W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2010

Issue 10, was: User interface requirements for redirecting to unsafe methods

From: Julian Reschke <julian.reschke@gmx.de>
Date: Fri, 12 Feb 2010 12:11:51 +0100
Message-ID: <4B753777.7070204@gmx.de>
To: Maciej Stachowiak <mjs@apple.com>
CC: HTTP Working Group <ietf-http-wg@w3.org>
Julian Reschke wrote:
> Maciej Stachowiak wrote:
>>
>> RFC2616 has some MUST-level user interface requirements relating 
>> redirecting to unsafe methods:
>>
>> <http://greenbytes.de/tech/webdav/draft-ietf-httpbis-p2-semantics-latest.html#status.3xx> 
>>
>> "The action required may be carried out by the user agent without 
>> interaction with the user if and only if the method used in the second 
>> request is GET or HEAD."
> 
> That's a bug. It should talk about safe methods. Re-opening a very old 
> ticket: <http://trac.tools.ietf.org/wg/httpbis/trac/ticket/10#comment:5>.
> ...

Fixed with <http://trac.tools.ietf.org/wg/httpbis/trac/changeset/759> -- 
the introduction now says:

"The action required MAY be carried out by the user agent without 
interaction with the user if and only if the method used in the second 
request is is known to be "safe", as defined in Section 7.1.1."

Best regards, Julian
Received on Friday, 12 February 2010 11:12:35 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:16 GMT