W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2011

#160: Redirects and non-GET methods

From: Mark Nottingham <mnot@mnot.net>
Date: Sun, 17 Jul 2011 21:16:51 +1000
Message-Id: <912AAC79-C1DA-4580-A124-09C6770A6D8C@mnot.net>
To: HTTP Working Group <ietf-http-wg@w3.org>

I've just tested the latest iterations of the browsers, with the following results:

 Safari/533.21.1 - all 301, 302, 307 rewritten to GET; 303 methods are preserved
 Firefox/5.0.1 - all 301, 302 rewritten to GET; 303 and 307 methods are preserved
 Chrome/14.0.814.0 - all 301, 302 rewritten to GET; 303 and 307 methods are preserved
 Opera/11.50 - all 301, 302 rewritten to GET; 303 methods are preserved; 307 tests crash the browser
 MSIE/9.0 (latest) - all 301, 302 methods preserved except POST (changed to GET); all 303, 307 methods are preserved

So, many browsers rewrite many methods to GET on 301 and 302. whereas most browsers preserve methods on 303 and 307*. 

We *could* codify this practice. However, as Julian notes in the bug, the fact that IE doesn't rewrite anything except POST is an existence proof (and a fairly large one) that it's workable to not rewrite the method on non-POST methods.

So, I'm inclined to agree that we could address this by changing 301 an 302 to note that POST is rewritten to GET; it's a smaller change, although it would require changes in more browsers.

Thoughts? Especially from browser people?

* Note that this doesn't include HEAD consistently, because HEAD support in XHR seems... spotty. However, where it was tested, it seems to be rewritten to GET.

Mark Nottingham   http://www.mnot.net/
Received on Sunday, 17 July 2011 11:17:26 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:10:58 UTC