Re: Content Sniffing impact on HTTPbis - #155

tis 2009-06-16 klockan 15:52 +0100 skrev Jamie Lokier:

> The is clearly not true in the case of some forms and web applications,
> where every step through the form/application is served on the same
> URL, with state managed through a combination of POSTed hidden form
> fields and/or server-side state addressed through cookies or a URL token.

For POST resources the assumption is that the function of the resource
is pretty much the same regardless of which "representation" was
negotiated given similar request payload. But it's hard to talk about
"representation" in the same manner for POST resources..

> It's clearly the same resource they are dealing with ("the
> form/appliction"), I won't argue against that, but the representations
> served up have quite different semantic meanings to the user.

The "resource" in case of POST is the server agent accepting the POST
request and producing a response representation based on the input and
server state.

> An entire complex site can be constructed that way.

Sure. And some do it that way... one of the banks I use for example..
(very annoying interface, but that's another story).

> > but can naturally not enforce it.
> 
> Does that mean such applications are not complying with
> specifications, even though they are technically possible?

Do you mean applications providing entirely different representations of
the resource in response to negotiation, or the POST case discussed
above?

Both comply with the spec, even if the first is not how negotiation of
the representation is supposed to be used, but nothing breaks from it
except for confused users and their confidence in the site/service when
content differ completely when using different browsers or browser
versions...

Regards
Henrik

Received on Tuesday, 16 June 2009 18:09:23 UTC