Re: Some problems with the WebDAV protocol from Yoram Last on 1999-04-19 (w3c-dist-auth@w3.org from April to June 1999)

From: Yoram Last <ylast@mindless.com>
Date: Tue, 20 Apr 1999 01:36:34 +0300
To: w3c-dist-auth@w3.org
Message-ID: <371BAFF2.3FF23741@mindless.com>

> > > > So an HTTP/1.1
> > > > client must interpret a 207 as being the same as a 200, although it clearly
> > > > has a totally different meaning in WebDAV.
> > >
> > > I say again: it is not clear that the meaning is totally different.
> >
> > If it isn't different, then it would be OK to return a 200 response code
> > to a WebDAV client in any event that only part of the collection had
> > been deleted. Is that right?
> 
> No, that does not follow.

The (WebDAV) protocol says that a 4xx should be given only in case where all
internal member URIs where deleted and the problem is purely with the topmost
level. This is the weakest possible failure in this case. Any stronger failure,
including total failure (nothing got deleted), MUST yield a 207. So you are
basically saying that it is OK to send a 200 response to an HTTP/1.1 client
in case of a total failure, and you say that this is HTTP/1.1 compliant behavior.
Is that right?

> > > But it's pretty close to theoretical, because the client-side changes to switch from "do
> > > a PUT and know that it'll create a collection" to "do a MKCOL followed by a PUT" are
> > > trivial.
> >
> > And how do I do a MKCOL if I use Amaya, Netscape composer, AOLpress, etc.,...?
> 
> You can use a command-line utility for the (usually rare) occasons when you need it.

That's an interesting move forward in making the web a writable medium.

> > > > Using DAV-like functionality of base HTTP/1.1 is one thing. Redefining that
> > > > functionality is another.
> > >
> > > I assert again that we are not redefining anything; that the changes you see are totally
> > > consistent with the HTTP/1.1 spec.
> >
> > If you make changes you are redefining (by definition).
> 
> No, we are extending.

To extend means to add (functionality). Not to take it away.

> > > No, by requiring special access rights for Depth=infinity.
> >
> > And when the request fails, how do you convey that to client?
> > What status code will you use?
> 
> 401, of course.

To which the client would respond by prompting the user for a password.
Very helpful indeed.


Yoram

Received on Monday, 19 April 1999 18:37:02 UTC