Re: 2xx/202 and "a priori" from noah_mendelsohn@us.ibm.com on 2002-05-16 (xml-dist-app@w3.org from May 2002)

From: <noah_mendelsohn@us.ibm.com>
Date: Thu, 16 May 2002 10:53:51 -0400
To: Mark Baker <distobj@acm.org>
Cc: xml-dist-app@w3.org
Message-ID: <OF58199106.A4196A3B-ON85256BBB.0052D8CF@lotus.com>

I'm not an HTTP expert.  You're saying that a typical HTTP server, when 
confronted with a POST that it does not understand, responds with a 
"success" code (I.e. 204)?  Who woulda thought?  BTW: to which message of 
Henrik's are you referring?

------------------------------------------------------------------
Noah Mendelsohn                              Voice: 1-617-693-4036
IBM Corporation                                Fax: 1-617-693-8676
One Rogers Street
Cambridge, MA 02142
------------------------------------------------------------------

Mark Baker <distobj@acm.org>
05/14/2002 03:43 PM

        To:     noah_mendelsohn@us.ibm.com
        cc:     xml-dist-app@w3.org
        Subject:        Re: 2xx/202 and "a priori"

Noah,

On Wed, May 08, 2002 at 12:02:42PM -0400, noah_mendelsohn@us.ibm.com 
wrote:
> or (c) through some fluke, an HTTP responder which never intended to be 
a 
> SOAP node miraculously produced a legal response envelope when 
confronted 
> with the POST.  Frankly, I find (c) not worth worrying about at all, and 

> (b) only slightly more interesting.  I think if I were worried about (b) 
I 
> would use application-level checking, as for any other buggy HTTP server 

> response.

My concern is about this scenario;

d) a HTTP node which never intended to be a SOAP node, responds with a
204 when any SOAP message is POSTed to it

(my concern is actually a bit more general than that, but that
description will suffice for now)

Henrik is completely correct when he states that this is just like a
HTML form; that the form provides the context necessary to know what the
HTTP response codes mean.  But in the dozens of SOAP examples I've seen,
none of them talk about this.  It's just assumed that SOAP-RPC/HTTP
works as other RPC protocols; if you invoke a method that isn't
supported, you will get a SOAP fault.

I'll refrain from raising this as an issue now, but will do so after
Last Call.

BTW, I don't believe the use of GET is related to this concern, so I'll
refrain from comment for now.  I just brought it up as an example of
a method that people might try to invoke on arbitrary URIs.

MB
-- 
Mark Baker, CTO             Idokorro Mobile Inc.
Ottawa, Ontario, CANADA.         distobj@acm.org
http://www.markbaker.ca  http://www.idokorro.com

Received on Thursday, 16 May 2002 11:16:20 UTC