W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2009

Re: Is OPTIONS Safe?

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Mon, 15 Jun 2009 15:25:27 +0200
To: Julian Reschke <julian.reschke@gmx.de>
Cc: Mark Nottingham <mnot@mnot.net>, John Kemp <john@jkemp.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <1245072327.5797.24.camel@localhost.localdomain>
ons 2009-06-03 klockan 07:28 +0200 skrev Julian Reschke:
> Mark Nottingham wrote:
> > Yes, that's what I'm suggesting.
> > 
> > Cheers,
> 
> We already state that in Part 2, Section 10.1, but that is only the IANA 
> registration 
> (<http://greenbytes.de/tech/webdav/draft-ietf-httpbis-p2-semantics-06.html#rfc.section.10.1>)...
> 
> So yes, the method description should state that as well.
> 
> What about TRACE then (which is the 4th candidate)?

+1

All methods which should not have any noticeable side effects is safe. 

TRACE by definition never should have side effects, nor should OPTIONS.

GET/HEAD should not have side effects, but often have anyway, but that's
besides the point. A server which barfs in some way if it gets the exact
same GET/HEAD request twice is technically not HTTP compliant, but in
reality nobody is going to care much about that.

Regards
Henrik
Received on Monday, 15 June 2009 13:26:06 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:03 GMT