Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Misleading option --post303 #2723

Closed
vfaronov opened this issue Jul 9, 2018 · 3 comments
Closed

Misleading option --post303 #2723

vfaronov opened this issue Jul 9, 2018 · 3 comments

Comments

@vfaronov
Copy link

vfaronov commented Jul 9, 2018

The documentation for the --post303 option says:

respect RFC 7231/6.4.4 and not convert POST requests into GET requests when following a 303 redirection. The non-RFC behaviour is ubiquitous in web browsers

But RFC 7231 Section 6.4.4 actually says:

[...] intended to provide an indirect response to the original request. A user agent can perform a retrieval request targeting that URI (a GET or HEAD request if using HTTP) [...]

The user agent is not supposed to blindly resubmit the original request to the new URI, which is the whole point of distinguishing 303 from 302. So browsers get this just right.

I guess the option could be useful for some applications that get this wrong, but its description is misleading.

@bagder
Copy link
Member

bagder commented Jul 9, 2018

Agreed, that text is a copy and paste from the other --post30X options and incorrect.

bagder added a commit that referenced this issue Jul 9, 2018
... and not the other way around, which this previously said.

Reported-by: Vasiliy Faronov
Fixes #2723
@bagder
Copy link
Member

bagder commented Jul 9, 2018

@vfaronov do you think #2726 fixes it good enough?

@vfaronov
Copy link
Author

vfaronov commented Jul 10, 2018

Yes, looks fine.

@bagder bagder closed this as completed in 522236f Jul 10, 2018
falconindy pushed a commit to falconindy/curl that referenced this issue Sep 10, 2018
... and not the other way around, which this previously said.

Reported-by: Vasiliy Faronov
Fixes curl#2723
Closes curl#2726
@lock lock bot locked as resolved and limited conversation to collaborators Oct 8, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

2 participants