- From: Mark Baker <distobj@acm.org>
- Date: Mon, 3 Nov 2003 15:46:16 -0500
- To: ietf-http-wg@w3.org
Hi, In the descriptions of each of the 301, 302, and 307 response codes of RFC 2616, the following text can be found; "If the [code] status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued." I believe that the conformance level should be "SHOULD NOT" rather than "MUST NOT". Though I'm not familiar with the history of this requirement, it seems self-explanatory regarding its intent; it's there as a warning, not as a conformance statement. And while it's certainly the best approach in the generic case (as "SHOULD NOT" would indicate), the opportunity for a private agreement to exist between client and server should be recognized IMO. In my case, the nature of the type of resource - as indicated in the messages via link metadata - to which a POST is submitted is such that there is no change of condition under which the request was issued. The agent has committed to submitting the data across a trust boundary with the expectation that a redirect is being performed in lieu of the server acting as an intermediary for the request. Thanks. Mark. -- Mark Baker. Ottawa, Ontario, CANADA. http://www.markbaker.ca
Received on Monday, 3 November 2003 15:44:40 UTC