[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Elliotte Rusty Harold on Web Services
On Fri, 31 Jan 2003 12:51:53 -0500, Mark Baker <distobj@a...> wrote: > In the former, the data that is sent is just data, not a request for > action. POST is the action. If it were sent with HTTP PUT, it would > mean something entirely different. Back to our canonical disagreement :-) My position is that the "interface" is the totality of the contract between producer and consumer; the difference between "just data" and "request for action" is pretty fuzzy at best. (LISP being the usual example, I guess). The "action" is whatever happens on the server, however that got invoked. Call it a "method", call it a "request", call it a "suggestion" ... some code will parse the "just data" and decide to do something. Disallow POST and insist that all GETs be safe and PUTs idempotent, and I would agree that REST is less of a security hole, but it's gonna be hard to do application integration that way.
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|