[ https://issues.apache.org/jira/browse/OFBIZ-5109?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13541148#comment-13541148 ]
Paul Piper commented on OFBIZ-5109: ----------------------------------- Jacques, I do see your concern, but from my point of view it is just another setting which is going to harm those who don't understand it. By setting it to 303 on default, you basically impose it as a standard for all pages. The use of 303 is not ok in most cases and can in fact be of alot of harm: http://sharkseo.com/nohat/303-redirects-seo/. Though I do see that most of the applications within OFBiz are of backoffice nature and hence not meant to be listed by search engines, it doesn't mean that there aren't other workaround for those who see the danger in double posting. To be quite honest, I don't actually see much of a potential danger in most if not all backoffice applications to begin with - so it seems to be a concern for me that is not not existent. The potential harm however is quite enormeous to those who don't understand it and/or forget to reset it... > Allow a whole controller or/and request/s to override a default 303 in case > of redirect > --------------------------------------------------------------------------------------- > > Key: OFBIZ-5109 > URL: https://issues.apache.org/jira/browse/OFBIZ-5109 > Project: OFBiz > Issue Type: Improvement > Components: ALL COMPONENTS > Affects Versions: SVN trunk > Reporter: Jacques Le Roux > Assignee: Jacques Le Roux > Priority: Minor > Labels: 301, 302, 303, code, redirection, redirectionCode, seo > Fix For: SVN trunk > > Attachments: OFBIZ-4937 In version 10.04 - After clicking on lookup, > display login page again.patch > > > Currently when we define a request-redirect in controllers it underneath uses > the Java default 302 redirections ([temporary > redirect|http://en.wikipedia.org/wiki/List_of_HTTP_status_codes#3xx_Redirection]). > > Actually all redirect response types (url, cross-redirect, request-redirect, > request-redirect-noparam) call HttpServletResponse.sendRedirect() through > RequestHandler.callRedirect(). So all controllers redirections do temporary > redirects (302). Ths is all good as long as you don't worry about SEO best > practices which recommend to use 301 instead of 302 (Google for "301 vs 302" > or see [1], [2], [3]). > This matters only for eCommerce. In the context of an ERP (or backend by and > large), we want to replace 302 by 303 and keep the possibility to use 302 > (for [Post/Redirect/Get > pattern|http://en.wikipedia.org/wiki/Post/Redirect/Get] where 303 is best on > HTTP 1.1, 302 on HTTP 1.0) > I want to set a default 303 status-code property in requestHandler.properties > file. Which could be changed for 302 for those who prefer it. The idea is > then to allow to override this default value with a status-code attribute on > the response element. But since I want also to be able to override a complete > controller (like for an eCommerce controller) without having to override each > concerned requests. I finally decided to use also a status-code element in > site-conf.xsd to be placed before handlers: > <xs:element name="status-code" type="xs:string"/> > If present, this will override the status-code property. And the status-code > attribute on the response element will override both (cascading), eg: > <response name="success" type="request-redirect" value="main" > status-code="301"/> > [1] http://support.google.com/webmasters/bin/answer.py?hl=en&answer=93633 > [2] http://support.google.com/webmasters/bin/answer.py?hl=en&answer=40132 > [3] http://searchengineland.com/images/301-302-explained.gif -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira