- From: Greg Stein <gstein@lyra.org>
- Date: Fri, 5 May 2000 15:42:36 -0700 (PDT)
- To: ccjason@us.ibm.com
- cc: Kaushik Sridharan <kaushik@ruksun.com>, w3c-dist-auth@w3.org
On Fri, 5 May 2000 ccjason@us.ibm.com wrote: > Are responses for specific methods required to be multistatus? > .. > I apologize if this question has been answered before on this list. > > I believe it has been discussed. I believe I brought it up and > the conclusion was that PROPPATCH and PROPFIND must return > multistatus and take no shortcuts. The reasoning behind this > was that it made things more predictable for the client and > really wasn't any harder for the server. > > If it's not already on the issues list, a clarification of this > should be added to that list. I would disagree. I think that it is quite valid to return something like 403 (Forbidden) or 401 (Authorization required) as a response. Heck, you could also return something like 412 or 301, too. In each of these cases, the 3xx or 4xx applies to the Request-URI. If a status code ever applies to a URI *other* than the Request-URI (say, caused by a Depth: header), then a 207 (Multistatus) MUST be returned. Cheers, -g -- Greg Stein, http://www.lyra.org/
Received on Friday, 5 May 2000 18:47:27 UTC