Re: two-phase send concerns

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: David W. Morris: "Re: two-phase send concerns"
• Previous message: Larry Masinter: "HTTP WG meeting in Dallas: Summary"
• In reply to: Jeffrey Mogul: "Re: two-phase send concerns"
• Next in thread: Roy T. Fielding: "Re: two-phase send concerns"

On Thu, 7 Dec 1995, Jeffrey Mogul wrote:

> One answer would be "it doesn't matter" (more precisely, "it's
> up to the server implementer").  Take your first example: if the
> client wants to PUT a zillion bytes to a location that requires
> authentication, then does it really matter why it fails?  Either
> way, it can't be done.

Well there is the interesting situation where the server requires
authentication for a PUT AND also can't accept 1meg of data.
The way WWW/HTTP authentication works, the client may not know that
authentication is required until attempting the PUT and getting the
401 unauthorized response.  HENCE, we have a situation where the
client could be presented two possible errors, one which it can possibly
correct and one which it can't ever correct. In normal transaction flow
authentication would be verified and the semantics of the request would
be verified.  YET, what is the point of a server issuing an unauthorized
response when it could/should/might know it's is never going to process
the transaction anyway.  As an end user, I'd be mightly annoyed if I
did what I believed was valid, was delayed for the password prompt in
response to the 401 UNAUTHORIZED and possibly some substantial delay
because of the bytes in the pipe the first time only to be then told that
the size of the data to PUT was too big.

• Next message: David W. Morris: "Re: two-phase send concerns"
• Previous message: Larry Masinter: "HTTP WG meeting in Dallas: Summary"
• In reply to: Jeffrey Mogul: "Re: two-phase send concerns"
• Next in thread: Roy T. Fielding: "Re: two-phase send concerns"