[
Lists Home |
Date Index |
Thread Index
]
- From: David Brownell <david-b@pacbell.net>
- To: XML Dev <xml-dev@ic.ac.uk>
- Date: Thu, 24 Jun 1999 13:01:04 -0700
John Cowan wrote:
>
> Richard Tobin wrote:
>
> > > That *is* supposed to be a rule: that you can GET the same URL
> > > as many times as you want with no changes. Otherwise caching
> > > would not work.
> >
> > Surely the whole mechanism of HTTP "if-modified-since" and "expires"
> > headers exists because this is not true?
>
> I overstated my case. What I meant was that the *very act* of
> doing a GET is not supposed to change anything. Obviously the
> *result* of doing a GET may change over time.
Correction appreciated ... :-)
To nuance it just a bit more: GET is supposed to repeatable
pretty much any way a web user agent wants, so it must meet two
basic characteristics.
(a) be "idempotent" ... the cache control and conditional
get facilities don't fight that (very much) if you
consider examples like getting balances or quotes;
(b) not involve an action involving accountability ... so
it's extremely unhealthy to use a "GET" to purchase
something on-line, or sign a document, etc.
See the HTTP/1.1 specification for the details. (I don't think
it mentions the security risks of having sensitive data living
in query params, though -- it can be logged and passed to other
web sites through "Referer" header fields.)
With respect to identity -- yes, what something "is" appears to
be a function of what you're trying to do with it. If all you've
got is a hammer, everything's a nail (as they say). A POST to a
URL, or a PUT, can give different results than a GET to it. It'd
be bad to settle on a notion of identity that assumes only GET is
used on the web!
- Dave
xml-dev: A list for W3C XML Developers. To post, mailto:xml-dev@ic.ac.uk
Archived as: http://www.lists.ic.ac.uk/hypermail/xml-dev/ and on CD-ROM/ISBN 981-02-3594-1
To (un)subscribe, mailto:majordomo@ic.ac.uk the following message;
(un)subscribe xml-dev
To subscribe to the digests, mailto:majordomo@ic.ac.uk the following message;
subscribe xml-dev-digest
List coordinator, Henry Rzepa (mailto:rzepa@ic.ac.uk)
|