- From: Norman Walsh <ndw@nwalsh.com>
- Date: Thu, 16 Apr 2009 18:44:12 -0400
- To: public-xml-processing-model-comments@w3.org
- Message-ID: <m2ws9k9q2r.fsf@nwalsh.com>
Florent Georges <fgeorges@fgeorges.org> writes:
>> In short, we're content with 7.1.10.3.1 as it stands in the current
>> editor's draft.
>
> I don't like this section for two reasons: 1/ I'd prefer SHOULD than
> MUST, as I can imagine implementors could have good reason not to do
> so, and 2/ it does not make any difference regarding the method, while
> the HTTP RFC allows an implementation to follow redirect only for GET
> and HEAD (technically, an implementation couldn't be both HTTP and
> XProc conformant.)
Oh, you're absolutely right about the methods. That came
up...somewhere, but I seem to have dropped it. I will work on getting
that fixed.
And I guess I could live with SHOULD, like cookies.
>> On a personal note, can you explain how the Google use of redirects
>> for authentication requires a pipeline to *not* follow the redirect in
>> order to access the API? I would have thought that was a case were
>> following the redirect (perhaps with cookies preserved) was
>> *necessary*.
>
> Really, I'd like to give you an answer, but I do not have anyone :-/
> Two months is a long time ;-) If I remember well, I got an
> implementation that followed a 302 on a POST request, and followed the
> redirection as a GET (while the authentication info were in the body.)
> This is not conformant to the HTTP RFC, and I can't find doc about
> that in GData authentication. So maybe my memories are playing with
> me...
Ok. I'll spend some more time with it. That could just be an XML
Calabash bug :-)
Be seeing you,
norm
--
Norman Walsh <ndw@nwalsh.com> | To the man who is afraid everything
http://nwalsh.com/ | rustles.-- Sophocles
Received on Thursday, 16 April 2009 22:45:00 UTC