Cyrus Daboo wrote: > Hi Jamie, > > --On February 17, 2005 4:41:42 PM +0000 Jamie Lokier > <jamie@shareable.org> wrote: > >>> No, it would be the container resource itself. For CalDav, the calendar >>> collection; for Atompub, the feed resource itself. >> >> >> Why can't you POST to the container resource? >> >> That's what POST is for, after all. > > > The WebDAV rfc has the following statement in it in Section 5.3 as a > justification for creating a new method (MKCOL in this case) rather than > using a special POST operation: > >> While the POST method is sufficiently open-ended that a "create a >> collection" POST command could be constructed, this is undesirable >> because it would be difficult to separate access control for >> collection creation from other uses of POST. > > > Wouldn't the same issue be relevant here? > > Interestingly the current WebDAV ACL document does not appear to mention > POST at all - even in the 'Normative' Method Privilege Table in Appendix > B. Is there a reason for that? Yes. As you can do anything with POST, it's impossible to state what privileges you'll need. > Whatever solution we come up with it ideally needs to work seamlessly > with WebDAV ACL. That would be preferrable. Best regards, Julian -- <green/>bytes GmbH -- http://www.greenbytes.de -- tel:+492512807760Received on Thursday, 17 February 2005 17:20:08 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 12 October 2007 17:53:22 GMT