- From: Nathan <nathan@webr3.org>
- Date: Wed, 19 May 2010 15:36:59 +0100
- To: HTTP Working Group <ietf-http-wg@w3.org>
Hi All, I've hit on a scenario where we'd like to identify resource with http scheme URIs; where safe methods are exposed via standard HTTP, whereas unsafe methods (in this case PUT and DELETE) would be exposed via HTTPS. I'm entirely unsure how to approach this, can find little documentation on doing Upgrade; and am very unsure what it means to PUT to https://.. and GET from http://. The HTTP spec specifies "The PUT method requests that the enclosed entity be stored at the supplied request-target." and under p1 messaging 4.2 "The exact resource identified by an Internet request is determined by examining both the request-target and the Host header field." The above would lead me to believe that in both an http and https request (when using the 'path-absolute') that the resource identified in both cases is a scheme-less concatenation of host & 'path-absolute'. However when an the request-target is an absolute-URI then..? (do we chop the schemes off to get the resource identified?) As you can see, in need of some clarification, Best, Nathan
Received on Wednesday, 19 May 2010 15:37:57 UTC