Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:40802
Return-Path: <rasmus@lerdorf.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 47533 invoked from network); 30 Sep 2008 06:15:03 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 30 Sep 2008 06:15:03 -0000
Authentication-Results: pb1.pair.com smtp.mail=rasmus@lerdorf.com; spf=permerror; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=rasmus@lerdorf.com; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain lerdorf.com from 204.11.219.139 cause and error)
X-PHP-List-Original-Sender: rasmus@lerdorf.com
X-Host-Fingerprint: 204.11.219.139 mail.lerdorf.com  
Received: from [204.11.219.139] ([204.11.219.139:49293] helo=mail.lerdorf.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 10/9D-36431-5E3C1E84 for <internals@lists.php.net>; Tue, 30 Sep 2008 02:15:02 -0400
Received: from [216.145.54.7] (socks2.corp.yahoo.com [216.145.54.7])
	(authenticated bits=0)
	by mail.lerdorf.com (8.14.3/8.14.3/Debian-5) with ESMTP id m8U6Etxn027940
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Mon, 29 Sep 2008 23:14:57 -0700
Message-ID: <48E1C3DF.5040604@lerdorf.com>
Date: Mon, 29 Sep 2008 23:14:55 -0700
User-Agent: Thunderbird/3.0a2pre (Macintosh; 2008071516)
MIME-Version: 1.0
To: Dmitry Stogov <dmitry@zend.com>
CC: "Brian J. France" <list@firehawksystems.com>, internals@lists.php.net
References: <1890A80D-FE2B-413C-9B41-C56FB17B865D@firehawksystems.com> <EEFC0FF5-0148-4215-B41D-F8638E809975@firehawksystems.com> <48E08DBC.7060000@zend.com> <48E0E9B0.7010604@lerdorf.com> <48E0F994.8010802@zend.com>
In-Reply-To: <48E0F994.8010802@zend.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] ext/soap and http header
From: rasmus@lerdorf.com (Rasmus Lerdorf)

Dmitry Stogov wrote:
> Hi Rasmus,
>
> Rasmus Lerdorf wrote:
>> Dmitry Stogov wrote:
>>> Hi Brian,
>>>
>>> I think you patch does the things you like properly, but why do we need
>>> such ability? I don't see a use-case.
>>>
>>> In case of accepting this patch, we also need to care about duplicate
>>> headers.
>> Some web services require custom headers for authentication or to bounce
>> along information about the originating request in order to do proper
>> logging and accounting about which top-level users are causing the
>> backend web services requests.
>
> Could you give an example.

Well, for one a bunch of the internal Yahoo web services require a 
certificate header.  I doubt we are the only Web company who needs to 
authenticate the higher-level users of lower-level web services.

We are running with Brian's patch now, but I don't really see the reason 
not to make it possible for people to set custom headers on web services 
requests.

Another example is the Weather Underground API.  They ask you to set the 
User-Agent to your email address so they can contact you if your app 
starts causing them problems.

-Rasmus