W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2008

Re: PROPOSAL: i76 Use Proxy

From: Mark Nottingham <mnot@mnot.net>
Date: Tue, 11 Mar 2008 21:33:26 +1100
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <56A16D7D-8065-4A42-8227-797DF8100C85@mnot.net>
To: Julian Reschke <julian.reschke@gmx.de>

I don't think a SHOULD NOT is necessary; it should probably look  
something like 402 Payment Required IMO.


On 11/03/2008, at 8:52 PM, Julian Reschke wrote:

> Mark Nottingham wrote:
>> No further discussion, so calling this closed.
>
> So what exactly do we do here?
>
> Currently we have:
>
> "9.3.6 305 Use Proxy
>
> The requested resource MUST be accessed through the proxy given by  
> the Location field. The Location field gives the URI of the proxy.  
> The recipient is expected to repeat this single request via the  
> proxy. 305 responses MUST only be generated by origin servers.
>
>    Note: [RFC2068] was not clear that 305 was intended to redirect a  
> single request, and to be generated by origin servers only. Not  
> observing these limitations has significant security consequences."
>
> Make it...:
>
> "9.3.6 305 Use Proxy
>
> This status code is deprecated (see Section xyz) and SHOULD NOT be  
> generated."
>
> And then in the Changes section note what it used to be...:
>
> "Deprecate 305 Use Proxy status code, because user agents did not  
> implement it. It used to indicate that the requested resource must  
> be accessed through the proxy given by the Location field. The  
> Location field gave the URI of the proxy. The recipient was expected  
> to repeat this single request via the proxy. (Section 9.3.6)"
>
> BR, Julian


--
Mark Nottingham     http://www.mnot.net/
Received on Tuesday, 11 March 2008 10:33:41 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:37 GMT