Re: Redirection following POST

Stanley Gambarin (gambarin@OpenMarket.com)
Fri, 07 Feb 1997 17:49:05 -0500

Message-Id: <199702072249.RAA00790@u4-138.openmarket.com>
To: Michael Smith <mjs@cursci.co.uk>
Subject: Re: Redirection following POST 
In-Reply-To: Your message of "Fri, 07 Feb 1997 16:02:35 GMT."
             <32FB521B.4F3A94B2@cursci.co.uk> 
Date: Fri, 07 Feb 1997 17:49:05 -0500
From: Stanley Gambarin <gambarin@OpenMarket.com>

> According to the README of mod_fastcgi.c (I think I am up to date here):
> 
> 3.  The response header parser performed very little checking.
>     Now the parser enforces the guidelines in the CGI/1.1
>     Internet-Draft: Status and Location are mutually exclusive,
>     Location can only be a response to GET or HEAD,
>     CGI response headers can't be repeated, etc.  (The CGI response
>     headers are the ones the handler interprets: Status, Location,
>     and Content-type.)
> 
> --
> 
> Yet I've just been sent the following from the HTTP/1.1 spec:
> 
> 
> 
> > 10.3.4 303 See Other
> > 
> >    The response to the request can be found under a different URI and
> >    SHOULD be retrieved using a GET method on that resource. This method
> >    exists primarily to allow the output of a POST-activated script to
> >    redirect the user agent to a selected resource. The new URI is not a
> >    substitute reference for the originally requested resource. The 303
> >    response is not cachable, but the response to the second (redirected)
> >    request MAY be cachable.
> > 
> >    If the new URI is a location, its URL SHOULD be given by the Location
> >    field in the response. Unless the request method was HEAD, the entity
> >    of the response SHOULD contain a short hypertext note with a
> >    hyperlink to the new URI(s).
> 
> These seem to be slightly contradictory to me (though one is HTTP and
> one is CGI).
> 
> Bearing this in mind, would it make sense for apache+fcgi to redirect
> following a post if a Status: 303 was given?
> 
> Mike

	You do not have the latest version of mod_fastcgi.  The check for 
Status and Location headers has been removed.  From the README..

What's New: Version 1.4.1, 4 Dec 1996
---------------------------------------

1.  Checks have been removed from the ScanCGIHeaders that provided 
    for the presence of both Status and Location headers as being 
    an error.  Contradictory to CGI/1.1 Internet Draft, both of 
    these headers are used by the current CGI applications.


							Stanley.