HTTP Headers vs. link rel=

Brad Fitzpatrick brad at
Tue May 24 09:39:03 PDT 2005

On Tue, 24 May 2005, Evan Martin wrote:

> On 5/24/05, Paul Timmins <paul at> wrote:
> > On Mon, 2005-05-23 at 18:03 -0700, ydnar wrote:
> > What's wrong with allowing an authentication server specified in the
> > document to override a server header? That seems like a good way to
> > override a bizarre host, while allowing a sitewide auth server if none
> > are otherwise specified. This also allows it to be doctype agnostic if
> > it wants to be.
> It defeats part of Mart's argument: you can no longer use HEAD 'cause
> you need the entire document just in case they overrode it in the
> document.
> I'm with Mart: if you can't trust your hosting provider, there's
> something more wrong than just needing to override it in your HTML.

Plus once there are two ways, people will be surprised when their HTML
(all they can see!) doesn't work, because there are mystery magic HTTP

So I'd say HTML headers would have to always override the Link header.  I
don't care much about the HEAD request.  I figure people can do GET
requests with byte ranges, asking for the first 1k or 2k.   The latest
version of Net::OpenID::Consumer (unreleased) has to do a GET to get the
full head and find rss, atom, foaf, foafmaker, etc, which is then
available from the VerifiedIdentity object.

> _______________________________________________
> yadis mailing list
> yadis at

More information about the yadis mailing list