[Zope3-dev] Re: Make sure your zserver.zcml is up to date.

[Jeffrey P Shell]

On Monday, March 24, 2003, at 01:12  PM, Shane Hathaway wrote:

> R. David Murray wrote:
>> On Mon, 24 Mar 2003, Steve Alexander wrote:
>>>> The recent IIS WebDAV bug reveals the desireability of being able
>>>> to disable PUT (and WebDAV specific commands) on a production
>>>> server, in my opinion.  So I hope the ability to control what
>>>> 'write" commands a z3 server will support is retained.
>>>
>>> This is a very good point. I'd be grateful if you'd make it on the
>>> mailing list, so Jim and others who are working on the server end of
>>> things can respond.
>> Woops.  I meant to.
>> By the way, I told a guy who is responsible for supporting our
>> customers who use Microsoft stuff that we'd designed in the ability
>> to turn off WebDAV (thinking we had), and he was very impressed by
>> our foresight.  Let's make it true <grin>.
>
> FWIW, this is one of the things I had in mind for "payload handlers". 
> HTTP is the primary protocol for transferring many kinds of payloads, 
> like browser requests/responses, WebDAV, XML-RPC, and SOAP.  So I 
> thought it would be neat to be able to plug payload handlers into an 
> HTTP server.  The server would choose which payload handler to use 
> only after the entire request is received.  (Some payloads, like SOAP, 
> are even designed to work with protocols other than HTTP.)

While WebDAV extends HTTP with not only payloads, but new HTTP commands 
(LOCK, MOVE, etc).  XML-RPC and SOAP/http, by my understanding, stay 
within the basic HTTP/1.1 arena.

There are other HTTP extensions and proposals such as DASL (adds a new 
SEARCH method to HTTP/WebDAV), Delta-V (adds the CHECKOUT, CHECKIN, and 
other CVS-like methods to HTTP/WebDAV), and so on.

There was some talk here recently about how to deal with core HTTP 
'methods'.  In Zope 2, they're defined like `def PUT(...)`, `def 
MOVE(...)`, etc.  I can't remember if we reached a decision on how to 
work with these in Zope 3.