On Fri, 04 Jan 2008 23:08:32 +0100, Bertrand Le Roy <[EMAIL PROTECTED]> wrote:
I understand that but it brings the question of how you distinguish a plain GET request to the resource and one that's being made just for authorization purposes? Is it using "method-check" and is that header only present in that case?
Yes, that is correct.
Is there a precedent of not sending the actual contents of a resource (but rather meta-data about it) based on the presence of a header?
I don't know.
One other design that has been suggested in the OpenAjax discussion by Manos Batsis from Abiss was to send the request using HEAD and revert to GET only if the HEAD failed.
I already explained why I thought this would be a bad idea in this e-mail: http://lists.w3.org/Archives/Public/public-appformats/2008Jan/0035.html
-- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
