Re: [Django Code] #987: HttpResponseRedirect uses/allows relative URIs for the HTTP Location header, which is forbidden by HTTP

Wed, 15 Aug 2007 16:29:15 -0700 

#987: HttpResponseRedirect uses/allows relative URIs for the HTTP Location
header, which is forbidden by HTTP
----------------------------------+-----------------------------------------
   Reporter:  [EMAIL PROTECTED]  |                Owner:  adrian                
     Status:  new                 |            Component:  Core framework       
 
    Version:                      |           Resolution:                       
 
   Keywords:                      |                Stage:  Design decision 
needed
  Has_patch:  1                   |           Needs_docs:  0                    
 
Needs_tests:  0                   |   Needs_better_patch:  0                    
 
----------------------------------+-----------------------------------------
Comment (by SmileyChris):

 Replying to [comment:17 Ludvig Ericson <[EMAIL PROTECTED]>]:
 > Sorry if I'm being blatantly ignorant, but kind sires, can we not simply
 try to find the HTTP Host header, which is in fact mandatory in HTTP 1.1,
 and most HTTP 1.0 clients send it anyway?
 Did you ''read'' my patch? That's pretty much what it does.
 
 > If it doesn't exist, then the client leaves us no choice but to violate
 the HTTP RFCs. Not entirely sure how this would be done with Django, but
 the concept is there.
 Regarding getting it, `get_host` is how it is done in Django. And #4986
 will make it a bit smarter still to fall back if the HTTP Host isn't
 provided.
 
 > On a slightly related note, I don't get why you need absolute URLs, what
 bothers me most is the fact that you have to specify the protocol (scheme
 if you will) - makes it even harder as we have to specify HTTP vs. HTTPS.
 We're just trying to follow the HTTP spec, and this is the wrong place to
 contest that ;). If you check out my patch, you'll see that it's all
 handled pretty well (and automatically).

-- 
Ticket URL: <http://code.djangoproject.com/ticket/987#comment:18>
Django Code <http://code.djangoproject.com/>
The web framework for perfectionists with deadlines
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to