- From: Thomas Broyer <t.broyer@gmail.com>
- Date: Fri, 1 Oct 2010 17:50:58 +0200
- To: Mark Nottingham <mnot@mnot.net>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
On Thu, Aug 19, 2010 at 7:24 AM, Mark Nottingham <mnot@mnot.net> wrote: > FYI: now includes concrete protocol elements, etc. > > Begin forwarded message: > >> From: Internet-Drafts@ietf.org >> Date: 18 August 2010 2:00:03 PM AEST >> To: i-d-announce@ietf.org >> Subject: I-D Action:draft-nottingham-http-portal-01.txt >> Reply-To: internet-drafts@ietf.org >> >> A New Internet-Draft is available from the on-line Internet-Drafts directories. >> >> Title : The Network Authentication Required HTTP Status Code >> Author(s) : M. Nottingham >> Filename : draft-nottingham-http-portal-01.txt >> Pages : 7 >> Date : 2010-08-17 >> >> "Captive portals" are a commonly-deployed means of obtaining access >> credentials and/or payment for a network. This memo introduces a new >> HTTP status code as a means of addressing issues found in these >> deployments. >> >> This memo should be discussed on the ietf-http-wg@w3.org mailing >> list, although it is not a work item of the HTTPbis WG. >> >> A URL for this Internet-Draft is: >> http://www.ietf.org/internet-drafts/draft-nottingham-http-portal-01.txt Seeing the example, it looks like my previous idea [1] of defining a new "308 Unauthorized, See other" status code would be better served with a Refresh header (or HTML meta) in the 401+WWW-Authenticate:Cookie response (given that it'd be required anyway, as only Safari honors the redirect). (and it looks like it was my conclusion at that time... [2] I don't know why I pursued the idea a few months later! [3]) Is the Refresh header field defined somewhere? (the meta refresh is defined in HTML, including HTML5 [4], but how about the HTTP header? –that might have been the reason I kept the 308 around) [1] http://www.w3.org/mid/a9699fd20901191502o2d0d3493u543b3cad167a7cb7@mail.gmail.com [2] http://www.w3.org/mid/a9699fd20902010225h29b09c9byc7f3b58214829afe@mail.gmail.com [3] http://hg.ltgt.net/http-cookie-auth/rev/d786cfe607a4 [4] http://www.w3.org/TR/html5/semantics.html#attr-meta-http-equiv-refresh -- Thomas Broyer /tɔ.ma.bʁwa.je/
Received on Friday, 1 October 2010 15:58:05 UTC