httpd-test-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jacek Prucia <>
Subject Re: [PATCH] flood: basic user auth
Date Mon, 09 Sep 2002 10:47:36 GMT
On Fri, 6 Sep 2002 10:34:52 -0700
Aaron Bannert <> wrote:

> I don't see where in the spec it says clients "MUST" automatically
> redirect to the URLs specified in a 302 response. OTOH, I do see where
> it says:
>    If the 302 status code is received in response to a request other
>    than GET or HEAD, the user agent MUST NOT automatically redirect
>    the request unless it can be confirmed by the user, since this
>    might change the conditions under which the request was issued.

Yep. You're right. After digging up RFC a bit more I found out, that
when method is GET or HEAD, client actually MAY do automatic redirect.
So we're fine with optional behaviour here.

> So yeah, optional sounds good to me if you need it.

OK. Optional it is.

> I'm just of the
> opinion that we should do as little automatically as possible, so that
> the user can tweak every little piece that they want (and so we can
> later add new functionality within the flexible constraints of the
> pieces we set up now).


Jacek Prucia S.A.

View raw message