IETF Logo Mail Archive

Re: Draft for Resumable Uploads

Austin William Wright <aaa@bzfx.net> Wed, 06 April 2022 20:10 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10CD83A060D for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 6 Apr 2022 13:10:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.749
X-Spam-Level:
X-Spam-Status: No, score=-2.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.248, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, T_MIME_MALF=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bzfx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C049qGfwxOg0 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 6 Apr 2022 13:10:50 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D75253A05AC for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 6 Apr 2022 13:10:49 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1ncBxB-0003lO-C8 for ietf-http-wg-dist@listhub.w3.org; Wed, 06 Apr 2022 20:08:33 +0000
Resent-Date: Wed, 06 Apr 2022 20:08:33 +0000
Resent-Message-Id: <E1ncBxB-0003lO-C8@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <aaa@bzfx.net>) id 1ncBxA-0003kV-8m for ietf-http-wg@listhub.w3.org; Wed, 06 Apr 2022 20:08:32 +0000
Received: from mail-pj1-x102e.google.com ([2607:f8b0:4864:20::102e]) by mimas.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <aaa@bzfx.net>) id 1ncBx8-0008KT-Co for ietf-http-wg@w3.org; Wed, 06 Apr 2022 20:08:32 +0000
Received: by mail-pj1-x102e.google.com with SMTP id s14-20020a17090a880e00b001caaf6d3dd1so6839417pjn.3 for <ietf-http-wg@w3.org>; Wed, 06 Apr 2022 13:08:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bzfx.net; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=FyWyrna1awqShgQ0QziXkX0jr2pIyRcwbjBCS9pDqj0=; b=ZfFwNRiLEbNHGCjbZ2oX5duofdaEEQVPHa2398wLm4Yh3LDfLxpijVe9mdDd0OpycY SDEK4QpkBMS2YMjVuSMPIqNhM6/j8ErXbhx8/USkqOGYj0BHRyh4YyOJQHVcpUU7UMy8 iLWVVxnMvxnwNsIIMyTz7bg+s/JvsMfueZ+3k=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=FyWyrna1awqShgQ0QziXkX0jr2pIyRcwbjBCS9pDqj0=; b=7TyEZI5tPT68UcQgQigy0iyBttQOAPcnYMIMMGiw1LQWnBq1o2o2SwkqacuWALLsz7 6jmva+y8lTaZc90BFegWrIhJ84ag0cT/9CQr13BBvzDr6KbVMU1+gGZl9TZfbLTAB7Jy sQSilat/4foLH5/Rqp1CC94ARgzFnBQTwK8OtLW87R3OMaZfkGjLbpAYZOLHQSEdc4cN TWxqrtVZ/OSWrfhvGIgrgoc6I8NWbDhVQM/cjvA+0x0KMhh6ei3XPpUuo1VP44d0bPWn exihOU/AVt3cHGoNnc99UVPBCHIPUU7sOjHaMhqtLHPe6hLRHg0p8D/mSXpY///Sna5b pWAw==
X-Gm-Message-State: AOAM530jZfLf3u3o91Qb3LBlyteeja6MdzxaDTBCoc853ud7+YdV8P3c dhBNXQY26kM0IYOryA0MBX/vcQ==
X-Google-Smtp-Source: ABdhPJxaiizFITjtJ6hHwIeV3BU+td07syba9yXdl+FiTmUKSdh7Wpv9SfqWwKsqE1gGJLgCdT9DMg==
X-Received: by 2002:a17:903:189:b0:156:1262:972a with SMTP id z9-20020a170903018900b001561262972amr10615067plg.75.1649275698880; Wed, 06 Apr 2022 13:08:18 -0700 (PDT)
Received: from smtpclient.apple (174-17-141-74.phnx.qwest.net. [174.17.141.74]) by smtp.gmail.com with ESMTPSA id x25-20020a056a000bd900b004faae43da95sm19096364pfu.138.2022.04.06.13.08.17 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 06 Apr 2022 13:08:18 -0700 (PDT)
From: Austin William Wright <aaa@bzfx.net>
Message-Id: <54BB33F9-DF98-48DB-BA2B-C8A63208BA21@bzfx.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_6AC755C5-8794-43D0-B858-345FB6A47372"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\))
Date: Wed, 06 Apr 2022 13:08:16 -0700
In-Reply-To: <17ffe8ddd90.1257859fc38181.7721145847915462132@zoho.com>
Cc: Julian Reschke <julian.reschke@gmx.de>, Guoye Zhang <guoye_zhang@apple.com>, ietf-http-wg <ietf-http-wg@w3.org>
To: Eric J Bowman <mellowmutt@zoho.com>
References: <CANY19NvMcPQaHRamFe-yy-E38xKo2XrmFCKVRoPbyBMQhoY6vA@mail.gmail.com> <82FAD6B4-F72F-42E0-A72D-4BFAAB9668FD@gbiv.com> <EA8A9F25-D49F-41DE-B98E-A013E1E68CAF@apple.com> <6e64f598-e82b-bff5-5ed9-c3c3f4b01439@gmx.de> <C6907036-146C-4FAB-938E-238473CB42B4@apple.com> <17ff7558cda.10ad81f8113705.2829201994677815148@zoho.com> <2FADC394-0954-4AA2-8F55-6CDF88833CB3@apple.com> <17ff85458eb.119b6ffbd16630.2281063094525551184@zoho.com> <a0670d54-d999-807c-23e2-95e357e73104@gmx.de> <17ff868f14e.d111a4c016833.788757655885004970@zoho.com> <4c1aabee-bc23-6d19-2e5d-8fdf3b3532ad@gmx.de> <892B7A86-57D0-4B21-9899-65EF3FA84A12@bzfx.net> <17ffd4d64d2.c4f12f9734385.3620821323075353432@zoho.com> <904B5382-ADCA-461F-B47C-583874D4FB55@bzfx.net> <17ffe8ddd90.1257859fc38181.7721145847915462132@zoho.com>
X-Mailer: Apple Mail (2.3696.80.82.1.1)
Received-SPF: pass client-ip=2607:f8b0:4864:20::102e; envelope-from=aaa@bzfx.net; helo=mail-pj1-x102e.google.com
X-W3C-Hub-DKIM-Status: validation passed: (address=aaa@bzfx.net domain=bzfx.net), signature is good
X-W3C-Hub-Spam-Status: No, score=-6.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_MIME_MALF=0.01, T_SCC_BODY_TEXT_LINE=-0.01, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1ncBx8-0008KT-Co 869e801eba3e3b409b347ab3dcf34125
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Draft for Resumable Uploads
Archived-At: <https://www.w3.org/mid/54BB33F9-DF98-48DB-BA2B-C8A63208BA21@bzfx.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/39974
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Apr 6, 2022, at 04:06, Eric J Bowman <mellowmutt@zoho.com> wrote:
> 
> >
> > So then I think a simple modification of my “Partial Uploads”
> > document (draft-wright-http-partial-upload-01 <https://tools.ietf.org/id/draft-wright-http-partial-upload-01.html>) would work 
> > well.
> >
> 
> Kudos for how well you've written your document. But please don't suggest using PATCH to create a resource? Best decision I ever made regarding httpd coding was only 3 years or so ago, I eschewed Windows compatibility in favor of tight coupling to UNIX filesystem attributes. Speaking in terms of static files for simplicity...

Explain for me how a Unix filesystem makes PATCH impractical?

> DELETE on my httpd doesn't remove the existing resource, it sets it to zero bytes, such that subsequent GET/HEAD requests respond 410, and may or may not Allow: PATCH. No file? 404, which may Allow: PUT. I can't help but think that a PATCH request to a nonexistent resource should return 404.

I think it will make more sense if you think of PATCH as a superset of PUT.

PATCH, just like PUT, creates the resource if it doesn’t exist. Consider how these two requests are similar:

PUT /upload-target HTTP/1.1
Content-Length: 400
Content-Type: text/plain

[400 bytes...]

And

PATCH /upload-target
Content-Type: message/byterange

Content-Range: 0-399/400
Content-Type: text/plain

[400 bytes...]

The effects will be identical.

The advantage of the PATCH form is that you can start writing at a non-zero offset, or create the file while indicating it’s larger than the enclosed body. PUT cannot do these.

> >
> > First, it defines the message/byterange media type, 
> > for making changes to a specific byte range. This is the 
> > bulk of the desired functionality, I think.
> >
> 
> I would encourage you to document that media type independently from the rest of your draft.
> 
> >
> >---------------
> Second, 2__ Sparse Resource would indicate that the resource has some regions filled in by the server, and might not be valid according to the media type definition. But I’m not confident that all user-agents would safely handle a 2__ Sparse Resource. If the resource represents executable code, the result could be very bad. Maybe I remove this? It seems wrong to me that a server could send back a document it knows is invalid according to the media type. Maybe there should be an error for clients that request a sparse resource without indicating they can support the response.
> >---------------
> >
> 
> Hmmm... I'm a bit rusty at explaining this, but here goes. Media-Type in HTTP has nothing to do with file format. My server intent may be to "view source" of an HTML file, so I use text/plain to prevent it from being parsed and rendered as HTML. My server intent may be to present a broken PNG, so I use image/png to have the client attempt to render it as such. Being a valid representation of said media type is not implied, and I assure you there's nothing wrong with that. If a UA fails to render, it reports the error to the User i.e. "broken image icon". Application-layer error, not protocol-layer error.

Well, the media type tells you how to decode the response. Yes, if you receive an image/png that is half zeros, it might render (but appear corrupt to a human). But how would the user-agent know this isn’t intentional? How would it know the file is actually incomplete?

It sounded like we would avoid this by responding with a 206 Partial Content response that excludes undefined bytes. I like this solution.

> 
> I think you've gone astray by essentially modeling "sparse" as a subtype of any given media type. Or qualifying a resource ('s representation) as being the result of executable code -- excluding static files of expected types, 99% of my resources map to server-side processes. Receiving a borked representation has no effect on the executable, because the server-side resource coding is decoupled from its representations, and hidden behind a Uniform Interface.

I didn’t intend to suggest this.

Suppose I am uploading an executable binary, how would I ensure that users cannot download it while it’s still incomplete? (Verifying a checksum would prevent major problems, but how would a Web browser know that the resource is incomplete?)

Thanks,

Austin.

> 
> -Eric
> 
>

v2.23.0 | Report a Bug | By Email