W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > January to March 2002

RE: A case for GETSRC (or other mechanism to that effect)

From: CJ Holmes <cholmes@4d.com>
Date: Thu, 28 Feb 2002 16:05:42 -0800
To: "Clemm, Geoff" <gclemm@rational.com>
Cc: w3c-dist-auth@w3c.org
Message-id: <a05101400b8a471a93a26@[130.157.200.114]>
>Why is it easier to get the server to implement GETSRC
>(which requires it both to locate, and then retrieve the
>contents of the source) than it is to get the server
>to implement PROPFIND <DAV:source>, where it just has to
>locate the source, and return its URL?

Well, you can't always "just locate the source".  If the source 
really is in a different location than the "normal" URI then your DAV 
module probably has no knowledge of it.  Which means now you have to 
teach JSP to be DAV-aware and answer PROPFIND requests, or teach your 
DAV module all about what URIs are served by which other modules and 
how the two URI spaces map to each other.

In the more common case where "GET x" is dynamically generated from 
some source at the same URI, then there's hardly anything to be done 
at all to support GETSRC.  All of the same machinery that normally 
locates a file works just like it did before, which is the beauty of 
it.  The only differences are:

	1. The security module checks to make sure that the user has 
permission to "GETSRC x".  In Apache, this is just a matter of adding 
GETSRC to the list of methods a user is allowed to use within a given 
realm.

	2. The PHP/JSP/Whatever plug-in doesn't try to pick up the 
request, because it doesn't know what to do with a GETSRC method. 
(Just like it doesn't try to claim anything with PROPFIND or DELETE 
methods.)  In fact, all plug-ins that work only with GET, HEAD, and 
POST methods just ignore the request entirely, which is what you want 
for serving "source" data.

	3. Either the DAV module can claim the request, or the 
mechanism that serves static files can serve the request.  In our 
case (WebSTAR) we would probably just let the "default" plug-in do 
it, since that module normally serves static content without 
interpretation and it supports byte ranges, which is handy.  There's 
no point in duplicating that code in the DAV plug-in.

>-----Original Message-----
>From: CJ Holmes [mailto:cholmes@4d.com]
>Sent: Thursday, February 28, 2002 6:17 PM
>To: Clemm, Geoff
>Subject: RE: A case for GETSRC (or other mechanism to that effect)
>
>
>>I agree with Julian's question, i.e. why don't you just use
>>some natural URL to expose your editable source.  In general, the
>>file extension of the actual file containing your editable source
>>will not be ".html".  It will be .asp, .jsp, or whatever.  So the
>>natural URL for the jsp source for /x/y/foo.html is /x/y/foo.jsp.
>>Why not just use that URI to identify your source resource?
>
>Most people don't configure their servers that way.  If you want the
>output of /x/y/foo.php then you "GET /x/y/foo.php".  Short of a
>different method or something like the "Translate" field there's no
>natural way to tell the difference (both semantic and security)
>between a "get the source" and "get the output".
>
>And even in cases where where servers are configured this way, you
>have problems in trying to implement DAV:source or anything like it
>properly.
>
>What happens when "FINDPROP /x/y/foo.html" is requested?  If the DAV
>module is responsible for handling it, then it has to understand
>enough about the server's and other plug-ins' configuration to figure
>out who creates that URI and what the appropriate source is.  Which
>means your DAV plug-in has to be rather tightly integrated with all
>of your other plug-ins.
>
>On the other hand you could just let PHP handle PROPFIND for the URIs
>it generates.  But for that implementation model to be consistent you
>need to DAV-enable every dynamic content creation tool and every CGI.
>I don't think everyone is up to that.
>
>Again, DAV:source makes perfect sense for tightly integrated content
>management systems, but not for the common case of web servers that
>want to add DAV access to their source content.
>
>cjh
>
>--


-- 
Received on Thursday, 28 February 2002 19:09:03 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:00 GMT