Thanks for the explanations. I still think it would be interesting to investigate precedents as this seems at first to deviate from usual HTTP GET usage.
Bertrand -----Original Message----- From: Anne van Kesteren [mailto:[EMAIL PROTECTED] Sent: Friday, January 04, 2008 2:59 PM To: Bertrand Le Roy Cc: WAF WG (public) Subject: Re: GET / HEAD / OPTIONS On Fri, 04 Jan 2008 23:08:32 +0100, Bertrand Le Roy <[EMAIL PROTECTED]> wrote: > I understand that but it brings the question of how you distinguish a > plain GET request to the resource and one that's being made just for > authorization purposes? Is it using "method-check" and is that header > only present in that case? Yes, that is correct. > Is there a precedent of not sending the actual contents of a resource > (but rather meta-data about it) based on the presence of a header? I don't know. > One other design that has been suggested in the OpenAjax discussion by > Manos Batsis from Abiss was to send the request using HEAD and revert to > GET only if the HEAD failed. I already explained why I thought this would be a bad idea in this e-mail: http://lists.w3.org/Archives/Public/public-appformats/2008Jan/0035.html -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
