Cart
|
[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: REST has too many verbs
 Gavin Thomas Nicol wrote: > > On Monday 11 February 2002 04:16 pm, Simon St.Laurent wrote: > > On Mon, 2002-02-11 at 13:44, Paul Prescod wrote: > > > Every message should result in a new URI. The URI represents the > > > current state of the transaction. You point to the last URI you > > > got. > > > > That's sort of vaguely usable, though I don't think I'd want to > > implement anything deeply recursive on that. > > Actually, the above is bogus because the URI has gone from being > opaque to encoding application state (to those that understand the > application) and you may or may not wish to disclose that to an > intermediary. Really? Here's one from Expedia. It's half-way through a transaction. Please tell me what the details of the transaction: http://www.expedia.ca/pub/agent.dll?qscr=fstr&itid=34958964&bkmd=2&zz=1013489956491 Hint: don't spend all day trying to decrypt it. The information you are not looking for is not in there. Even Microsoft is not that stupid. > > Sure. And if someone else comes along and changes the state out > > from under your label, how much good is your label? > > Which is what a malicious intermediary can do. As soon as you use SSL, > visibility is gone... Of course. You use the right tool for the job. But you can also speak to *intermediaries* through SSL. Paul Prescod 
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! 
Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|
|||||||||
