reschke@gmx.de>
Date: Wed, 12 Mar 2008 13:14:23 +0100
Message-ID: <47D7C91F.90403@gmx.de>
To: HTTP Working Group <ietf-http-wg@w3.org>

Roy T. Fielding wrote:
> 
> On Mar 11, 2008, at 1:05 AM, Julian Reschke wrote:
>> Mark Nottingham wrote:
>>> My understanding is that a proposal along these lines* is acceptable, 
>>> with one exception; Julian believes that if we do this, we should 
>>> also relax the client-side requirement.
>>
>> Yes.
>>
>>> One way to do that would be to change "SHOULD"->"should" (i.e., make 
>>> it advisory text, instead of a requirement).
>>> Thoughts?
>>> ...
>>
>> I don't think that lowercasing the requirement is sufficient; it's 
>> still a requirement. My proposal is to get rid of it, so to drop:
>>
>> "However, the indications given by the Allow header field value SHOULD 
>> be followed."
>>
>> completely.
> 
> +1
> 
> ....Roy

OK,

here's my proposal:

Change

"This field cannot prevent a client from trying other methods. However, 
the indications given by the Allow header field value SHOULD be 
followed. The actual set of allowed methods is defined by the origin 
server at the time of each request."

to

"This field cannot prevent a client from trying other methods. The 
actual set of allowed methods is defined by the origin server at the 
time of each request, and may not necessarily include all (or any) 
methods that the server would actually allow in a request if presented."

This relaxes the server requirement (reflecting reality), and 
accordingly removes the requirement for clients to trust the information.

BR, Julian
Received on Wednesday, 12 March 2008 12:14:49 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:37 GMT