On 11/16/2010 09:16 PM, Amos Jeffries wrote:
This makes Squid send an HTTP/1.1 307 status response to 1.1+ clients if
the deny_info directive is used to redirect non-GET/HEAD requests.
Current behaviour is to use a 302, which browsers will prevent
displaying for security protection against injection attacks. Using 307
will give browsers a better chance to identify the redirects and handle
them safely.
The change in the default status code should probably be reflected in
squid.conf.
Thank you,
Alex.
