Re: HTTP redirects from Mark Nottingham on 2013-02-27 (www-archive@w3.org from February 2013)

From: Mark Nottingham <Mnot@mnot.net>
Date: Thu, 28 Feb 2013 10:01:33 +1100
To: Anne van Kesteren <annevk@annevk.nl>
Cc: Julian Reschke <julian.reschke@gmx.de>, www-archive <www-archive@w3.org>
Message-Id: <A5F7EBDE-19A0-492E-B8CF-629E5E33B89B@mnot.net>

On 28/02/2013, at 5:06 AM, Anne van Kesteren <annevk@annevk.nl> wrote:

> Hey,
> 
> So I'm trying to work out how much I need to define and how much HTTP
> defines for me. (The context is defining the fetching architecture for
> <img>, <script>, CSS url(), XMLHttpRequest, etc. Nothing published yet
> thus far.) In general I define a redirect as having a status code of
> 301, 302, 303, 307, or 308. The other status codes are not
> automatically followed, so don't really matter here.

Yep, the redirect semantics are defined by the status code, not the presence of Location. 

> Now these might not matter either, if the response lacks a Location
> header

Hm. That's a good case to cover. I'm not sure if we can say anything useful about this in HTTP, but if you have a suggestion, would love to hear it.

> or if the Location header cannot be parsed (e.g. in its value
> the URL scheme contains a space). There's also the case of multiple
> Location headers. Ah, and the age old issue of using
> http://url.spec.whatwg.org/ for parsing so Location: /a b/ works as
> some sites expect.

Relative URLs in Location are now allowed. The rest of error handling is indeed up to you, but we don't stop it (see first note in 7.1.2).

> I studied http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-22#section-7.1.2
> but it's of little help at this point and there's no open issues as
> far as I can tell...
> 
> (I'm also thinking of either enforcing specified limit of 20 or a
> lower limit of allowed redirects as there are some compatibility
> issues there too.)

Yeah, HTTP used to have a suggested upper limit, but that wasn't followed, so we ditched it. Again, happy to hear opinions.

We're just about to (as in, the next day or two) enter Working Group Last Call on the entire document set, and I expect this will be the last one. So, if you guys can do a final review, want to raise issues, etc., this is totally the time to do it.

Cheers,

--
Mark Nottingham   http://www.mnot.net/

Received on Wednesday, 27 February 2013 23:02:01 UTC