Re: Request methods that allow an entity-body from Adrien de Croy on 2007-11-30 (ietf-http-wg@w3.org from October to December 2007)

From: Adrien de Croy <adrien@qbik.com>
Date: Fri, 30 Nov 2007 14:16:33 +1300
To: David Morris <dwm@xpasc.com>
CC: Mark Baker <distobj@acm.org>, Scott Nichol <snicholnews@scottnichol.com>, ietf-http-wg@w3.org
Message-ID: <474F6471.1030304@qbik.com>

that post does, but if you follow the thread through, Roy spells out 
clearly what the requirements are, that being that message parsing 
should not be dependent on the method, and that therefore (except for 
HEAD response for legacy reasons), one should not assume that any 
message (request or response) may not have an entity body.  If any 
message is to have an entity body, it must have a non-zero 
Content-Length header, or a Transfer-Encoding header.

This is required for extensibility - the ability of existing 
infrastructure to deal with new methods, which may or may not need to 
use entity bodies in requests.

This is also why there's an explicit requirement for proxies to forward 
unknown methods (depending on admin policy of course, but must be 
capable of doing it).

Regards

Adrien

David Morris wrote:
> Which agrees with the point that this was incompletely specified in the
> RFC. http://lists.w3.org/Archives/Public/ietf-http-wg/2002JulSep/0026.html
>
> On Thu, 29 Nov 2007, Mark Baker wrote:
>
>   
>> This question pops up every few years.  Read this thread over;
>>
>> http://lists.w3.org/Archives/Public/ietf-http-wg/2002JulSep/thread.html#msg24
>>
>> Mark.
>>
>> On 11/29/07, Scott Nichol <snicholnews@scottnichol.com> wrote:
>>     
>>> Section 4.3 states
>>>
>>> <quote>
>>> The presence of a message-body in a request is signaled by the inclusion
>>> of a Content-Length or Transfer-Encoding header field in the request's
>>> message-headers. A message-body MUST NOT be included in a request if the
>>> specification of the request method (Section 5.1.1) does not allow
>>> sending an entity-body in requests.
>>> </quote>
>>>
>>> I do not see any place in the specification where it says that any
>>> request does not allow sending an entity-body.  I might guess that GET
>>> and HEAD do not allow an entity-body, but isn't the spec supposed to
>>> remove guesswork?  The spec would be better if, for each request method,
>>> it were stated whether or not an entity-body is allowed.
>>>
>>> Scott Nichol
>>>
>>>
>>>
>>>       
>>
>>     
>
>   

-- 
Adrien de Croy - WinGate Proxy Server - http://www.wingate.com

Received on Friday, 30 November 2007 01:15:56 UTC