Re: [rest-discuss] ETag and resource representations
- Hi Nicholas,I'm not sure why I should consider those as different resources. Isn't that what representations are for?Besides, I'm not sure it makes it easier on the caching management side of things as those different resources are nonetheless linked (if an adult purchases a chid book, both the adult library and the child library resources are impacted).Thanks,HubertOn Sep 2, 2013, at 6:17 AM, Nicholas Shanks wrote:On 14 August 2013 02:11, Hubert A Le Van Gong <hubertlvg@...> wrote:
For instance, if I consider a library (full of books) as a resource. The view of that resource (i.e. the list of books returned) may vary based on the age of the reader (or any other criteria).This is a different resource from the whole library and should have a different URI, such as /library/?age=childIf a child went to /library/ and should not be allowed to see some of the inappropriate books there then either a 401 or 303 should result, not 2xx response with a subset of the results an adult would see, as that breaks caching. (You can jump through hoops to make it work, but changing the URI is better.)In my own company's system, I have a resource /jobs that represents the most recent 30 jobs the company has been awarded. The resource /jobs?page=2 represents jobs 31 to 60. We allow our clients to log in to our system, but when they click the View Jobs link, they don't go to /jobs (and only see their own jobs) but to /clients/their-name/jobs Attempts to view other client's jobs URIs result in a 401 (regardless of whether the client exists or not, so as not to leak data).Access control coupled with URI proliferation works with the way the web operates. Changing representation based on viewer works against it.--
- On 4 September 2013 00:19, Hubert A Le Van Gong <hubertlvg@...> wrote:
> Hi Nicholas,'representations' are different presentations/formats/content-types
> I'm not sure why I should consider those as different resources. Isn't that
> what representations are for?
showing the same (sub-)set of data. Page 2 does not contain the same
data as page 1, so isn't a different representation per the http
meaning of the noun, but a different resource. The entire library, if
not available via a single URL, is not a (HTTP) resource. (Someone
please correct me if I'm wrong there.)
> Besides, I'm not sure it makes it easier on the caching management side ofThe whole goal of a well-written web service is to improve a cache's
> things as those different resources are nonetheless linked (if an adult
> purchases a chid book, both the adult library and the child library
> resources are impacted).
ability to make a match.
You said "The view of that resource (i.e. the list of books returned)
may vary based on the age of the reader (or any other criteria)."
How are you determining what 'view' to return, or put another way, how
do you decide on the "age of the reader"? Are readers users who have
to log in and get a cookie set? Or are readers just a target audience
for the book, and the client is asking for "children's books" through
some query string, the client's age being unknown?
If at the moment you're using something like Vary: Cookie to serve
different pages to different clients, then your resources are not
going to see any caches except the client's browser. Try to eliminate
this if at all possible, perhaps via 303 responses to avoid changing
the referring href.
If you are using query strings to change the books shown, then, as the
query string is part of the URL, and the URL is the minimal key
required to differentiate resources, a different URL means you are
requesting a different resource, and so the URI can be anything you
want, e.g. /childrens-books/ or /library?genre=children%39s
This isn't really relevant to Entity Tags but I thought I should bring it up.