Re: LOCKS_SHOULD_THEY_USE_AN_IF_HEADER_TO_VERIFY vs RFC2518bis-05

On Jun 2, 2004, at 8:06 AM, Julian Reschke wrote:

> Lisa Dusseault wrote:
>
>> We have been conservative about changes in RFC2518bis, generally only 
>> changing things where interoperability testing shows that there is a 
>> problem.  In this case, confusion over where to put the lock token in 
>> refresh requests came up in actual implementations and early 
>> interoperability testing.  In addition, it was unclear what to do if 
>> multiple lock tokens appeared in the If header (the Lock-Token header 
>> allows only one).  IOW, the present protocol didn't quite do what it 
>> was supposed to do.
>
> I agree that it is confusing. However, popular clients and servers 
> seems to agree on how it works, so why don't we just write that down?

One problem is that popular clients and servers only do exclusive 
locks, so current practice is not sufficient to answer the unanswered 
questions in RFC2518.  We could cut shared locks from WebDAV, require 
that only one resource's lock may be updated by a LOCK refresh request, 
and that would codify existing practice.  I believe that works even for 
collection locks since a collection lock may not overlap another 
exclusive lock.  So the new requirements would be something like:

  - The LOCK refresh request MUST address the resource that was locked 
(the root of the lock)
  - The If header on the LOCK refresh request MUST contain one (and only 
one) lock token, the token for the lock that is to be refreshed
  - The server MUST reject the request if the request-URI and token do 
not match

Lisa

Received on Wednesday, 2 June 2004 11:16:50 UTC