W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > April to June 2000

Re: Multistatus required in responses?

From: Greg Stein <gstein@lyra.org>
Date: Fri, 5 May 2000 15:42:36 -0700 (PDT)
To: ccjason@us.ibm.com
cc: Kaushik Sridharan <kaushik@ruksun.com>, w3c-dist-auth@w3.org
Message-ID: <Pine.LNX.4.10.10005051540280.25028-100000@nebula.lyra.org>
On Fri, 5 May 2000 ccjason@us.ibm.com wrote:
>    Are responses for specific methods required to be multistatus?
>    ..
>    I apologize if this question has been answered before on this list.
> 
> I believe it has been discussed.  I believe I brought it up and
> the conclusion was that PROPPATCH and PROPFIND must return
> multistatus and take no shortcuts.  The reasoning behind this
> was that it made things more predictable for the client and
> really wasn't any harder for the server.
> 
> If it's not already on the issues list, a clarification of this
> should be added to that list.

I would disagree. I think that it is quite valid to return something like
403 (Forbidden) or 401 (Authorization required) as a response. Heck, you
could also return something like 412 or 301, too.

In each of these cases, the 3xx or 4xx applies to the Request-URI. If a
status code ever applies to a URI *other* than the Request-URI (say,
caused by a Depth: header), then a 207 (Multistatus) MUST be returned.

Cheers,
-g

-- 
Greg Stein, http://www.lyra.org/
Received on Friday, 5 May 2000 18:47:27 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:54 GMT