W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2003

Re: Redirection MUST NOTs

From: David Morris <dwm@xpasc.com>
Date: Wed, 5 Nov 2003 09:20:58 -0800 (PST)
Cc: WWW WG <ietf-http-wg@w3.org>
Message-ID: <Pine.LNX.4.33.0311050919480.20730-100000@egate.xpasc.com>



On Tue, 4 Nov 2003, Mark Baker wrote:

>
> On Tue, Nov 04, 2003 at 10:44:26PM +0100, Joris Dobbelsteen wrote:
> > Still, I'm interested in a (practical) sitiation where one needs to redirect
> > a non-GET/HEAD request?
>
> When the user agent trusts the server as it would a proxy, e.g.
>
> POST http://auth1.example.org/proxy?uri=http://auth2.example.org/some-path/ HTTP/1.1
> Host: auth1.example.org
> ...
>
> There, the server is providing proxy-like capabilities, but in gateway
> form.

Even so: a) The user did not choose this proxy trust relationship
         b) The user-agent has no way to discern this request from any
            other POST request in the proposed change you have
            described.
Received on Wednesday, 5 November 2003 12:37:08 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:25 GMT