Re: GET on a reference from John Stracke on 1998-06-29 (w3c-dist-auth@w3.org from April to June 1998)

From: John Stracke <francis@netscape.com>
Date: Mon, 29 Jun 1998 13:34:06 -0700
To: w3c-dist-auth@w3.org
Message-ID: <3597FA3E.66AB1904@netscape.com>
Judith Slein wrote:

> If requests were automatically redirected to its target resource,
> this would not be possible.

I believe the major concern comes when a method on the reference is applied to
the target by the *server*.  In such a case, it becomes impossible for a
client to distinguish between the reference and the target at all (besides
which, it complicates the question of access control).  Redirection by 302
relies on the client to go work on the target; it puts the client in control,
and lets the client decide that it really did want to work on the reference.

> So for GET and HEAD, the client might really be wanting to see the headers
> of the reference (not its target).

But what are the headers of a reference? It seems to me that they're whatever
you get back from GET or HEAD.  Turning it around, this means that, if you GET
a reference, you should receive headers describing the reference, not the
target.

> It looks to me as if this is not
> possible if we require a 302 response.

Sure it is.  If URI A points to URI B, then the 302 response (with its
headers) is accessed via "GET A", and the 2xx response of fetching B is
accessed via "GET B".  So the GET A response can hold whatever headers you
want the reference to have.

> Similarly for PUT,

Yeah, I'm not so sure about PUT.  I suspect the simple answer is to tell
people, if they want to upgrade their server to a DAV server, and they want to
use all the DAV features, then people publishing to it need to use DAV
clients.

GET is different because GET is used by the consumers of the resource, and the
publishers usually can't order the consumers to upgrade their browsers.  If
references don't support GET, HEAD, and POST in a way that ordinary HTTP
browsers can handle, then I guarantee you that references will not be used.

> As far as indicating the type of resource, I would be more inclined to
> define a new Resource-Type header that contains the value of the
> DAV:resourcetype property than to reuse a different header for a purpose
> other than its intended one.

Yeah, I could see that.  I was trying for parsimony--don't invent more headers
than we need to--but reusing a header makes it harder for us to extend its
meaning.

--
/====================================================================\
|John (Francis) Stracke    |My opinions are my own.|S/MIME supported |
|Software Retrophrenologist|=========================================|
|Netscape Comm. Corp.      | Cogito ergo Spud.  (I think, therefore  |
|francis@netscape.com      |  I yam.)                                |
\====================================================================/
New area code for work number: 650
Received on Monday, 29 June 1998 16:33:46 UTC