W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2008

Re: PROPOSAL: i76 Use Proxy

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Fri, 14 Mar 2008 00:12:42 +0100
To: Julian Reschke <julian.reschke@gmx.de>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <1205449962.10356.77.camel@HenrikLaptop>

On Thu, 2008-03-13 at 17:11 +0100, Julian Reschke wrote:
> "Deprecate 305 Use Proxy status code, because user agents did not 
> implement it. It used to indicate that the requested resource must be 
> accessed through the proxy given by the Location field. The Location 
> field gave the URI of the proxy. The recipient was expected to repeat 
> this single request via the proxy. (Section 9.3.6)"

It has failed mainly because it isn't clearly defined if 305 is a
hop-by-hop redirection, or an end-to-end redirection. 2616 cleared some
of that, but still there is a lot of confusion about what 305 is
supposed to be used for.

The only meaningful definition I can see of 305 is as a hop-by-hop
redirection, with the added security restrictions that 305 messages must
not be accepted if received from a proxy.

Also it's a feature with very little practical use. The same
functionality is easily achieved using resource URLs to surrogate
servers instead, which most people find cleaner.

Additionally the security implications of getting 305 even the slightest
wrong can be very significant.

I am fine with deprecating 305 as "never implemented", moving it's
definition to an appendix explaining the differences between 2616 and
2616bis.

Regards
Henrik
Received on Thursday, 13 March 2008 23:14:03 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:37 GMT