On Tue, Aug 17, 2010 at 11:36 PM, Mark Nottingham <[email protected]> wrote: >> The other reason people get funny with these status codes has to do >> with browser behavior. Sometimes browsers react in funny ways to >> funny HTTP status codes. To be on the safe side, developers tend to >> return an HTTP 200 with whatever they want the user to see. > > Can you give concrete examples, please? What browsers do what exactly, under > what circumstances?
Here's a well-known example: http://malektips.com/internet-explorer-8-disable-friendly-error-messages.html. Fuzzier stuff is in handling of things like WWW-Authenticate headers on HTTP 200 responses, or 401s with unknown authorization challenges. _______________________________________________ OAuth mailing list [email protected] https://www.ietf.org/mailman/listinfo/oauth
