Re: Draft for Resumable Uploads from Austin William Wright on 2022-04-07 (ietf-http-wg@w3.org from April to June 2022)

From: Austin William Wright <aaa@bzfx.net>
Date: Thu, 7 Apr 2022 10:29:15 -0700
To: Eric J Bowman <mellowmutt@zoho.com>
Cc: Julian Reschke <julian.reschke@gmx.de>, Guoye Zhang <guoye_zhang@apple.com>, ietf-http-wg <ietf-http-wg@w3.org>
Message-Id: <FB7AE0DD-0245-45F2-A728-0F72F5651C8D@bzfx.net>

> On Apr 7, 2022, at 01:00, Eric J Bowman <mellowmutt@zoho.com> wrote:
> 
> in the face of both POST and PUT having creation semantics which have always been excluded from PATCH... and GET, for that matter.

PATCH (RFC 5789) specifically permits resource creation <https://httpwg.org/specs/rfc5789.html#patch>:

If the Request-URI does not point to an existing resource, the server MAY create a new resource, depending on the patch document type (whether it can logically modify a null resource) and permissions, etc.

So as long as the PATCH media type can describe creating a resource (which this does), PATCH can create resources.

This is also my understanding of how filesystems work. You don’t have a separate create operation, any write to a file creates it (depending on the flags that are set). You can even write to a nonzero offset and it will create a sparse file.

> >
> > But how would the user-agent know this isn’t intentional?
> > How would it know the file is actually incomplete?
> >
> 
> Because 206 response code.

Ok, so undefined byte ranges would not be returned by the server, is this your understanding?

> >
> > Suppose I am uploading an executable binary, how would
> > I ensure that users cannot download it while it’s still incomplete?
> > 
> 
> By coding your server properly? Sorry. Until the server has accepted an upload, it will continue to respond as it did before; maybe 404, maybe 200 with Etag... the Etag changes when the upload completes... If the resource is meant to be the executable file itself, what does it matter if it's incomplete? I have enough trouble dealing with non-corrupted executables to worry what might happen to those I can't compile let alone execute. ;)
> 

All clients see the same resource, correct? Suppose I’m doing a segmented upload, and I finish the first half of the upload. If I make a GET request, I would expect to see 206 showing the defined bytes. But what about other users that don’t support this response? How do I ensure they’re not downloading a mangled file? Should this return a 4xx error if the client doesn’t support partial content responses?

Thanks,

Austin.

Received on Thursday, 7 April 2022 17:30:31 UTC