Re: Proposed HTTP SEARCH method update from Julian Reschke on 2015-05-20 (ietf-http-wg@w3.org from April to June 2015)

From: Julian Reschke <julian.reschke@greenbytes.de>
Date: Wed, 20 May 2015 08:09:18 +0200
To: Wenbo Zhu <wenboz@google.com>, Philippe Mougin <pmougin@acm.org>
CC: James M Snell <jasnell@gmail.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <555C250E.6070502@greenbytes.de>

On 2015-05-20 00:08, Wenbo Zhu wrote:
>
>
> On Sun, May 3, 2015 at 11:45 PM, Philippe Mougin <pmougin@acm.org
> <mailto:pmougin@acm.org>> wrote:
>
>
>      > Le 10 avr. 2015 à 18:00, James M Snell <jasnell@gmail.com
>     <mailto:jasnell@gmail.com>> a écrit :
>      >
>      > Please see:
>     http://datatracker.ietf.org/doc/draft-snell-search-method/
>      >
>      > Comments welcome.
>      >
>      > - James
>      >
>
>     James,
>
>     I think the introduction chapter fails to correctly characterize the
>     way GET is commonly used to support search operations.
>
>     The draft gives an example
>     ("http://example.org/feed?q=foo&limit=10&sort=-published") and
>     states: "The path identifies the resource processing the query (in
>     this case 'http://example.org/feed') while the query identifies the
>     specific parameters of the search operation."
>
>     This description recasts the Web model into an RPC-like system where
>     the http://example.org/feed resource is a little bot we send
>     parameters to in order for it to perform a search.
>
> +1
>
> SEARCH with a body feels as bad as "X-HTTP-Method-Override" alike (when
> one has to work around the URL encoding limit to turn a GET into POST),
> and neither will be safely retried or cached, yet.

SEARCH can be safely retried, and some pieces of code already know that.

Also: X-HTTP-Method-Override is a hack people used when they couldn't 
use new methods (for some value of "new"). Why does *not* using this 
hack feel to you like doing it? /me confused.

> GET with a body: to ensure no server will ignore the body, could we
> expect the client to generate a unique token in the URL? Also, I think

a) How is this supposed to work? b) Even if it did, how is mangling 
things into the URL ever a good idea?

> the C-T alone will be sufficient to categorize a GET as a search
> request, by supported proxies/servers.

Yes, if you rewrite all components that currently do not expect GET with 
bodies.

 > ...

Best regards, Julian

Received on Wednesday, 20 May 2015 06:09:45 UTC