Re: i19 Bodies on GET (and other) requests from Henrik Nordstrom on 2007-01-16 (ietf-http-wg@w3.org from January to March 2007)

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Wed, 17 Jan 2007 00:45:53 +0100
To: Mark Nottingham <mnot@mnot.net>
Cc: Scott Lawrence <scott@skrb.org>, "Roy T.Fielding" <fielding@gbiv.com>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-Id: <1168991153.8494.79.camel@henriknordstrom.net>

ons 2007-01-17 klockan 09:49 +1100 skrev Mark Nottingham:

> "A server SHOULD read and forward a message-body on any request. If  
> the request method does not include defined semantics for an entity- 
> body, or if the request method is unrecognised, then the message-body  
> SHOULD be ignored by servers and caches when handling the request."

Looks good to me, but I don't think it really matters. The specs is
quite clear, it just takes time to grok the "ignore" aspect of GET
request message bodies when using such messages doesn't make sense. In
worst case an implementer takes the safe route and selects not to cache
the response.

But the security issues related message bodies deserves a separate
discussion in what can be done in the specs to improve the situation.

Regards
Henrik

Received on Tuesday, 16 January 2007 23:46:06 UTC