response header if 303 used

[rob-metalinkage]

currenlty text says "A server SHOULD set a Content-Profile header in HTTP response to the profile
identifier (URI) that the Client requested, not the identifier of any narrower profile that is also applicable identifier (URI) that the Client requested, not the identifier of any narrower profile that is also applicable
since the client might not understand the narrower profile identifier. since the client might not understand the narrower profile identifier."

however after 303 the server doesnt necessarily know what was requested - and should not need to support negotiation. I think the final resource server MAY return either the most specific profiles or the profiles requested by the client or both. The redirection server MUST indicate the profile requested by the client and SHOULD indicate the expected narrower profile to be returned in the redirection request (303 response).

This puts the onus on clients to collate information via the full HTTP information set if they ask for complex negotiation scenarios. This is OK IMHO as if they ask for a single profile they should be able to just trust the response matches.

[rob-metalinkage]

largely addresses #603 - which is preserved to capture full example elucidation one this sub-issue is addressed.

[nicholascar]

There seems to be no reason why servers can't include much more information in a redirect header response than they usually do other than expectation/precedence. That is, most documented cases of redirect responses I can find look like this:

HTTP/1.1 303 See Other
Location: http://example.org/other

...and that's it, but there's nothing preventing:

HTTP/1.1 303 See Other
Location: http://example.org/other
[other headers]

e.g.:

HTTP/1.1 303 See Other
Location: http://example.org/other
Content-Profile: http://otherexample.com/profile/x

Which would allow the redirecting server to tell the client what profile the resource representation its about to get conforms with. Or any other interesting info like alternative representations Link headers.

I suppose most redirect implementers have just not been motivated to include other info, not not allowed to (by the HTTP spec).

[larsgsvensson]

Yes, I agree @nicholascar. And we need to make this interaction scenario explicit in the specification as a best practice.

[nicholascar]

Changes made via PR 1037: better 303 normative text & e.g, better narrower profile e.g.