Re: GET, POST, and side-effects

Shel Kaphan writes:
    According to Roy in previous discussions about this, proxies are not
    allowed to forward methods they don't know about.  I was told by
    others (Ari?) that this is "for security reasons" but I don't believe
    those reasons.  (I would like to discuss this as a general issue in
    connection with extensibility, but not yet)

and Dave Morris writes:
    Well, it doesn't seem like a major extension to the GET method to
    allow for an entity body from the HTTP documents perspective.

I think both of these suggestions are intellectually respectable
but impossible in practice, since they would make it almost impossible
to interoperate with HTTP/1.0 proxies.  I.e., we could in principle
put something in the HTTP/1.1 requiring proxies to forward methods
that they don't understand, or to forward entity bodies for GET
methods ... but we can't actually enforce this, and so I suspect
the result will could be chaos.

For the time being, let's try to keep the discussion on HTTP-caching
focussed on finding solutions that do not involve changing the
syntax of existing methods or adding new ones.  Adding headers
seems to be the only safely interoperable change we can make.

If an expert on existing proxies can prove me wrong about this,
then I would certainly be open to changing my position.  Otherwise,
since we have relatively little time left, let's not get too
speculative.

Or if someone can propose a carefully worked-out scheme that
allows a client to reliably determine that the request chain
does not go through a pre-1.1 proxy, then we could think about
using that approach.  If you do this, please think it through
before submitting it to the group.

Thanks
-Jeff

Received on Friday, 5 January 1996 21:41:22 UTC