RE: Issues: MKCOL_AND_302 from Geoffrey M Clemm on 2003-06-27 (w3c-dist-auth@w3.org from April to June 2003)

From: Geoffrey M Clemm <geoffrey.clemm@us.ibm.com>
Date: Fri, 27 Jun 2003 08:53:44 -0400
To: w3c-dist-auth@w3c.org
Message-ID: <OF61DB40FB.B5941EE7-ON85256D52.00461EF7-85256D52.0046D69D@us.ibm.com>

Yes, a user agent should ask for user confirmation before doing the
forwarding, but that is standard 302 handling for a method
that is not safe (i.e. MKCOL is no different from PUT, DELETE, etc. in
this regard). So MKCOL should acts as is defined by section 10.3.3
of RFC-2616, so I don't see why it needs to have anything special said
about it wrt 302 handling.

Cheers,
Geoff

w3c-dist-auth-request@w3.org wrote on 06/27/2003 08:13:00 AM:

> 
> > From: w3c-dist-auth-request@w3.org 
[mailto:w3c-dist-auth-request@w3.org]On
> > Behalf Of Geoffrey M Clemm
> > Sent: Friday, June 27, 2003 1:37 PM
> > To: 'Webdav WG'
> > Subject: RE: Issues: MKCOL_AND_302
> >
> >
> >
> > Why do you think the answer is "a"?  If the URL to which the
> > 302 is redirecting the client is not mapped to a resource,
> > a MKCOL to that URL can succeed (privileges permitting), so
> > I would conclude that "b" is the correct answer (and therefore,
> > MKCOL acts like any other method wrt 302 handling).
> 
> But a user agent never would be able to automatically forward the MKCOL 
to
> the target, because MKCOL isn't a safe method, right?
> 
> Julian
>

Received on Friday, 27 June 2003 08:53:57 UTC