Lists Home |
Date Index |
[Didier PH Martin]
> Hi Joshua,
> Joshua said:
> XSLT document() can't do POST either. Saying that "all things that do
> not use GET are inaccessible to GET", is not informative. I understood
> Paul's position, but I think it's a circular argument.
> Didier replies:
> Good point. How many times I was stuck with the problem of not being able
> include a document returned from a form request (i.e. an HTTP POST). The
> XSLT document function is limited to the HTTP GET and do not support the
> different ways to access information through the standard HTTP 1.1. This a
> serious limitation is preventing the full benefit of dynamic documents
> inclusion. Moreover, it seems that XSLT 2.0 don't even resolve the issue.
You could argue that xslt should not be able to POST, because it is
supposed to be free from "side effects", wheras a POST is supposed to add
something to the addressed resource. True, such a change would not be to
the original xml data being transformed, so the point could be argued either
In a practical sense, most processing libraries (cgi libraries, Cold Fusion,
etc.) handle a request the same way whether it has been receved by POST or
GET so it is possible and, I think, common to simply use POST to transmit
larger requests, or more secure ones, without intending to use the POST
semantics of extending the resource. So if you could set the SOAP headers,
and subject to buffer size limitations, you could actually send SOAP
messages using GET and I bet most systems would process them correctly (or
could be made to do so with small modifications).
Whether this would be a serious abuse of GET semantics, or otherwise
undesirable, could be an interesting question.