GET before PUT on an EditURI

[Joe Gregorio <joe.gregorio@xxxxxxxxx>]

On Tue, 13 Jul 2004 15:26:51 -0700, Tim Bray <tim.bray@xxxxxxx> wrote:
> [page 5/sect 3.2] the description reads like it's forbidden to do a PUT
> without doing a GET first.  Is this true?  If I know the URI and I know
> what I want to put there, can't I just blast it in?

You could, but you might not want to. 

Consider the case of a Wiki. Most Wiki HTML editing forms have 
a nonce, either a hidden time or a hash value. This nonce is used
to protect against edits being lost in a race condition, i.e. user
A starts to edit a page, takes too long and later user B edits the
same page and commits before user A does.

If the client does a GET on the EditURI then the server has a chance
to place a nonce in the entry. The client should preserve
that nonce and submit it with the entry when the edit entry
is PUT back to the EditURI. 

For this scenario to work you need two things. The first 
is that the client does a GET before editing. The second
is that the client preserves all the information elements 
of the entry for submitting back on the PUT,
even for namespaces and elements that the client doesn't know about,
which is something I believe all clients should do.

    -joe