W3C home > Mailing lists > Public > www-tag@w3.org > April 2004

Re: HTTP Patch proposal

From: Mark Baker <distobj@acm.org>
Date: Tue, 27 Apr 2004 10:37:16 -0400
To: Graham Klyne <gk@ninebynine.org>
Cc: www-tag@w3.org
Message-ID: <20040427143715.GH10616@markbaker.ca>

On Tue, Apr 27, 2004 at 11:43:34AM +0100, Graham Klyne wrote:
> I don't think this poses any fundamental problems for Web architecture, but 
> the only reason I can see for not using POST is this:
> [[
>    The PATCH request is subject to access control, which in turn may
>    require authentication.  The PATCH request SHOULD be subject to the
>    same access control permissions as the PUT request.
> ]]

I wouldn't personally use POST, because the semantics of PATCH seem to
be very similar to PUT.  i.e. the client has direct visibility into the
terminal state of the resource, even in part.

FWIW, I've come close a couple of times (though I never actually needed
to, in the end) to doing something like PATCH using RFC 3229, "Delta
encoding in HTTP".  While targetted at delta updates via GET, it says

     Nothing in this specification specifically precludes the use of
     a delta encoding for the body of a PUT request.  However, no
     mechanism currently exists for the client to discover if the
     server can interpret such messages, and so we do not attempt to
     specify how they might be used.

Which makes sense; HTTP's lack of support for mandatory extensions makes
deploying these kinds of extensions difficult.  So the options seem to

- M-PUT (RFC 2774) + RFC 3229
- a PUT binding for SOAP + RFC 3229

FWIW, if there was anything for the TAG to consider here, it might be to
document some best practices for deploying various forms of HTTP
extensions and to help protocol developers understand the tradeoffs.

Mark Baker.   Ottawa, Ontario, CANADA.        http://www.markbaker.ca
Received on Tuesday, 27 April 2004 10:38:24 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:32:41 UTC