- From: Mark Nottingham <mnot@mnot.net>
- Date: Wed, 3 Jun 2009 12:23:24 +1000
- To: John Kemp <john@jkemp.net>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
Yes, that's what I'm suggesting. Cheers, On 03/06/2009, at 11:33 AM, John Kemp wrote: > Mark Nottingham wrote: >> p2 7.2 currently says about OPTIONS: >>> This method allows the client to >>> determine the options and/or requirements associated with a >>> resource, >>> or the capabilities of a server, without implying a resource >>> action >>> or initiating a resource retrieval. >> That sounds safe to me, > > From p2 7.1.1: > > "In particular, the convention has been established that the GET and > HEAD methods SHOULD NOT have the significance of taking an action > other than retrieval. These methods ought to be considered "safe". > This allows user agents to represent other methods, such as POST, PUT > and DELETE, in a special way, so that the user is made aware of the > fact that a possibly unsafe action is being requested." > > Which suggests to me that "safe" currently means that _only_ a > retrieval operation takes place with safe methods. > >> but I don't see anywhere where this is said explicitly. > > It seems to me that the definition of "safe" would then have to > include operations which do not initiate a resource retrieval at all > (eg. OPTIONS) > >> The answer matters for things like redirection without user >> intervention (assuming we keep that requirement). >> Proposal: Specify that OPTIONS is safe. > > By updating 7.1.1? > > Regards, > > - johnk > >> Cheers, >> -- >> Mark Nottingham http://www.mnot.net/ > -- Mark Nottingham http://www.mnot.net/
Received on Wednesday, 3 June 2009 02:24:07 UTC