[Webkit-unassigned] [Bug 31410] New: HTTP 307 after a 303 re-sends POST data from the original request

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Nov 12 08:04:32 PST 2009 

https://bugs.webkit.org/show_bug.cgi?id=31410

           Summary: HTTP 307 after a 303 re-sends POST data from the
                    original request
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Windows 7
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: Page Loading
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: masterchiff at googlemail.com


Hey,

I'm finding that WebKit (starting with Safari 4.0.4 (WebKit 5531.21.10), has
always been working before) is not behaving accordingly to
http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

Steps to reproduce:

- POST some data to some page, e.g. /comments.html

- comments.html responds with "303 See Other" and "Location:
http://.../goto.html?comment=1234"
To quote from the RFC:
>This method exists primarily to allow the output of a POST-activated script to redirect the
>user agent to a selected resource.
>The new URI is not a substitute reference for the originally requested resource. (!!)

- goto.html?comment=1234 is being requested via GET (so far, so good!)

- goto.html responds with "307 Temporary Redirect" and a Location header
(because the URL it redirects to may change)
>The requested resource resides temporarily under a different URI. Since the redirection
>MAY be altered on occasion, the client SHOULD continue to use the Request-URI for future requests.

- Instead of GETing the new Location (/thread123.html), Safari POSTs to
/thread123.html again, with the data from the original POST request. It did not
do that before 4.0.4. Both Windows and Mac 4.0.4s are affected.

---

It seems that the 307 response code kinda overwrites the previous 303 and
WebKit ignores that on the 303, it should have forgotten about the POST data
already.

Any chance we can see this fixed? I'll have to use 301 instead of 307 for now,
as a work-around, but I don't like that. Thanks!

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list