Re: #238, was: User interface requirements for redirecting to unsafe methods from Mark Nottingham on 2012-10-23 (ietf-http-wg@w3.org from October to December 2012)

From: Mark Nottingham <mnot@mnot.net>
Date: Tue, 23 Oct 2012 18:12:15 +1100
To: Julian Reschke <julian.reschke@gmx.de>
Cc: Maciej Stachowiak <mjs@apple.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <702054BA-0177-488B-963F-BB496D5A2E14@mnot.net>

On 23/10/2012, at 6:00 PM, Julian Reschke <julian.reschke@gmx.de> wrote:
> 
> the text you complained about back then has been rewritten a few months ago. Please check the WGLC draft.
> 
> With respect to tracking: I think this is issue <http://trac.tools.ietf.org/wg/httpbis/trac/ticket/238>, see also <http://lists.w3.org/Archives/Public/ietf-http-wg/2012JanMar/0928.html>.


Yes. 

I do see, however, that we have this language at the top of <http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-21#section-7.4>:

> If the required action involves a subsequent HTTP request, it MAY be carried
>    out by the user agent without interaction with the user if and only
>    if the method used in the second request is known to be "safe", as
>    defined in Section 5.2.1.

MAY... if and only if is a badly constructed requirement, and it also goes against the resolution of #238. I'll enter a WGLC issue to correct that.

Thanks,


--
Mark Nottingham   http://www.mnot.net/

Received on Tuesday, 23 October 2012 07:12:25 UTC