On Sat, 18 Aug 2007 17:05:50 +0200, Julian Reschke <[EMAIL PROTECTED]>
wrote:
Anne van Kesteren wrote:
I've heard some use cases from authors who want to handle more response
codes. For 30x responses and 401 responses. 304 is already addressed by
XHR1 by letting the author set various headers himself that will let
the user agent pass through the actual response if it's a 304. However,
redirects are always transparantly and a 401 will trigger a dialog
where the user will have to enter credentials.
Redirects MUST NOT be transparent unless the request method is safe, see
for instance
<http://greenbytes.de/tech/webdav/rfc2616.html#rfc.section.10.3.3.p.3>:
"If the 302 status code is received in response to a request other than
GET or HEAD, the user agent MUST NOT automatically redirect the request
unless it can be confirmed by the user, since this might change the
conditions under which the request was issued."
A yeah, there's a note to that effect even. I haven't tested though if
that's actually followed in practice.
--
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
