- From: Yaron Goland <yarong@Exchange.Microsoft.com>
- Date: Sat, 22 Jan 2000 02:32:37 -0800
- To: "Slein, Judith A" <JSlein@crt.xerox.com>, w3c-dist-auth@w3.org
Disclaimer: I still hate the idea of introducing new error codes. I think these should all be 400/500 error codes with a header or a body. I only state this for the record. I think adding a new 5xx code makes the most sense. > -----Original Message----- > From: Slein, Judith A [mailto:JSlein@crt.xerox.com] > Sent: Wednesday, January 19, 2000 6:17 PM > To: 'Yaron Goland'; w3c-dist-auth@w3.org > Subject: RE: WebDAV Bindings - Issue Yaron.403 > > > The previous revision of the spec had a separate error code > for this case, > and I have no objection to putting it back in. I think it > would be a 5xx > rather than a 4xx though. There's no error in the request, > it's just that > the particular server has a policy forbidding creation of loops. > > --Judy > > -----Original Message----- > From: Yaron Goland [mailto:yarong@Exchange.Microsoft.com] > Sent: Sunday, January 16, 2000 8:48 PM > To: w3c-dist-auth@w3.org > Subject: WebDAV Bindings - Issue Yaron.403 > > > > Section 5.2 of the Bind spec instructs the reader that if a > server wishes to > reject a BIND request because it would cause a loop then the > server should > return a 403 (Forbidden). However 403 is overloaded as it is. > For example, a > 403 could mean that the method is banned at the moment for > some reason even > though it is normally supported. This means that someone > trying to write an > API to issue a BIND never really knows what a 403 means and > so doesn't know > if they should tell the user that the server is currently > just not going to > let the user perform this action or if the problem is that > the action would > result in a loop. Therefore the use of 403 introduces a > vagueness into the > response. > > Therefore I move that a new 4xx error code be > introduced to cover > the case when a server refuses a BIND because it would cause a loop. > > Yaron > > P.S. I think that the introduction of all these new error codes is a > mistake. A new error code should only be, in my opinion, > introduced when it > provides a very high level error description that could be > reasonably used > by members of the HTTP infrastructure, meaning firewalls and proxies. > Otherwise only the x00 errors should be used for everything > and either new > headers or a body should be introduced to give detailed error > information. > But I'm way too busy to try and push for this change so for > the moment let's > just throw another error code on the barbie until people go > insane with > them. It will be interesting to see how bad things have to > become before we > can get this fixed. >
Received on Saturday, 22 January 2000 05:33:11 UTC