W3C home > Mailing lists > Public > www-talk@w3.org > March to April 2007

301 Moved Permanently: Harmful?

From: Graham Parks <GRAHAM@UTSIRE.COM>
Date: Sat, 31 Mar 2007 13:36:35 +0000
Message-Id: <97A90A9C-95E8-4D04-A6D1-1C551EED8AA3@UTSIRE.COM>
To: www-talk@w3.org




Hi,

As specced in RFC2616, the 301 response code allows the server* to  
arbitrarily and permanently change the configuration of a user agent.  
Thus anything from a temporary misconfiguration of the server to a  
deliberate attack can cause a bookmark or automated client to never  
work again (unless the user has backups). I'm shocked there's no  
verbiage in the spec pointing out this pitfall. Am I missing something?

(* or rather the currently connected network, since there's no  
guarantee you're speaking to the original server)

Graham
Received on Sunday, 1 April 2007 16:17:26 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 October 2010 18:14:29 GMT