[Standards-JIG] Re: JEP-0124: comments on proposed version 1.5

Mridul Muralidharan mridul at sun.com
Tue May 9 03:14:04 UTC 2006


Hi,

  Usually it is advisable to use 404 instead of 403 in case you do not 
want to give a reason to the client.
Typically 403 comes with a reason ... so maybe usage of the error code 
is slightly off - though the intention (forbidden) is correct.
Ofcourse , both are advises from the rfc ... though you break them only 
for strong reasons.

Regards,
Mridul

bernhard wrote:

> Hi
>
>>> HTTP Error Codes:
>>> 400, 403, 404 Error Codes makes problems for error handling. PHP for 
>>> example reports an error if a 404 is in the http header.
>>>     
>>
>>
>> I'm not sure if you are saying that the PHP method you are using will
>> not allow you to send an HTTP error back to the client?
>>   
>
> It is possible and no big problem.
>
>> Alternatively, perhaps you mean you are writing a client in PHP (I'm not
>> sure why)? If so, if it receives an HTTP error code, then shouldn't it
>> report an error? 
>
> The HTTP error code is not XML. Jabber is XML and dealing with non XML 
> is a problem (but not not a big problem) if
> there is a http error code like 404 AND an XML error message. At the 
> moment I'm using the http-binding from Stefan Strigler 
> <mailto:steve at zeank.in-berlin.de>
> and it only reports the HTTP error and not an XML error message. This 
> is a problem.
>
>> After all, it doesn't even really need to know which
>> error was reported - the client should know anyway since it was probably
>> not conforming to the protocol.
>>
>>  
>>
>>> If for example the sid, rid is not valid this is not a http error. 
>>> It is a http-binding error and should be
>>> reported with 200 OK and an error message like in example 38.
>>>     
>>
> The point is, that an http error is NOT an http-binding error.
> It is something different and  a http-binding error should not report 
> an http error.
>
>>> Here an example (http-bind proxy written in PHP):     
>>
>> http://lamp2.fh-stpoelten.ac.at/~lbz/beispiele/ws2005/spiel/proxy.phps
>>
>> Your example appears to enable a client to connect to a PHP proxy which
>> in turn connects to a JEP-0124 proxy which in turn connects to an XMPP
>> server!
>>   
>
> Yep.
>
>> The JEP is not designed for that. But if you really want to do it, then
>> IMHO, if there is a problem it is with PHP (is there really no solution
>> within PHP?).
>>   
>
> There is. But using the protocol in a "strange" way can show how to 
> make the protocol better.
>
>> Wouldn't it be more efficient to install a standard JEP-0124 connection
>> manager in proxy mode? 
>
> The PHP Proxy is not efficient but it was the only possibility.  I'm 
> not the  sysadmin.
>
>> Or write your own in PHP? Is the problem that you
>> don't have sufficient control over any of the three servers involved? Is
>> that a typical enough reason to justify rewriting the protocol at this
>> stage?
>>
>>   
>
> There is no implementation of jep-124 at the moment that handles 
> errors correct.
> There are not many people using jep-124 at the moment - but I am using 
> it.
>
>
> The problem is not the http error (like 404). But there should also be 
> an XML version of the error code.
> It is easy to ignor an 404, but there should be at least an example in 
> the JEP like:
>
> HTTP/1.1 403 OK
> Content-Type: text/xml; charset=utf-8
> Content-Length: 68
>
> <body type='terminate'
>      condition='forbidden'
>      xmlns='http://jabber.org/protocol/httpbind'/>
>
>
>
> thanks for reading
>
> Bernhard
>




More information about the Standards mailing list