news.chmurka.net — przeglądarka postów
Path: news.chmurka.net!nntp.terraraq.uk!nntp-feed.chiark.greenend.org.uk!ewrotcd!news.killfile.org!news.eyrie.org!.POSTED!not-for-mail
From: Russ Allbery <eagle@eyrie.org>
Newsgroups: news.software.nntp
Subject: Re: 200 or 201, when auth enabled?
Date: Sun, 29 Oct 2023 21:44:40 -0700
Organization: The Eyrie
Message-ID: <87cywwoh1j.fsf@hope.eyrie.org>
References: <uhn1t5$h7f$2$arnold@news.chmurka.net>
Mime-Version: 1.0
Content-Type: text/plain
Injection-Info: hope.eyrie.org;
logging-data="15722"; mail-complaints-to="news@eyrie.org"
User-Agent: Gnus/5.13 (Gnus v5.13)
Cancel-Lock: sha1:SzD7cUSpLUHN+IfFPgsBvnLrWHw=
Xref: news.chmurka.net news.software.nntp:806
gof-cut-this-news@cut-this-chmurka.net.invalid (Adam W.) writes:
> But is it correct? Should server in this case respond with 200, or with
> 201?
> I found this in the RFC 3977:
> https://datatracker.ietf.org/doc/html/rfc3977#section-5.1.2
> But it's still not clear to me -- I just understand that it's a grey
> area (200 is "posting allowed", 201 is "posting not allowed", and
> there's no code for "posting will be allowed after auth") and readers
> should use CAPABILITIES instead.
When we were writing the standard, we discovered that there were some
clients that, when presented with a 201, will never attempt to POST even
if you have authentication credentials configured that they might use.
Returning 200 made those clients do the right thing: attempt to post, get
a permission error, realize that maybe they should try to authenticate,
and end up in the right spot.
It sounds like you've run into a client with the exact opposite problem.
This is unfortunately a mess, and as you say the only real solution is for
the client to use CAPABILITIES.
--
Russ Allbery (eagle@eyrie.org) <https://www.eyrie.org/~eagle/>
Please post questions rather than mailing me directly.
<https://www.eyrie.org/~eagle/faqs/questions.html> explains why.
Czas wyszukania tokenu: 149 ms
Czas pobrania artykułu: 87 ms
Powrót do strony głównej