Re: Redirects and headers

Hi Anne,

On 28/06/2011, at 6:49 PM, Anne van Kesteren wrote:

> HTTP is unclear as to which headers part of the original request are to be preserved in the request to the new URL. E.g. the specification for the EventSource object (server-sent events) says that implementations are to follow redirects. It also says they have to include a Cache-Control header in the original request. Is this header included in subsequent redirected requests? Are headers set via setRequestHeader() in XMLHttpRequest included in subsequent redirected requests?
> 
> It would be good I think if the HTTP specification talked about this in the 3xx section.

Julian pointed out that this was being discussed elsewhere, so I tentatively added a note about this to our ticket #231, "Considerations for new headers" <http://trac.tools.ietf.org/wg/httpbis/trac/ticket/231> earlier today.

That helps for new headers, but of course it doesn't for existing ones.

Looking through the list of request headers, it seems like there are a lot that are specific to the request itself (in isolation), e.g., Date, Content-Length, Host, Transfer-Encoding, Range, TE... and there are a lot that are specific to the resource, e.g., If-*, Authorization, Cookie.

The ones where it's more interesting to talk about are Referer, Cache-Control and Accept-*.

I have a feeling that resolving this one may be tied up in the resolution to <http://trac.tools.ietf.org/wg/httpbis/trac/ticket/22> (see more recent comments at end), which asks us to find an appropriate scope for each header. 

In any case, I'll open a new issue shortly; thanks.


--
Mark Nottingham   http://www.mnot.net/

Received on Tuesday, 28 June 2011 11:19:57 UTC