RE: WebDAV methods: safe and idempotent

> > PROPFIND: safe, idempotent
> > PROPPATCH: unsafe, idempotent
>
> ...*provided* you're not using any funky live properties.  Live properties are
> behavior, not state, so they have safeness and idempotency, too.  So, really,
> you have to assume that both PROPFIND and PROPPATCH are unsafe and
> non-idempotent unless you know the safeness and idempotency of all the
> properties in use.

I think it's more appropriate to define 'live properties' such that
they have the same relationship to safety and idempotency of PROPFIND
and PROPPATCH as 'resources' have to GET and PUT. That is:

 even though the property is live, PROPFIND of any property
SHOULD be safe and idempotent, and PROPPATCH should be idempotent.


> (This is the same issue as CGIs in base HTTP/1.1; a CGI script could be built
> that reacts unsafely to GET, but it wouldn't be HTTP/1.1-compliant; it's
> supposed to use POST if it's unsafe.  But we don't have PROPFIND-GET and
> PROPFIND-POST.)

We should make the correspondence of PROPFIND-GET and PROPPATCH-PUT
(not POST). Not having done so is an flaw in the WebDAV spec that
SHOULD be corrected, not celebrated.

Larry

Received on Friday, 13 August 1999 15:27:24 UTC