W3C home > Mailing lists > Public > xml-dist-app@w3.org > May 2001

RE: SOAPAction Proposal

From: Henrik Frystyk Nielsen <henrikn@microsoft.com>
Date: Mon, 7 May 2001 22:05:24 -0700
Message-ID: <79107D208BA38C45A4E45F62673A434D0297CBF1@red-msg-07.redmond.corp.microsoft.com>
To: <Noah_Mendelsohn@lotus.com>, "Doug Davis" <dug@us.ibm.com>
Cc: <marting@develop.com>, <xml-dist-app@w3.org>

>what do users of an HTTP binding need to get at w/o
>cracking the XML.  If there is such info, then we should
>have HTTP headers. 

Good question. There are at least a few cases where having some
information in the HTTP header fields could be of help - if for nothing
else then to shut off messages unless they are signed or otherwise
verified:

A) The sender could apply content encoding (like deflate) to the entity
body which would make it cumbersome to inflate the message to see what
it is if one desired to do so.

B) There is the question of what to do with MIME multipart/related
binding. There the media type is multipart/related and only by looking
for the root entity can it be determined that this is in fact a SOAP
message.

C) One could imagine an encrypted SOAP message embedded in MIME
multipart where there is no mechanism whatsoever to look through the
message unless one is the chosen one.

I am sure there are more. In fact these are all very similar to what one
might imagine the content type [1] can be used for (and often is).

Henrik

[1] http://www.w3.org/Protocols/rfc2616/rfc2616-sec7.html#sec7.2.1
Received on Tuesday, 8 May 2001 01:18:57 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:59:01 GMT