[OpenID] Calling OpenID 2.0 editors (was RE:Problems withOpenID and TAG httpRange-14)
Noah Slater
nslater at bytesexual.org
Tue Mar 11 17:30:43 UTC 2008
On Mon, Mar 10, 2008 at 10:25:35AM -0700, Johnny Bufu wrote:
> By your reasoning, if URL-1 303-redirects to URL-2, which in turn sends
> a "welcome to URL-2" in the HTML body, a browser fetching URL-1 SHOULD
> (or MUST?):
>
> - display URL-1 in the location bar
No, it is fine to follow the redirect.
> - parse the HTML content and replace every appearance of URL-2 with
> URL-1
No, it is fine to show the new page.
> I believe this scenario is closer to the absurd than the current state of
> all major browsers to display URL-2, regardless which of the
> 301/302/303/307 redirect types were followed.
Clearly, this would make no sense.
> If all browsers do this, I don't see why OpenID discovery can't.
Sure, OpenID should be free to follow the redirects and parse the HTML found at
the new location for any delegation link elements etc, in fact, I would very
much hope that OpenID continues to do this.
I think you have misunderstood my problem though. When the OpenID agent follows
this redirect to the new location and finds the delegation server, processes the
login and what have you, I am saying that when it remembers your OpenID for
future uses or for display on a website it should use the original URI and not
the one that was found by redirection.
As the HTTP RFC clearly states, the second URI is not a replacement for the
first even though the content available from dereferencing it can be used.
Hope this clears up a few things.
Thanks,
--
Noah Slater <http://bytesexual.org/>
More information about the general
mailing list