W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > January to March 2000

WebDAV Bindings - Issue Yaron.403

From: Yaron Goland <yarong@Exchange.Microsoft.com>
Date: Sun, 16 Jan 2000 17:47:55 -0800
Message-ID: <7DE119D3D0E15543874F7561EECBDBED02619E19@BEG.platinum.corp.microsoft.com>
To: w3c-dist-auth@w3.org
Section 5.2 of the Bind spec instructs the reader that if a server wishes to
reject a BIND request because it would cause a loop then the server should
return a 403 (Forbidden). However 403 is overloaded as it is. For example, a
403 could mean that the method is banned at the moment for some reason even
though it is normally supported. This means that someone trying to write an
API to issue a BIND never really knows what a 403 means and so doesn't know
if they should tell the user that the server is currently just not going to
let the user perform this action or if the problem is that the action would
result in a loop. Therefore the use of 403 introduces a vagueness into the
response.
	Therefore I move that a new 4xx error code be introduced to cover
the case when a server refuses a BIND because it would cause a loop.

		Yaron

P.S. I think that the introduction of all these new error codes is a
mistake. A new error code should only be, in my opinion, introduced when it
provides a very high level error description that could be reasonably used
by members of the HTTP infrastructure, meaning firewalls and proxies.
Otherwise only the x00 errors should be used for everything and either new
headers or a body should be introduced to give detailed error information.
But I'm way too busy to try and push for this change so for the moment let's
just throw another error code on the barbie until people go insane with
them. It will be interesting to see how bad things have to become before we
can get this fixed.
Received on Sunday, 16 January 2000 20:48:46 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:43:53 GMT