On Fri, 2012-01-13 at 15:04 -0800, Shing Wai Chan wrote:
> Hi,
>
> I am looking at
> http://java.net/jira/browse/SERVLET_SPEC-14
> ("Require FORM auth to issue 303 redirects")
>
> Note that 303 is only in HTTP/1.1, not HTTP/1.0.
> In section 13.6.3.1 of servlet spec 3.0, it only mentions "redirects"
> with no mention of status code.
> In section 10.3.4 of RFC 2616, we have
>
> Note: Many pre-HTTP/1.1 user agents do not understand the 303
> status. When interoperability with such clients is a concern, the
> 302 status code may be used instead, since most user agents react
> to a 302 response as described here for 303.
>
> So, it seems that some of the client may not understand 303.
> I am not sure whether we should mention the status code in this case.
That certainly looks like a risky change.
--
Remy Maucherat <rmaucher_at_redhat.com>
Red Hat Inc