W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2012

Re: #328: user Intervention on Redirects

From: Henrik Nordström <henrik@henriknordstrom.net>
Date: Thu, 16 Feb 2012 07:58:00 +0100
Message-ID: <1329375480.22776.3.camel@home.hno.se>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
tis 2012-02-07 klockan 08:38 -0800 skrev Martin Thomson:

> There isn't a security problem.  X has the information and could
> forward to Y itself.

No it doesn't. Y may require authentication / session cookies / IP based
access lists etc which X can not provide on it's own.

Obviously it only makes a significant difference for user-agents using
explicit URLs and not in the fuzzy case of surfing some web site with a
browser.

Regards
Henrik
Received on Friday, 17 February 2012 01:38:07 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:56 GMT