RE: WebDAV and 404-handling from Eriksson, Michael on 2003-01-17 (w3c-dist-auth@w3.org from January to March 2003)

From: Eriksson, Michael <Michael.Eriksson@bauer-partner.com>
Date: Fri, 17 Jan 2003 12:47:53 +0100
To: "Julian Reschke" <julian.reschke@gmx.de>, <w3c-dist-auth@w3.org>
Message-ID: <2C5637A6A7CE844EA3C0A94565479F529B05A0@dest-as20-002.int.bauer-partner.com>

Julian,

> I've been looking at the servlet spec (2.4) and the bug reports you cited.
> As far as I understand the topic, the servlet engine allows you to specify
> specfic URIs for error pages, but as you do so, it's your own job to ensure
> that the proper HTTP status is sent.

Correct.

>So if you map 404 response to an error
> page, that error page should send out an HTTP status of 404 as well:

Theoretically, yes. Their might however be pragmatic reasons not do so.
Specifically, Internet Explorer has a configurable setting
("friendly error messages" or similar) that ensures that most users
never see the body sent by the server for a 404. Instead a standard message
builtin in Internet Explorer is displayed.

(Yes, I know what this list thinks about breaking server-side behaviour
to accomodate client-side behaviour, but thats life.)

> "If you point at a webapp resource that *itself* returns a 200 status
> (which is the default behavior for static resources served by the
> file-serving servlet, and which is what JSP pages will return unless you
> do something different inside them), a 200 is what you should see in the
> final response to the client.
> 
> If you want something different, map your error page handlers to a servlet
> that does something different."
> 
> I agree though that this mechanism makes it ridicoulously easy to produce
> broken HTTP responses.

Indeed, until stumpling upon the problem with IE that I mentioned in
my original email, I had no idea about this behaviour.

> > ...
> > Even if the status _is_ set a client that relies on the
> > content of the original body is in difficulties -- because
> > somewhere along the line the assumption was made that it was
> > safe to send a user oriented body.
> > ...
> 
> In which case you shouldn't use the mapping.

If this is an option. But remember that this part relates to the
discussion about the existance of a "user vs. software oriented
assumption". In other words, by using the mapping one effectively
assumes that the output is user oriented.
(That this is, at least potentially, a bad thing is indisputable.)
Cf. my original mail.

[snip]

Thank you for time and help,

Michael

Received on Friday, 17 January 2003 06:47:55 UTC