W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2010

Re: Issue 146, was: Users with different access rights in HTTP Authentication

From: Roy T. Fielding <fielding@gbiv.com>
Date: Mon, 19 Jul 2010 12:06:35 -0700
Cc: Mark Nottingham <mnot@mnot.net>, David Morris <dwm@xpasc.com>, HTTP Working Group <ietf-http-wg@w3.org>, Martin Atkins <mart@degeneration.co.uk>
Message-Id: <130818A9-1863-45F0-B9FB-70A98F915AB8@gbiv.com>
To: Julian Reschke <julian.reschke@gmx.de>
On Jul 19, 2010, at 5:38 AM, Julian Reschke wrote:

> On 08.04.2009 14:52, Julian Reschke wrote:
>> Mark Nottingham wrote:
>>> Is this just a matter of s/allowed/supported/ in the definition of 405?
>> Yes.
>> That would make the definition of 405 consistent with the definition of
>> the Allow header, which currently says:
>> "The response-header field "Allow" lists the set of methods advertised
>> as supported by the resource identified by the request-target. The
>> purpose of this field is strictly to inform the recipient of valid
>> methods associated with the resource. An Allow header field MUST be
>> present in a 405 (Method Not Allowed) response." --
>> <http://greenbytes.de/tech/webdav/draft-ietf-httpbis-p2-semantics-06.html#rfc.section.9.1>
>> That would still leave the reason phrase and the *name* of the "Allow"
>> header confusing, but we'll probably have to live with that.
>> BR, Julian
> Proposed patch: <http://trac.tools.ietf.org/wg/httpbis/trac/attachment/ticket/146/>
> This makes the default reason phrase for 405 "Method Not Supported", and also replaces "allowed" by "supported" in the context of 405/Allow.

I don't believe that makes any sense.  Why the methods are allowed
(or others disallowed) is none of the client's business.  It certainly
has nothing to do with "support" (as in implemented).

Received on Monday, 19 July 2010 19:07:06 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:10:54 UTC