Return-Path: X-Original-To: apmail-couchdb-user-archive@www.apache.org Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B92A88052 for ; Tue, 16 Aug 2011 14:55:20 +0000 (UTC) Received: (qmail 39741 invoked by uid 500); 16 Aug 2011 14:55:19 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 39571 invoked by uid 500); 16 Aug 2011 14:55:18 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 39563 invoked by uid 99); 16 Aug 2011 14:55:18 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 16 Aug 2011 14:55:17 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [74.125.83.52] (HELO mail-gw0-f52.google.com) (74.125.83.52) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 16 Aug 2011 14:55:11 +0000 Received: by gwj15 with SMTP id 15so5636677gwj.11 for ; Tue, 16 Aug 2011 07:54:50 -0700 (PDT) Received: by 10.42.159.201 with SMTP id m9mr3371784icx.10.1313506490193; Tue, 16 Aug 2011 07:54:50 -0700 (PDT) MIME-Version: 1.0 Received: by 10.42.173.1 with HTTP; Tue, 16 Aug 2011 07:54:30 -0700 (PDT) In-Reply-To: References: <4E371B93.8060303@kearns.net.au> From: Jason Smith Date: Tue, 16 Aug 2011 21:54:30 +0700 Message-ID: Subject: Re: to CouchApp or not to CouchApp To: user@couchdb.apache.org Content-Type: text/plain; charset=UTF-8 On Tue, Aug 16, 2011 at 9:30 PM, Marcello Nuccio wrote: > Since sketch.png is available only as "image/png", Apache responds > with "image/png" even if "image/jpeg" is preferred according to the > Accept header. > >>> This is what I do if the user is authenticated, and I see no reason >>> for not doing it when the response is a 401. >> >> i don't follow. how it is related? > > > I ask to apply the same logic whatever the status code of the > response. If when the response is "200 OK" the content-type is > "text/html", then why not respond with the same content-type for a > "401 Unauthorized" response? > > Obviously the content will be different (an html login form for the 401). Did you see my previous two emails? Quick summary: 1. That is not the standard. IMHO, if CouchDB should change, it should change toward the standard. 2. Regardless of #1, it is hard to implement. The example of a public image is not the question. The question is you request *something* but you do not have permission. How should Couch respond? To me, the answer is becoming very clear: obey the client Accept header. If the client explicitly asks for HTML, send a 302 bounce; otherwise send 401 JSON. If that breaks futon or some applications, we can fix those as-needed once and for all. -- Iris Couch