- From: Ian Hickson <ian@hixie.ch>
- Date: Fri, 12 Feb 2010 05:10:55 +0000 (UTC)
On Fri, 4 Dec 2009, Adam Barth wrote: > > The spec lets sites submit forms with PUT or DELETE methods to their > origin server. What happens if the server responds with a 307 redirect > to a foreign origin? Based on my reading of the fetch algorithm, the > browser will issue a PUT or DELETE request (respectively) to the foreign > origin. It seems like we want to generate a network error instead. HTTP already says for 301, 302, and 307 redirects: "If the [...] status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued". Do user agents not implement what HTTP specifies here? -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Thursday, 11 February 2010 21:10:55 UTC