Received: (from majordom@localhost)
	by hyperreal.org (8.8.5/8.8.5) id LAA18878;
	Mon, 18 Aug 1997 11:18:25 -0700 (PDT)
Received: from valis.worldgate.com (marcs@valis.worldgate.com [198.161.84.2])
	by hyperreal.org (8.8.5/8.8.5) with ESMTP id LAA18868
	for <new-httpd@apache.org>; Mon, 18 Aug 1997 11:18:21 -0700 (PDT)
Received: from localhost (marcs@localhost)
	by valis.worldgate.com (8.8.5/8.8.5) with SMTP id MAA23418
	for <new-httpd@apache.org>; Mon, 18 Aug 1997 12:18:19 -0600 (MDT)
Date: Mon, 18 Aug 1997 12:18:18 -0600 (MDT)
From: Marc Slemko <marcs@worldgate.com>
To: TLOSAP <new-httpd@apache.org>
Subject: Re: Location: header and CGI specy
In-Reply-To: <Pine.GSO.3.95.970818110745.5846A-100000@veal.organic.com>
Message-ID: <Pine.BSF.3.95q.970818121224.22042A-100000@valis.worldgate.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: new-httpd-owner@apache.org
Precedence: bulk
Reply-To: new-httpd@apache.org

That is almost what I was thinking, but am not sure I quite buy that.
Yes, it is probably the correct answer but it doesn't entirely strike me
as right.

The status header isn't defined as changing the behavior at all.  In
theory, a:

     Status: 301 Moved Permanently

should result in the exact same output as a script without one.  However,
if you have a 200 or something then it should obviously not add its own
body.  Yes, the way it is done is probably best overall, but...

It is all, of course, due to the CGI standard or lack thereof.

On Mon, 18 Aug 1997, Alexei Kosut wrote:

> On Sun, 17 Aug 1997, Dean Gaudet wrote:
> 
> > Looks like a bug to me.
> 
> I suspect not. Apache only deals with the Location: header if there is no
> Status: header. It always has, as have all the other CGI implementations
> that existed prior to Apache (NCSA and CERN - I don't know what more
> recent servers do).
> 
> See, if you get headers as Marc shows, "Apache" does not return a
> redirect. The CGI returns a redirect. In other words, Apache does not
> parse Location, it does not provide a body, the CGI has to do all
> that. And Apache doesn't know that "/foo/" isn't a valid response for
> Location in whatever context the CGI is speaking to the browser.
> 
> Without Status:, Apache handles the redirect for the CGI, expanding it
> (or doing an internal redirect), providing a body, etc... But it
> shouldn't do that if the CGI has told Apache it can take care of itself.
> 
> > On Sun, 17 Aug 1997, Marc Slemko wrote:
> > 
> > > 	Status: 302 goober
> > > 	Location: /foo/
> > > 
> > > then Apache returns a redirect with /foo/.  That is invalid according
> > > to the spec, no?  Apache needs to either qualify it or handle it
> > > internally, no?
> > 
> > 
> 
> -- Alexei Kosut <akosut@organic.com>
>