Return-Path: X-Original-To: apmail-subversion-dev-archive@minotaur.apache.org Delivered-To: apmail-subversion-dev-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 7832F17E5F for ; Thu, 12 Mar 2015 11:08:22 +0000 (UTC) Received: (qmail 83407 invoked by uid 500); 12 Mar 2015 11:08:22 -0000 Delivered-To: apmail-subversion-dev-archive@subversion.apache.org Received: (qmail 83350 invoked by uid 500); 12 Mar 2015 11:08:22 -0000 Mailing-List: contact dev-help@subversion.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@subversion.apache.org Received: (qmail 83340 invoked by uid 99); 12 Mar 2015 11:08:21 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Mar 2015 11:08:21 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of brane@wandisco.com designates 209.85.212.176 as permitted sender) Received: from [209.85.212.176] (HELO mail-wi0-f176.google.com) (209.85.212.176) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Mar 2015 11:07:56 +0000 Received: by wibbs8 with SMTP id bs8so19289410wib.4 for ; Thu, 12 Mar 2015 04:05:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wandisco.com; s=gapps; h=message-id:date:from:organization:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=7ub1mPtv3YsJbNlVGK+zo6m31JLCW6dP2+TN6YnDFUo=; b=qRRMagzmtQDeK0cvmI7QwxKOnZtUjjvd9FCoFwJmPYaocWa3iu/FF2LechcyGaV+P9 T9wCXiPrQqUwkUfBuA5u2OJfCBt+HuVaIcoEybXEjlq4GVSVF3J/wAfFxUyijuuczGh0 QOilccRvn/qehOmZ4cQs9F2C2x/lmIcJGo7qo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:organization:user-agent :mime-version:to:subject:references:in-reply-to:content-type :content-transfer-encoding; bh=7ub1mPtv3YsJbNlVGK+zo6m31JLCW6dP2+TN6YnDFUo=; b=UYzS/NRK5ZXpO+h40iQiwyZgh11y3wOcwJ+xoeyviKVEK1KkFjDmmCI31QzKIn8/xs sqVnchT8+B3+xXs8eZAzQxspzwx9/hRTvt1Y2SEEu2ERIzz73r4qe/XSUjmf9/W7kR3o 3ctLgwb/f+mcbsa/HikdVo94d5eNZ4LqxQf0AHWNH4C1InOQppuGUQxSEVF4YVvpzuRJ vtRng5YrruLylOr6UlCH1uydT4RvvdU/91yAC5K+tQKZMS5xSttPl/9UUOy/VKGEEIYf gxFv6jRzKCzT1pOhf6LeLVPkR1hB5eZvQAGrdriukou8RroUb265ktxthZL7TgoAzOFO T2qQ== X-Gm-Message-State: ALoCoQnw9RoKwlT8Ha8n9Qw9Z1EH2r2upy/jOwPf3ip1fYuioR7xklA9ETbgD4LPc8jEThRBRpzK X-Received: by 10.181.27.199 with SMTP id ji7mr85074642wid.76.1426158339279; Thu, 12 Mar 2015 04:05:39 -0700 (PDT) Received: from zulu.local ([193.189.166.94]) by mx.google.com with ESMTPSA id dj4sm9514162wjc.13.2015.03.12.04.05.38 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 12 Mar 2015 04:05:38 -0700 (PDT) Received: from zulu.local (localhost [127.0.0.1]) by zulu.local (Postfix) with ESMTP id 9E703E0B223F for ; Thu, 12 Mar 2015 12:05:42 +0100 (CET) Message-ID: <55017306.1090109@wandisco.com> Date: Thu, 12 Mar 2015 12:05:42 +0100 From: =?UTF-8?B?QnJhbmtvIMSMaWJlag==?= Organization: WANdisco User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: dev@subversion.apache.org Subject: Re: svn commit: r1665195 - /subversion/trunk/subversion/libsvn_ra_serf/util.c References: <20150309113940.38AD2AC02F6@hades.apache.org> <550117D3.7060808@wandisco.com> In-Reply-To: <550117D3.7060808@wandisco.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Virus-Checked: Checked by ClamAV on apache.org On 12.03.2015 05:36, Branko Čibej wrote: > On 09.03.2015 12:39, rhuijben@apache.org wrote: >> Author: rhuijben >> Date: Mon Mar 9 11:39:39 2015 >> New Revision: 1665195 >> >> URL: http://svn.apache.org/r1665195 >> Log: >> In ra-serf: stop handling HTTP status 405 'Method forbidden' as a generic >> out of date error. When locking this is the error we get when the resource >> does not exist in HEAD, but in general it tells us that there is an >> authorization problem. >> >> As the lock code has its own http status handling now, we can change >> the error reported from the generic error handling code path. >> >> This should give users that accidentally use anonymous 'http' on a >> server that uses 'https' for authorized operations a much better response, >> than a simple out of date error (with the recommendation to update added >> by their client). >> >> Note that in most cases the detailed error response from the server >> is used instead of this generic error code for just the HTTP status. >> >> * subversion/libsvn_ra_serf/util.c >> (svn_ra_serf__error_on_status): Tweak generic error for http status 405. >> >> Modified: >> subversion/trunk/subversion/libsvn_ra_serf/util.c >> >> Modified: subversion/trunk/subversion/libsvn_ra_serf/util.c >> URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_ra_serf/util.c?rev=1665195&r1=1665194&r2=1665195&view=diff >> ============================================================================== >> --- subversion/trunk/subversion/libsvn_ra_serf/util.c (original) >> +++ subversion/trunk/subversion/libsvn_ra_serf/util.c Mon Mar 9 11:39:39 2015 >> @@ -1762,8 +1762,8 @@ svn_ra_serf__error_on_status(serf_status >> return svn_error_createf(SVN_ERR_FS_NOT_FOUND, NULL, >> _("'%s' path not found"), path); >> case 405: >> - return svn_error_createf(SVN_ERR_FS_OUT_OF_DATE, NULL, >> - _("'%s' is out of date"), path); >> + return svn_error_createf(SVN_ERR_RA_DAV_FORBIDDEN, NULL, >> + _("HTTP method is not allowed on '%s'"), path); >> case 409: >> return svn_error_createf(SVN_ERR_FS_CONFLICT, NULL, >> _("'%s' conflicts"), path); > -1, please revert this. > > * SVN_ERR_RA_DAV_FORBIDDEN is the wrong error code to use here. > "Forbidden" is 403, not 405; the difference is significant. > * Far from being a "better response," the new error message is > arguably more confusing to users than the old one. Most Subversion > users understand "out of date," but I bet most don't know what an > HTTP method is. > * Even if we decided that it's OK to confuse users with the details of > the HTTP protocol, you'd have to tell them *which* method is not > allowed. I'm trying to understand how r1666096 makes things better. We're now using SVN_ERR_RA_NOT_IMPLEMENTED to flag a 405 error from the server, which, IMO, is even worse than before: this error code is used by the RA loader when an URL scheme doesn't map to an RA implementation, and in libsvn_client when a particular RA implementation doesn't support an RA API (which should never happen anyway); neither of these have anything whatsoever to do with the 405 HTTP status. Effectively, that commit only addresses my third point. Can we please start by understanding when, exactly, we can receive a 405 from the server? I can imagine several scenarios: * LOCK something not at HEAD (IIUC, this is handled separately); * Write (PUT, MKCOL, etc.) to a repository on a read-only connection; * Invalid server configuration (e.g., a missing method in a block); * Non-conformant proxy between client and server. Are there other cases? Of the above 4 cases, we already handle the first and have no control over the third and fourth. The question is, can we differentiate the second from the third and fourth cases? It would be useful to be able to tell the user that they're committing to a read-only repository. In any case, I still maintain that "method not allowed" is not a very useful message for the user. -- Brane