Hi,
I am looking at
http://java.net/jira/browse/SERVLET_SPEC-14
("Require FORM auth to issue 303 redirects")
Note that 303 is only in HTTP/1.1, not HTTP/1.0.
In section 13.6.3.1 of servlet spec 3.0, it only mentions "redirects"
with no mention of status code.
In section 10.3.4 of RFC 2616, we have
Note: Many pre-HTTP/1.1 user agents do not understand the 303
status. When interoperability with such clients is a concern, the
302 status code may be used instead, since most user agents react
to a 302 response as described here for 303.
So, it seems that some of the client may not understand 303.
I am not sure whether we should mention the status code in this case.
Any comments?
Shing Wai Chan