Menu
▾
▴
Re: [cgi-prototype-users] each page is really an operation
|
From: A. P. <pag...@gm...> - 2005-09-04 05:39:22
|
* Terrence Brannon <ba...@me...> [2005-09-04 03:15]: > To me, that means "no cookies". But your discussion of 401 and > 403 would imply such a mechanism for recognizing who made the > request? I do (still?) use cookies. I’m still learning. :-) And several of my apps are already modelled the “old” way. I’m rolling them over slowly. Just two weeks or so ago I mentioned an URL `/edit/user/12` on this list; now that is `/user/12?view=edit`, with the POST going to `/user/12`. I’ve found that following REST principles (even only partially) has made the HTTP-side interface of my apps self-evident. Previously, I guessed a lot. Now, the separations are obvious. I like that. 401 vs 403 still holds, though – it would apply just the same if I used HTTP authentication. (Ie no auth headers => 401, auth headers for an account with insufficient permissions => 403.) Regards, -- Aristotle Pagaltzis // <http://plasmasturm.org/> |
