- From: Anne van Kesteren <annevk@opera.com>
- Date: Fri, 11 Jan 2008 12:18:32 +0100
- To: "Williams, Stuart (HP Labs, Bristol)" <skw@hp.com>, "David Orchard" <dorchard@bea.com>, "WAF WG (public)" <public-appformats@w3.org>
- Cc: "www-tag@w3.org" <www-tag@w3.org>
On Wed, 09 Jan 2008 16:50:14 +0100, Williams, Stuart (HP Labs, Bristol) <skw@hp.com> wrote: > My reflection over the New Year break period is simply as follows: > > I think that AC decision should be made wrt to operation as a whole > (GET, PUT, POST, DELETE...) ie. given a permission to proceed with an > operation it should then be allowed to run to it's normal termination. > At spec'd at present, AC decisions are made on each 'phase' of a > two-phase operation - spliting state-changing operation in a way that > potential allows partial success and a 'split-horizon' view of the > outcome (one party thinks success the other is not allowed to find out). To be clear, for GET this is not the case. That is the only HTTP method that goes straight through and where only a single check is performed (because cross-site GET is already possible and we only need to protect the return data). The two checks for the other methods are different. The first check (on the preflight GET) is to determine whether we the user agent can send the request. The second check (on the actual request) is to determine whether the user agent can expose the entity body to the protocol it's dealing with (protocol being XMLHttpRequest for instance). In other words, the first is for sending and the second is for reading. In theory these could be different. > So... on the purity side; I think the granularity of AC decisions should > be whole operations... and, as an aside, intentional language that > described the intended grain size is would be helpful whether or not you > agree with me over what that grain size should be. -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
Received on Friday, 11 January 2008 11:15:47 UTC