W3C home > Mailing lists > Public > www-talk@w3.org > November to December 1995

Re: what's a CGI to do?...

From: Dave Kristol <dmk@allegra.att.com>
Date: Tue, 28 Nov 95 16:07:14 EST
Message-Id: <9511282106.AA05176@ig1.att.att.com>
To: koen@win.tue.nl
Cc: www-talk@w3.org
koen@win.tue.nl (Koen Holtman) wrote:
  > Dave Kristol:
  > >
  > >A user of my server software writes:
  > >
  > >	1.  I have a method=post form whose action is T1, a cgi script.
  > >	2.  T1 reads the post data, does some stuff, and then emits
  > >		"location: /T2" back to the server.  T2 is a script.
  > >	3.  T2 seems to get the POST information in its environment,
  > >		even though T1 already read it.
  > >	4.  If T2 tries to read the POST information, it fails (of course).
  > >	
  > >	This doesn't happen with NCSA [httpd].
  > 
  [...]
  > That said, I agree with you that local redirection processing, if you
  > do want to provide it at all, should borrow semantics from user agent
  > redirection processing.
  > 
  > The HTTP 1.1 draft actually defines 2 forms of dynamic user agent
  > redirection: 302 Moved Temporarily and 303 See Other.  HTTP 1.0 only
  > has 302, so Location should presumably emulate 302 semantics.
  > 
  > (By the way, 302 semantics is almost never useful for scripts that
  > handle POSTs.  Server authors may want to consider adding a second
  > kind of Location: header that borrows semantics from 303 redirection.)

Sigh.  I haven't had time to read the whole draft yet....

Yes, 303 looks useful, except that it requires another request.  So maybe
having a new header that mimics 303 would be good.  But the question of
which method to use remains.
  > 
  > >Beyond that I think the "correct" behavior is undefined.  So I'm trying
  > >to define it.
  > >
  > >Some questions that come up are:
  > 
  > I'll answer these question working from the 302 semantics in the 1.1
  > draft spec.
  > 
  > >1) What should the method be for the redirected request?
  > 
  > POST (or whatever other method T1 got).
  > 
  > >2) If the method should indeed be POST, where does the content come from?
  > >(POST requires Content-Type and Content-Length headers.)
  > 
  > The content should be identical to the content that was offered to T1.

I think that's debatable, at least.  You might presume that T1 already
completely processed the input.  OTOH, it provides more flexibility if
both T1 and T2 can read the input.  Perhaps T1 should output a
Content-length: 0 header if it actually processes the input.  In any
case, it's easiest to explain that each CGI sees the same environment.
  > 
  > >3) Should there be a way for a CGI to specify the method to use with a
  > >redirection?  If yes, only for local URLs, or for full ones, too?
  > 
  > For user agent processed redirection, you can already specify the
  > method by using either 302 or 303 in the Status: cgi-header (at least
  > under NCSA 1.2 you could, I don't know if this is a universal CGI
  > feature).
I don't see that in the current CGI spec.  You can specify status code
and comment, but not method.  (In general why would you specify method
in a status line, anyway?)
  > 
  > For locally processed redirection, see my comments above.
Presumably if you could specify a method in Status (and I don't think
you can, at least not now), you could use that for local processing, too.
  [...]

Dave Kristol
Received on Tuesday, 28 November 1995 16:07:56 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 October 2010 18:14:18 GMT