- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Sat, 29 Oct 2005 10:20:45 +0200
- To: Geoffrey M Clemm <geoffrey.clemm@us.ibm.com>
- CC: webdav <w3c-dist-auth@w3.org>
Geoffrey M Clemm wrote: > > To avoid sending the PUT body twice, why can't a client just > use the standard HTTP "Expect 100-Continue" header? It could, but it's a known problem that few servers implement that correctly, meaning that the expected header check is indeed skipped (for instance, a server using the servlet API normally doesn't have any chance doing this check, see <http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4812000>). > And if a client is proactively checking for authentication preceding > a series of PUT calls, then having it just perform an initial LOCK/UNLOCK > to get the credential challenge doesn't seem like an unreasonable overhead > (2 initial requests). > > So is this just a technique for servers that want to provide this > capability but don't want to support LOCK? Seems so, because LOCK seems to be yet another existing way to get what those clients want. Best regards, Julian
Received on Saturday, 29 October 2005 08:21:27 UTC