W3C home > Mailing lists > Public > w3c-dist-auth@w3.org > January to March 2006

[Bug 161] EVALUATE_ALL_OF_IF_HEADER

From: <bugzilla@soe.ucsc.edu>
Date: Fri, 20 Jan 2006 11:32:00 -0800
Message-Id: <200601201932.k0KJW0Q8011121@ietf.cse.ucsc.edu>
To: w3c-dist-auth@w3.org

http://ietf.cse.ucsc.edu:8080/bugzilla/show_bug.cgi?id=161

julian.reschke@greenbytes.de changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Version|-07                         |-10



------- Additional Comments From julian.reschke@greenbytes.de  2006-01-20 11:32 -------
Analysis, based on
<http://greenbytes.de/tech/webdav/draft-ietf-webdav-rfc2518bis-10.html#rfc.section.9.4>:

This section currently says:

"The If header's purpose is to describe a series of state lists. If the state of
the resource to which the header is applied does not match any of the specified
state lists then the request MUST fail with a 412 (Precondition Failed). If one
of the described state lists matches the state of the resource then the request
may succeed."

...which seems to reflect the original semantics from
<http://greenbytes.de/tech/webdav/rfc2518.html#rfc.section.9.4>, but then goes
on saying...:

"The server MUST do authorization checks before checking this or any conditional
header. Assuming no other errors, the server MUST parse the If header when it
appears on any request, evaluate all the clauses, and if the conditional
evaluates to false, fail as described above."

...which seems to be a clear contradiction that whta was said previously. So
whatever we decide to do, this certainly needs to be fixed.




------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
Received on Friday, 20 January 2006 19:32:11 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:44:12 GMT