W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2009

Is OPTIONS Safe?

From: Mark Nottingham <mnot@mnot.net>
Date: Wed, 3 Jun 2009 11:19:19 +1000
Message-Id: <5D94B6EB-C1AB-4C5D-8748-AA1733BA0D31@mnot.net>
To: HTTP Working Group <ietf-http-wg@w3.org>
p2 7.2 currently says about OPTIONS:
> This method allows the client to
>    determine the options and/or requirements associated with a  
> resource,
>    or the capabilities of a server, without implying a resource action
>    or initiating a resource retrieval.
That sounds safe to me, but I don't see anywhere where this is said  
explicitly.

The answer matters for things like redirection without user  
intervention (assuming we keep that requirement).

Proposal: Specify that OPTIONS is safe.

Cheers,

--
Mark Nottingham     http://www.mnot.net/
Received on Wednesday, 3 June 2009 01:19:57 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:19 UTC