- From: Julian Reschke <julian.reschke@gmx.de>
- Date: Sat, 18 Aug 2007 17:05:50 +0200
- To: Anne van Kesteren <annevk@opera.com>
- CC: "Web API WG (public)" <public-webapi@w3.org>
Anne van Kesteren wrote: > I've heard some use cases from authors who want to handle more response > codes. For 30x responses and 401 responses. 304 is already addressed by > XHR1 by letting the author set various headers himself that will let the > user agent pass through the actual response if it's a 304. However, > redirects are always transparantly and a 401 will trigger a dialog where > the user will have to enter credentials. Redirects MUST NOT be transparent unless the request method is safe, see for instance <http://greenbytes.de/tech/webdav/rfc2616.html#rfc.section.10.3.3.p.3>: "If the 302 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued." > ... Best regards, Julian
Received on Saturday, 18 August 2007 15:06:12 UTC