On Oct 1, 2007, at 11:02 AM, Jim Jagielski wrote:
TRACE also does not/should not trace to the filesystem. So, I think what we should do is use the existing architecture and have a quick_handler that checks for the OPTIONS * case and, if so, return DONE.
fine.
I am not sure, to be honest, what we should do for OPTIONS /foo if /foo is a protected entity... Reading 9.2: "communication options available on the request/response chain... without implying a resource action or initiating a resource retrieval" implies to me that ACL shouldn't even enter into it and should never return a 403... Which also implies that we should not honor any Limit for Options either...
No, what the client wants are the communication options. It is commonly used to find out what is required for a PUT before the request with big body is sent. We want to return 401, 403, ... ....Roy