httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roy T. Fielding" <field...@gbiv.com>
Subject Re: Proxying OPTIONS *
Date Mon, 01 Oct 2007 19:05:41 GMT
On Oct 1, 2007, at 11:02 AM, Jim Jagielski wrote:
> TRACE also does not/should not trace to the filesystem.
> So, I think what we should do is use the existing
> architecture and have a quick_handler that checks for
> the OPTIONS * case and, if so, return DONE.

fine.

> I am not sure, to be honest, what we should do for
> OPTIONS /foo if /foo is a protected entity... Reading
> 9.2: "communication options available on the request/response
> chain... without implying a resource action or initiating a
> resource retrieval" implies to me that ACL shouldn't even
> enter into it and should never return a 403... Which
> also implies that we should not honor any Limit for
> Options either...

No, what the client wants are the communication options.  It is
commonly used to find out what is required for a PUT before the
request with big body is sent.  We want to return 401, 403, ...

....Roy


Mime
View raw message