W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2009

Re: PATCH draft

From: Julian Reschke <julian.reschke@gmx.de>
Date: Fri, 30 Jan 2009 14:17:02 +0100
Message-ID: <4982FDCE.9070207@gmx.de>
To: Lisa Dusseault <lisad@messagingarchitects.com>
CC: ietf-http-wg@w3.org

Lisa Dusseault wrote:
> Julian helped me get another draft of this out that fixes his issues:
> 
> http://tools.ietf.org/html/draft-dusseault-http-patch-12
> ...

OK, here's new feedback, most of which are nits:


INTRODUCTION, paragraph 14:
OLD:

    Several applications extending HTTP require a feature to do partial
    resource modification.  Existing HTTP functionality only allows a
    complete replacement of a document.  This proposal adds a new HTTP
    method, PATCH, to modify an existing HTTP resource.

NEW:

    Several applications extending the Hypertext Transfer Protocol (HTTP)
    require a feature to do partial resource modification.  The existing
    HTTP PUT method only allows a complete replacement of a document.
    This proposal adds a new HTTP method, PATCH, to modify an existing
    HTTP resource.

(expand HTTP acronym on first use; probably should also be done in the 
title)


Section 1., paragraph 1:
OLD:

    This specification defines the new HTTP 1.1 [RFC2616] method PATCH
    that is used to apply partial modifications to a resource.

NEW:

    This specification defines the new HTTP/1.1 [RFC2616] method PATCH
    that is used to apply partial modifications to a resource.

s|HTTP 1.1|HTTP/1.1|


Section 2., paragraph 1:
OLD:

    The PATCH method requests that a set of changes described in the
    request entity be applied to the resource identified by the Request-
    URI.  The set of changes is represented in a format called a "patch
    document" identified by a media type.  PATCH is neither safe or
    idempotent as defined by [RFC2616], Section 9.1.  If the Request-URI
    does not point to an existing resource, and that URI is capable of
    being defined as a new resource by the requesting user agent, the
    origin server can create the resource with that URI.

NEW:

    The PATCH method requests that a set of changes described in the
    request entity be applied to the resource identified by the Request-
    URI.  The set of changes is represented in a format called a "patch
    document" identified by a media type.  If the Request-URI does not
    point to an existing resource, and that URI is capable of being
    defined as a new resource by the requesting user agent, the origin
    server can create the resource with that URI.

    PATCH is neither safe nor idempotent as defined by [RFC2616], Section
    9.1.

(pull statement about safety into separate paragraph)


Section 2., paragraph 4:
OLD:

    If the request passes through a cache and the Request-URI identifies
    one or more currently cached entities, those entries SHOULD be
    treated as stale.  Responses to this method are not cacheable, unless
    the response includes appropriate Cache-Control or Expires header
    fields or the response uses the 209 Content Returned status code as
    defined in Section 4.  The 303 (See Other) response can be used to
    direct the user agent to retrieve a cacheable resource.

NEW:

    If the request passes through a cache and the Request-URI identifies
    one or more currently cached entities, those entries SHOULD be
    treated as stale.  Responses to this method are not cacheable, unless
    the response includes appropriate Cache-Control or Expires header
    fields or the response uses the 209 Content Returned status code as
    defined in Section 4.  The 303 (See Other) response can be used to
    direct the user agent to retrieve a cacheable resource. [[anchor1:
    ???]]

I'm not totally sure why we'd want 303 here. What's wrong with 200; it's 
not like the 303 ever would include a different URI in the Location 
header, right?


Section 2., paragraph 5:
OLD:

    Collisions from multiple requests are more dangerous than PUT
    collisions, because a patch document that is not operating from a
    known base point may corrupt the resource.  Clients wishing to apply
    a patch document to a known entity can first acquire the strong ETag
    of the resource to be modified, and use that Etag in the If-Match
    header on the PATCH request to verify that the resource is still
    unchanged.  If a strong ETag is not available for a given resource,
    the client can use If-Unmodified-Since as a less-reliable safeguard.

NEW:

    Collisions from multiple requests are more dangerous than PUT
    collisions, because a patch document that is not operating from a
    known base point may corrupt the resource.  Clients wishing to apply
    a patch document to a known entity can first acquire the ETag of the
    resource to be modified, and use that Etag in the If-Match header on
    the PATCH request to verify that the resource is still unchanged.  If
    an ETag is not available for a given resource, the client can use If-
    Unmodified-Since as a less-reliable safeguard.

Why exactly do we require a strong etag here in general?


Section 2.2., paragraph 2:
OLD:

    Unsupported patch document:  Can be Specified using a 415
       (Unsupported Media Type) when the client sends a patch document
       format that the server does not support for the resource
       identified by the Request-URI.  Such a response SHOULD include an
       Accept-Patch response header as described in Section 3.1 to notify
       the client what patch document formats are supported.

NEW:
    Unsupported patch document:  Can be specified using a 415
       (Unsupported Media Type) when the client sends a patch document
       format that the server does not support for the resource
       identified by the Request-URI.  Such a response SHOULD include an
       Accept-Patch response header as described in Section 3.1 to notify
       the client what patch document formats are supported.

s/S/s/

Section 2.2., paragraph 3:
OLD:

       *  The client attempted to apply a structural modification and the
          structures assumed to exist did not exist (e.g. a patch which
          specifies changing element 'foo' to element 'bar' but element
          'foo' doesn't exist).
       *  The client attempted to modify a resource in a way that would
          cause the resource to become invalid.  For instance, a
          modification to a well-formed XML document that would cause it
          to no longer be well-formed.
       *  The client attempted to modify a resource that has multiple
          representations but the server was unable to choose which
          representation to modify.
    Conflicting modification:  Specified with a 412 (Precondition Failed)
       when a client uses either the If-Match or If-Unmodified-Since
       request headers and attempts to apply a patch document to a
       resource whose state has changed since the patch was created.  If
       the server detects a possible conflicting modification and neither
       the If-Match or If-Unmodified-Since request headers are used, the
       server can return a 409 (Conflict) response.
    Concurrent modification:  When a server receives multiple concurrent
       requests to modify a resource, those requests SHOULD be queued and
       processed in the order in which they are received.  If a server is
       incapable of queuing concurrent requests, all subsequent requests
       SHOULD be rejected with a 409 (Conflict) until the first
       modification request is complete.

I think in all these cases 422 is not the right choice, because the 
problem is not with the request, but the state of the resource.  Thus it 
seems 409 Conflict would be better.

Section 3.1., paragraph 3:
OLD:

  3.2.  An example OPTIONS request and response

NEW:

  3.2.  An example OPTIONS Request and Response

(title case)

Appendix A., paragraph 1:
OLD:

     PATCH is not a new concept, it first appeared in HTTP in drafts of
     version 1.1 written by Roy Fielding and Henrik Frystyk and also
     appears in RFC 2068.

NEW:

     PATCH is not a new concept, it first appeared in HTTP in drafts of
     version 1.1 written by Roy Fielding and Henrik Frystyk and also
     appears in Section 19.6.1.1 of RFC 2068.

(point to specific section of RFC 2068)


BR, Julian
Received on Friday, 30 January 2009 13:17:49 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:00 GMT