From nobody@hyperreal.com Tue Mar 11 02:52:34 1997 Received: by taz.hyperreal.com (8.8.4/V2.0) id CAA18444; Tue, 11 Mar 1997 02:52:34 -0800 (PST) Message-Id: <199703111052.CAA18444@taz.hyperreal.com> Date: Tue, 11 Mar 1997 02:52:34 -0800 (PST) From: Rob Meijer Reply-To: rob@flnet.nl To: apbugs@hyperreal.com Subject: Location: output of post processing CGI scripts X-Send-Pr-Version: 3.2 >Number: 227 >Category: general >Synopsis: Location: output of post processing CGI scripts >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: closed >Class: change-request >Submitter-Id: apache >Arrival-Date: Tue Mar 11 03:00:01 1997 >Last-Modified: Sun Apr 6 20:55:53 PDT 1997 >Originator: rob@flnet.nl >Organization: >Release: all >Environment: . >Description: With some browsers it seems that if a CGI script that processes a POST request sends a 'Location:' header(in order to request one of a small set of html pages), that some strange browsers than do a POST to these HTML pages. >How-To-Repeat: >Fix: I know this is actualy a bug in these browsers, but wouldn't it be a good thing to internaly convert a POST to a file into a GET if the file is a non cgi file. >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: marc State-Changed-When: Sun Apr 6 20:55:53 PDT 1997 State-Changed-Why: The bug is actually in the browsers that DO convert to a GET; they should not. Note: When automatically redirecting a POST request after receiving a 301 status code, some existing HTTP/1.0 user agents will erroneously change it into a GET request. Also see section 10.3.4, which describes the 303 response which does what you want, although older software doesn't support it. From section 10.3.2 of RFC2068: >Unformatted: