Hmm plot thickens
Telstra seem to cache or set headers on pages from 302 and 303 to
encourage the iphone/ipad to cache results of 302's and 303's.
On Mon, Sep 13, 2010 at 2:34 PM, Tim Hoffman <zutes...@gmail.com> wrote:
> Just a follow up.
> I changed all occurences of HTTPFound to HTTPSeeOther and redeployed
> to appengine.
> And now iphones and ipads accessing the application via Telstra 3G
> network now behave correctly.
> So I think I am correct in my interpretation and resolution.
> If people agree I will supply a patch (oops I haven't check repoze.who
> 2.x to see if its already been done there.)
> On Mon, Sep 13, 2010 at 1:39 PM, Tim Hoffman <zutes...@gmail.com> wrote:
>> I have run into a bit of a weird problem.
>> I am using repoze.who successfully on appengine (not really relevant
>> ;-) and did some testing recently of the application
>> on an iphone4 on telstra's 3G network, and login's stopped working.
>> (previous testing was on various other 3G and conventional ISP, with
>> normal browsers, iphone, ipad and android)
>> On Telstra3G network we have found that on successful login repoze.who
>> (1.0.18) does a HTTPFound(came_from) to send you to the page/url
>> which is your planned destination. paste (1.7.2) HTTPFound returns
>> http status 302. And on all networks I had tried to date it works
>> but on telstra we actually get served the original login form which
>> was the original result of the inital failed page request
>> To help illustrate step by step what happens with repoze.who
>> redirecting form plugin.
>> Start out not logged in
>> goto url -> /home - get a 302 response with location
>> /login?came_from=/home as we are not logged
>> browser loads -> /login?came_from=/home user logs in with a POST, and
>> redirecting form now sends 302 with location /home (See line 191
>> iphone/ipad now tries to get -> /home and telstra serves up the
>> cached previous response for /home which is /login?came_from=/home
>> Which is not what I expected ;-)
>> However having a read up on 302 status on wikipedia it suggests that
>> in fact if adhering to the letter of the law a 303 response
>> should actually be returned by redirecting form plugin. So maybe
>> telstra is doing the right thing. The wikipedia article on 302
>> suggests the use 303 behaviour for 302 is a common pattern.
>> http://en.wikipedia.org/wiki/HTTP_302 and
>> So I think the redirecting form plugin for repoze.who should in fact
>> be using HTTPSeeOther paste exception rather than HTTPFound.
>> Does any one agree with my interpretation of whats going on ?
>> Comments welcome ?
>> Tim Hoffman
Repoze-dev mailing list