Hmm plot thickens

Telstra seem to cache or set headers on pages from 302 and 303 to
encourage the iphone/ipad to cache results of 302's and 303's.

T

On Mon, Sep 13, 2010 at 2:34 PM, Tim Hoffman <zutes...@gmail.com> wrote:
> Just a follow up.
>
> I changed all occurences of HTTPFound to HTTPSeeOther and redeployed
> to appengine.
> And now iphones and ipads accessing the application via Telstra 3G
> network now behave correctly.
>
> So I think I am correct in my interpretation and resolution.
>
> If people agree I will supply a patch (oops I haven't check repoze.who
> 2.x to see if its already been done there.)
>
> Tim
>
> On Mon, Sep 13, 2010 at 1:39 PM, Tim Hoffman <zutes...@gmail.com> wrote:
>> Hi
>>
>> I have run into a bit of a weird problem.
>>
>> I am using repoze.who successfully on appengine (not really relevant
>> ;-) and did some testing recently of the application
>> on an iphone4 on telstra's 3G network, and login's stopped working.
>>
>> (previous testing was on various other 3G and conventional ISP, with
>> normal browsers, iphone, ipad and android)
>>
>> On Telstra3G network we have found that on successful login repoze.who
>> (1.0.18) does a HTTPFound(came_from)  to send you to the page/url
>> which is your planned destination.  paste (1.7.2)  HTTPFound returns
>> http status 302.  And on all networks I had tried to date it works
>> fine
>> but on telstra we actually get served the original login form which
>> was the original result of the inital failed page request
>>
>> To help illustrate step by step what happens with repoze.who
>> redirecting form plugin.
>>
>> Start out not logged in
>>
>> goto url  -> /home  -  get a 302 response with location
>> /login?came_from=/home  as we are not logged
>>
>> browser loads -> /login?came_from=/home user logs in with a POST, and
>> redirecting form now sends 302 with location /home  (See line 191
>> who/plugins/form.py)
>>
>> iphone/ipad now tries to get ->  /home and telstra serves up the
>> cached previous response for /home which is  /login?came_from=/home
>>
>> Which is not what I expected ;-)
>>
>> However having a read up on 302 status on wikipedia it suggests that
>> in fact if adhering to the letter of the law a 303 response
>> should actually be returned by redirecting form plugin. So maybe
>> telstra is doing the right thing.  The wikipedia article on 302
>> suggests the use 303 behaviour for 302 is a common pattern.
>>
>> http://en.wikipedia.org/wiki/HTTP_302  and
>> http://en.wikipedia.org/wiki/HTTP_303
>>
>> So I think the redirecting form plugin for repoze.who should in fact
>> be using HTTPSeeOther paste exception rather than HTTPFound.
>>
>> Does any one agree with my interpretation of whats going on ?
>> Comments welcome ?
>>
>> Regards
>>
>> Tim Hoffman
>>
>
_______________________________________________
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev

Reply via email to