SEARCH slides

Author: reschke

Diff for: ietf93/ietf-93-httpbis-search.pdf

@@ -0,0 +1,112 @@
+<!DOCTYPE html
+  PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+  <head>
+    <title>IETF 93 - SEARCH method</title>
+    <style type="text/css">
+body {
+  color: black;
+  font-family: cambria, helvetica, arial, sans-serif;
+  font-size: 18pt;
+}
+h1 {
+  font-size: 36pt;
+}
+li {
+  margin-top: 0.5em;
+}
+q {
+  font-style: italic;  
+}
+.break {
+  page-break-before: always;
+}
+@page {
+  size: a4 landscape;
+}
+@page {
+  @bottom-left {
+       content: "Julian Reschke, greenbytes";
+  }
+  @bottom-right {
+       content: counter(page);
+  }
+  @top-center {
+       content: "IETF 93 - SEARCH method";
+  }
+}
+    </style>
+  </head>
+  <body>
+    <h1>IETF 93 - SEARCH method</h1>
+    <p>
+      <a href="mailto:[email protected]">Julian Reschke</a>, greenbytes
+    </p>
+
+    <h2 class="break">Why?</h2>
+    <p>
+      One of the most FAQs on StackOverflow is: can I send a GET request
+      with a payload?
+    </p>
+    <p>
+      We should have material that explains why GET with body doesn't work, and
+      what the alternatives are.
+    </p>
+    
+    <h2 class="break">Proposal:</h2>
+    <p>
+      Explain the situation:
+    </p>
+    <ul>
+      <li>
+        Bookmarkability/Cacheability
+      </li>
+      <li>
+        Drawbacks of using GET: URIs might leak more frequently than payloads (log files, Referer), some components might fail for long URIs
+      </li>
+      <li>
+        Drawbacks of using POST: not safe, thus not repeatable without knowig the semantics of the request
+      </li>
+      <li>
+        Explore Content-Location, making the GET-table resource discoverable 
+      </li>
+      <li>
+        Can URI templates help?
+      </li>
+    </ul>
+    
+    <h2 class="break">Alternatives to GET and POST</h2>
+    <ul>
+      <li>Use an HTTP method that is defined to support a request payload <b>and</b>
+      is safe.</li> 
+      <li>The method registry already contains three candidates: PROPFIND,
+      REPORT, and SEARCH; all of which defined for WebDAV.
+      </li>
+      <li>There is existing code out there which knows about them being safe,
+      so it makes sense to use one of these. It also avoids using
+      yet another method name.
+      </li>
+      <li>The most generic of these is SEARCH; we could un-tangle it from
+      WebDAV (without breaking existing uses) by allowing any media type
+      as payload (as in PATCH), and open up the response format as well.
+      </li>
+    </ul>
+    
+    <h2 class="break">Specifically...:</h2>
+    <ul>
+      <li>Make it as simple as possible.</li>
+      <li>Format discovery using Accept-Search response header field (mirrors PATCH).</li>
+      <li>Discuss concrete formats in separate specs.</li> 
+      <li>Explore ways to make the response to SEARCH GET-table and to leverage
+      URI templates so clients can directly construct GET requests once they know about the URI format.</li>
+    </ul>
+
+    <h2 class="break">Further reading:</h2>
+    <ul>
+      <li><a href="https://tools.ietf.org/html/draft-snell-search-method">draft-snell-search-method</a></li>
+      <li><a href="https://tools.ietf.org/html/draft-hunt-scim-search">draft-hunt-scim-search</a></li>
+      <li><a href="http://greenbytes.de/tech/webdav/rfc5323.html">RFC 5323: Web Distributed Authoring and Versioning (WebDAV) SEARCH</a></li>
+    </ul>
+
+  </body>
+</html>