OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] Elliotte Rusty Harold on Web Services

[ Lists Home | Date Index | Thread Index ]

On Fri, 31 Jan 2003 12:51:53 -0500, Mark Baker <distobj@acm.org> wrote:

> In the former, the data that is sent is just data, not a request for
> action.  POST is the action.  If it were sent with HTTP PUT, it would
> mean something entirely different.

Back to our canonical disagreement :-)  My position is that the "interface" 
is the totality of the contract between producer and consumer; the 
difference between "just data" and "request for action" is pretty fuzzy at 
best. (LISP being the usual example, I guess).  The "action" is whatever 
happens on the server, however that got invoked.  Call it a "method", call 
it a "request", call it a "suggestion" ... some code will parse the "just 
data" and decide to do something.

Disallow POST and insist that all GETs be safe and PUTs idempotent, and I 
would agree that REST is less of a security hole, but it's gonna be hard to 
do application integration that way.


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS