Closed GoogleCodeExporter closed 8 years ago
requestNumber = JSONRequest.post(
"https://json.penzance.org/request",
{
user: "doctoravatar@yahoo.com",
t: "vlIj",
zip: 94089,
forecast: 7
},
...
}
becomes
POST /request HTTP/1.1
Host: json.penzance.org
Content-Type: application/jsonrequest
Content-Length: 72
Content-Encoding: identity
Domain: www.pirate.net
{"user":"doctoravatar@penzance.com","forecast":7,"t":"vlIj","zip":94089}
--------
Domain is the original document.domain of the page from which the request is
issued. It can be used by the
server when deciding to allow the request.
Original comment by john.david.duncan
on 22 Sep 2007 at 8:25
Noteworthy:
* Request and response MUST be UTF-8
* If the request content-type is application/jsonrequest, then the response
content-type must also be
application/jsonrequest, and the response content body must be valid JSON.
* The request may not use HTTP authentication. (I cannot enforce this; it's
up to the administrator to not use
mod_auth).
* The request may not include cookies, and the response may not set them.
* Handling of the Domain: header is probably up to some other module.
Original comment by john.david.duncan
on 22 Sep 2007 at 8:33
Only one change needs to be made to support JSONRequest.get() in mod_ndb:
- If the request content-type is application/jsonrequest, then
* Set the response content-type to application/jsonrequest, and
* Require the output format to be JSON.
But what if the desired output format (in httpd.conf) is non-JSON?
If the request included an "Accept: application/jsonrequest" header (something
which is not in the proposal), I
would be able to reply with 406 Not Acceptable. A 406 response "SHOULD"
include a response body
"containing a list of available entity characteristics and locations from which
the user or user agent can
choose the one most appropriate." This might makes sense if you somehow know
that there's a related JSON
endpoint nearby.
HTTP Sec. 14.1 says "The Accept request-header field can be used to specify
certain media types which are
acceptable for the response. Accept headers can be used to indicate that the
request is specifically limited to
a small set of desired types, as in the case of a request for an inline image."
This clearly seems to apply to
JSONRequest. And it sanctions the 406 response: "If an Accept header is
present, and if the server cannot
send a response which is acceptable according to the combined Accept field
value, then the server SHOULD
send a 406."
Alternately, I can send a 403 Forbidden.
Original comment by john.david.duncan
on 22 Sep 2007 at 9:07
Original comment by john.david.duncan
on 24 Sep 2007 at 4:04
Original comment by john.david.duncan
on 26 Oct 2007 at 5:59
Committed in svn rev 472.
Original comment by john.david.duncan
on 29 Oct 2007 at 6:11
Original comment by john.david.duncan
on 25 Jun 2009 at 4:01
Original issue reported on code.google.com by
john.david.duncan
on 22 Sep 2007 at 6:13