[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: What does SOAP really add?

• To: Didier PH Martin <martind@n...>, xml-dev@l...
• Subject: Re: What does SOAP really add?
• From: Jim Ancona <scarhill@y...>
• Date: Tue, 23 Apr 2002 07:33:52 -0700 (PDT)
• In-reply-to: <013f01c1ead0$408fd630$6401a8c0@didierhome>
• Reply-to: jim@a...

--- Didier PH Martin <martind@n...> wrote:
> Can you explain to me how an HTTP POST brings more side effects than an HTTP
> GET. 

POST brings more side effects because it is designed to have side effects,
while GET is supposed to be safe. Quoting from section 9.1.1 of RFC 2616 [1]:

"In particular, the convention has been established that the GET and HEAD
methods SHOULD NOT have the significance of taking an action other than
retrieval. These methods ought to be considered "safe". This allows user agents
to represent other methods, such as POST, PUT and DELETE, in a special way, so
that the user is made aware of the fact that a possibly unsafe action is being
requested.

Naturally, it is not possible to ensure that the server does not generate
side-effects as a result of performing a GET request; in fact, some dynamic
resources consider that a feature. The important distinction here is that the
user did not request the side-effects, so therefore cannot be held accountable
for them."

Note that we are talking about side effects on the server, not any effect the
document() function would have on the output of the XSLT tranformation.

> Off course, when used in the context of the "document" function (or
> anything else having the same intent: fetching an XML document). The basic
> goal of any construct like the "document" function is to fetch an XML
> document. 

But POST is not intended for fetching documents. That is what GET is for. From
section 9.5 of the RFC [2]:

"POST is designed to allow a uniform method to cover the following functions:

      - Annotation of existing resources;

      - Posting a message to a bulletin board, newsgroup, mailing list,
        or similar group of articles;

      - Providing a block of data, such as the result of submitting a
        form, to a data-handling process;

      - Extending a database through an append operation."

Of course this is one of the REST proponents' objections to SOAP--if you want
to fetch a document using the SOAP HTTP binding you must use an HTTP POST,
which violates the semantics specified in the HTTP spec.

Jim

[1] - http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.1.1
[2] - http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.5

=====
Jim Ancona
jim@a...                     jancona@x...

__________________________________________________
Do You Yahoo!?
Yahoo! Games - play chess, backgammon, pool and more
http://games.yahoo.com/

• Follow-Ups:
  • Re: What does SOAP really add?
    • From: "Didier PH Martin" <martind@n...>
  • Re: What does SOAP really add?
    • From: John Cowan <jcowan@r...>

• References:
  • Re: What does SOAP really add?
    • From: "Didier PH Martin" <martind@n...>

• Prev by Date: Re: What does SOAP really add?
• Next by Date: Re: What does SOAP really add?
• Previous by thread: Re: What does SOAP really add?
• Next by thread: Re: What does SOAP really add?
• Index(es):
  • Date
  • Thread