On Wed, 09 Jan 2008 16:50:14 +0100, Williams, Stuart (HP Labs, Bristol)
<[EMAIL PROTECTED]> wrote:
My reflection over the New Year break period is simply as follows:
I think that AC decision should be made wrt to operation as a whole
(GET, PUT, POST, DELETE...) ie. given a permission to proceed with an
operation it should then be allowed to run to it's normal termination.
At spec'd at present, AC decisions are made on each 'phase' of a
two-phase operation - spliting state-changing operation in a way that
potential allows partial success and a 'split-horizon' view of the
outcome (one party thinks success the other is not allowed to find out).
To be clear, for GET this is not the case. That is the only HTTP method
that goes straight through and where only a single check is performed
(because cross-site GET is already possible and we only need to protect
the return data).
The two checks for the other methods are different. The first check (on
the preflight GET) is to determine whether we the user agent can send the
request. The second check (on the actual request) is to determine whether
the user agent can expose the entity body to the protocol it's dealing
with (protocol being XMLHttpRequest for instance). In other words, the
first is for sending and the second is for reading. In theory these could
be different.
So... on the purity side; I think the granularity of AC decisions should
be whole operations... and, as an aside, intentional language that
described the intended grain size is would be helpful whether or not you
agree with me over what that grain size should be.
--
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
