IETF Logo Mail Archive

Re: Call for Adoption: SEARCH method

Greg Wilkins <gregw@webtide.com> Thu, 19 November 2020 08:22 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3012D3A1191 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 19 Nov 2020 00:22:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.647
X-Spam-Level:
X-Spam-Status: No, score=-2.647 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=webtide-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7J-cFcH2f_TS for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 19 Nov 2020 00:22:10 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19A2B3A118B for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 19 Nov 2020 00:22:09 -0800 (PST)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1kffA8-0000x3-Ev for ietf-http-wg-dist@listhub.w3.org; Thu, 19 Nov 2020 08:19:28 +0000
Resent-Date: Thu, 19 Nov 2020 08:19:28 +0000
Resent-Message-Id: <E1kffA8-0000x3-Ev@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <gregw@webtide.com>) id 1kffA6-0000wD-SU for ietf-http-wg@listhub.w3.org; Thu, 19 Nov 2020 08:19:27 +0000
Received: from mail-ot1-x32a.google.com ([2607:f8b0:4864:20::32a]) by titan.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <gregw@webtide.com>) id 1kffA4-0000EQ-Ho for ietf-http-wg@w3.org; Thu, 19 Nov 2020 08:19:26 +0000
Received: by mail-ot1-x32a.google.com with SMTP id n89so4520593otn.3 for <ietf-http-wg@w3.org>; Thu, 19 Nov 2020 00:19:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=webtide-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=T2mWm3HyoxxbzNyEkrt8IhS3lSaM0OoWmatZjM9usS0=; b=zcvfGMwazEpT8P6U9O/STtcm6gVeeyDJUfmqPratIzG1qXPrMGFZ8oCke7sMJG8P/7 b3iM85lUxhIo/2IieldnH2wouV9toOPjx4/mVM+9zS5bAyo3YUdK9Ocf3cfAJPfXBxTd Pf6NvjyJZk9ku1FHPZAw2gnPWsoOLLFKvaPqgSKewW5PdE4CrYtbre/5E5A+5W8NARhc cZKyZGC2UW2lQx5MHJW9UzsSZOLptkf30XWzAKJhkpLrqNL5eu9GoeI8d/MhCJRSldGs aKjt+Mee++oQT3cY5JX5V08BCF7bRjPNIE8u5gAJl9c5gMGG31sjUC0cgNEEN3GVP72O uqBw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=T2mWm3HyoxxbzNyEkrt8IhS3lSaM0OoWmatZjM9usS0=; b=gFJMP4lEERV1gb7xRE9/Z8W4IHGl0B4VQEXaIjarpWPLD5x9UpnrxrCRpWmSFTQy+2 im1YFoQK5m/b1WHhKsto6tmcKSQLR4gqoNH6cr50XDHpuT2nfh1S3qSXu/r9ITCJLMIj r35rNlnd54MZb5VrkPv6RBx91SocCShEkhJ4jBBUqsCqzedYAkW7lUVTSQlAdlx8aVhk 4UyDlz9cOUGjCaKmcLejhrWLjFmpEe1DwtX7Ne1efkjikA13xSr2QCEIj/82dw425WZZ kucCGXgt3Pfl0RiDM0ThRzXDEmDSXJRYGXVHMuutxwtMICM24u0V7hdOoXjXo31ATlOx jbdA==
X-Gm-Message-State: AOAM532rM87zSrLGlX6J28XozepYYE+SVIgpPg74LDyBljTR5+QzXprs LUFOs4GM3FBqIXfFrnkfnp8huAZhBQ/f4Qs3q1w3hrClemJOuR88
X-Google-Smtp-Source: ABdhPJw/NViwNSbrZMtodPuKcZDXilMqmCDP9HeUY/jBMdETodbPLnbl0Ijp5sBhyVaD/YrK6jKy8hbvKmkSrBMC5og=
X-Received: by 2002:a9d:7a8a:: with SMTP id l10mr9005803otn.228.1605773952939; Thu, 19 Nov 2020 00:19:12 -0800 (PST)
MIME-Version: 1.0
References: <F0556EC2-D5AD-47FF-A780-15949F57A911@mnot.net> <5C86F8CE-3075-48C7-BFA0-B7E202225829@acm.org> <CABP7RbeA8mj=sQhRFx6cUnnGES9=fogy=94nWwWkuQDj2NBNfA@mail.gmail.com> <00838246-acb5-6ad3-5864-9cce8521d9ca@gmx.de>
In-Reply-To: <00838246-acb5-6ad3-5864-9cce8521d9ca@gmx.de>
From: Greg Wilkins <gregw@webtide.com>
Date: Thu, 19 Nov 2020 09:19:01 +0100
Message-ID: <CAAPGdfFVaiQduehRvX8e0jeKr6LV06cM5UCPmBxyNr1xkNEbjQ@mail.gmail.com>
To: Julian Reschke <julian.reschke@gmx.de>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="0000000000000e09b805b4716209"
Received-SPF: pass client-ip=2607:f8b0:4864:20::32a; envelope-from=gregw@webtide.com; helo=mail-ot1-x32a.google.com
X-W3C-Hub-Spam-Status: No, score=-3.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1kffA4-0000EQ-Ho 95b594ded1917bc85e5639aa25a343a9
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Call for Adoption: SEARCH method
Archived-At: <https://www.w3.org/mid/CAAPGdfFVaiQduehRvX8e0jeKr6LV06cM5UCPmBxyNr1xkNEbjQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/38244
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Thu, 19 Nov 2020 at 05:49, Julian Reschke <julian.reschke@gmx.de> wrote:

> Am 19.11.2020 um 04:39 schrieb James M Snell:
> > To be clear, this is not intended as a safe, idempotent equivalent to
> > POST. It is intended specifically to cover search/query operations which
> > are often ambiguously represented as GET or POST. I'm not quite sure
> > what a safe idempotent equivalent to POST would even be, but this is not
> > it.
> > ...
>
> FWIW, I disagree with that. Ignore the method name for a moment, and
> what's left is a retrieval operation similar to GET which additionally
> takes the request payload into account.
>


Then why don't we just define the semantics of  GET's may have bodies.   I
think this would be trivial for most implementations and that many already
do support it, given that RFC7230 3.3
<https://tools.ietf.org/html/rfc7230#section-3.3> says:

>    The presence of a message body in a request is signaled by a
>    Content-Length or Transfer-Encoding header field.  Request message
>    framing is independent of method semantics, even if the method does
>    not define any use for a message body.


Then in RFC7231 4.3.1 <https://tools.ietf.org/html/rfc7231#section-4.3.1>
it says:

>    A payload within a GET request message has no defined semantics;
>    sending a payload body on a GET request might cause some existing
>    implementations to reject the request.


So let's just save the carbon footprint of creating another method (and
enforcing that GET's cannot have bodies) by defining the circumstances in
which a body of a GET can have semantic significance?    I don't see that
as contrary to 7230 and is not prohibited by 7231.

For most implementations, this will just work as they don't care about the
method when handing message framing.   For implementations that actually
handle the method, I see very less work to allow bodies to GETs (which many
probably already do) that to add a new method and all the framework
apparatus that implies and all the tests and new CIs and wasted
CPU/developer cycles for something that is already mostly there.

A client that wishes to send a SEARCH or a GET with a body will equally
have to expect a 4xx if something in the path doesn't expect either.   The
main difference is that a GET with a body may receive a response that
simply ignored the body and the client may not be able to determine that.
But then equally it is not possible to tell if a SEARCH method has been
simply routed to a GET implementation and the body equally ignored.   If
this is a concern, then perhaps defining a response header that indicates
the request body was considered is a better way forward?

cheers










-- 
Greg Wilkins <gregw@webtide.com> CTO http://webtide.com

v2.23.0 | Report a Bug | By Email