Richard,
The only advice Richardson seems to offer on incoming representations is
that a client should be able to fetch a representation, modify it, and
PUT it back where it found it.
HTTP 1.1 rev01 add the concept of partial PUT for a brielf period of time.
This is from http 1.1 rev 01:
@restlet.tigris.org
Objet : Best practices for read-only fields?
Hi
The only advice Richardson seems to offer on incoming representations is
that a client should be able to fetch a representation, modify it, and
PUT it back where it found it. (RESTful Web Services, 2007, p. 235).
That is surely right
This is an example of the general need to validate all input. IMHO,
if you look at it that way then you basically need to do Option #3
anyways since good input validation practice is to default deny +
accept only known good input patterns.
Depending on the depth and complexity of the full
3 matches
Mail list logo