by Sergey Mironenk » Sat, 08 Mar 1997 04:00:00
Could someone please tell me or point me where I can find the info
on how does the web server handles the URL redirect (HTTP status 302)
does the redirected data still passes through the curent webserver or
somehow the redirection is passed to the client?
Thanks
1. Redirection (status 301, 302) from CGI, and content body
This posting is a spin-off from a discussion on the CGI authoring
group under 'Subject: Cookies and the "Location" header'.
However, there are no cookies here ;-)
The HTTP RFCs recommend that when a redirection is performed with
status 301, 302 etc. the response (except for a HEAD request) "should"
include a "short hypertext note with a hyperlink to the new URI(s)"
(see http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.2
and following items).
For redirections performed by Redirect* configuration directives in
Apache, I knew that such a "short hypertext note" was produced, in
accordance with the recommendations. Fine...
For redirections which result from an NPH- CGI script, it's obviously
the responsibility of the script to deal with this, since the server
does not interfere. So no issue there.
But I find myself confused about parsed-headers CGI scripts.
Surely the normal procedure for a parsed-header script wanting to
initiate a redirection is to emit a Location: header, optionally with
a Status: header if desired (the default being status 302): nothing
additional seems to be called for in the CGI spec. I don't seem to
have seen any kind of recommendation saying that the script _should_
be generating its own "short hypertext note", although it can do so if
it wishes.
As a general rule, with parsed-headers scripts it is the server's
responsibility to take the valid CGI response from the script, and use
it for creating an appropriate HTTP response to the client.
I was rather surprised to find that Apache was not supplying its own
"short hypertext note" under these circumstances, but was sending a
response with no content-body at all; and an additional surprise, that
it was sending an actual Content-type: header for a content type which
it had determined on the basis of the file name of the script: I saw
text/plain, application/perl (or even sending application/x-httpd-cgi
if that "magic" type had been used - but this is a side-issue).
I checked the Apache site for bug reports and any discussion, but
didn't find anything which clearly dealt with this issue.
To summarise:
The CGI (draft RFC) spec says in the relevant section at:
http://cgi-spec.golux.com/draft-coar-cgi-v11-03-clean.html#7.2.1.2
Scripts returning an absolute URI MAY choose to provide a
message-body.
The HTTP RFC says in the relevant sections starting with:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.2
the response SHOULD contain a short hypertext note with a hyperlink
to the new URI(s).
It would seem therefore that good-practice for an HTTP server, if
the script author has not provided a content body, would be for
the server to provide one, along with an appropriate Content-type
header.
Shouldn't Apache do this? I'm raising this here rather than as a bug
report, because I'd like to hear some reaction before I'd go as far
as to call it a "bug".
cheers
2. ATTGLOBAL.NET with LINUX & OS/2
3. Looking for intelligent 302 redirection solution
4. Setting for ServerName variable in HTTPd config
5. Please Help: Error 302 (URL related)
8. Apache: Server-side Java Applications
9. 302 Response to HTTP/1.0 GET on Cobalt RaQ 3i
11. rewrite rule for http URL -> https URL on specified directory
12. "GET /~joeblow HTTP/1.0" 302 -
13. URLs of form http://username:passwd@host... in Apache (and other web servers)