Re: what's a CGI to do?...

Dave Kristol (dmk@allegra.att.com)
Thu, 30 Nov 95 10:31:30 EST


koen@win.tue.nl (Koen Holtman) wrote on Wed, 29 Nov 1995 13:38:25 +0100 (MET):
>
> Reading your reply, I get the feeling that you do not know the exact
> semantics of a Location: <absolute URL> cgi-header. The description
> on http://hoohoo.ncsa.uiuc.edu/cgi/out.html is indeed a bit vague
> about this (I determined the semantics myself by reading the NCSA 1.2
> source).
Well, I actually knew them better than you suspected, but not as well as I
should. I, too, read the NCSA (1.3) code. Anyway...

[We discussed what happens if, in response to a POST request, a CGI
issues a "local" redirect via a Location: header. We agreed that the
server should probably behave the same as if the user-agent made the
redirected request.]

There is a problem with the behavior I have summarized, based on the
22Nov95 HTTP/1.1 draft. A user-agent is supposed to ask for user
confirmation of a redirected POST (9.3, under description of 302 Moved
Temporarily). Obviously if the server handles the redirection
internally it isn't asking for confirmation. Perhaps a server can/should
only handle internally GET and HEAD?

Dave Kristol