Sure. For a start I'll provide the list that I have.
Pros:
1) Search-engine friendly. SEs see proper '401 Not authorised' response
instead of '303 Found' when trying to access login-only pages
2) Unit tests - binding to 401/403 codes is more explicit. Receiving them
gives better understanding on what happens.
3) RFC compliance
Cons:
1) Browser must render the page to trigger the redirect. So at least in some
browsers (for me it is Fx 2.0) this causes a momentary page clear before new
page is drawn (old page -> blank -> new page).
So far I can see only one workaround: put there some content so that page
will not look so blank - in this case only 'content' part of the scren
should clear leaving menus/logos/other decorators static. That can be done
only in application I think.
On Mon, Jun 15, 2009 at 9:52 AM, mdipierro <mdipie...@cs.depaul.edu> wrote:
>
> I would like to hear more opinions about this before changing it.
> Pros? Cons?
>
> Massimo
>
> On Jun 14, 10:28 pm, Alexey Nezhdanov <snak...@gmail.com> wrote:
> > No, I didn't meant IE. I meant that since redirect page doesn't have
> anybody
> > for a user AND it is not a 301/303 page - it actually rendered.
> > That is visible at least in Firefox.
> > Also if I just add some random content (like 'you are being redirected')
> it
> > will be visible too (site -> 'you are being redirected' -> site again).
> If
> > you think that it is a good idea - I'll do.
> >
> > On Monday 15 June 2009 01:05:25 mdipierro wrote:
> >
> >
> >
> > > You can replace the page blanking by adding some content longer than
> > > 512 chars
> >
> > > On Jun 13, 11:08 am, Alexey Nezhdanov <snak...@gmail.com> wrote:
> > > > On Saturday 13 June 2009 16:58:33 mdipierro wrote:> I will take this
> > > > patch!
> >
> > > > Here it is, attached. Tested with latest stable, then ported to trunk
> > > > version and tested again.
> > > > However there is one problem with it. On error code 401 browser
> actually
> > > > _renders_ the page causing it to be blanked and redrawn as opposed to
> 303
> > > > which just waits a bit, then instantly replaces page content.
> > > > I do not know if there is a way to suppress that page blanking.
> > > > Otherwise it seems to be working as intended.
> >
> > > > > On Jun 13, 6:19 am, Alexey Nezhdanov <snak...@gmail.com> wrote:
> > > > > > I'm writing unit tests for my app and come across this problem:
> > > > > > if I try to access the page which has @auth.requires_login()
> > > > > > I get error 303 - i.e. redirect to the page with login/password
> form.
> > > > > > While this works visually for browsers, it is actually wrong for
> > > > > > testing AND for search engines. Status codes are important for
> robots
> > > > > > and here status is set incorrectly (should be 401).
> > > > > > So why we not set this to 401 and make redirect with other means
> > > > > > (javascript/meta tags)? We know that pages that are larger than
> > > > > > certain size are displayed ok in IE so this should not be a
> problem.
> > > > > > Here is sample page with redirect:
> >
> > > > > > """<html>
> > > > > > <head>
> > > > > > <meta http-equiv="expires" content="0" />
> > > > > > <meta http-equiv="refresh" content="0;url=%(nexturl)s/"
> />
> > > > > > <script type="text/javascript"><!--
> > > > > > window.location='%(nexturl)s';
> > > > > > // --></script>
> > > > > > </head>
> > > > > > <body />
> > > > > > </html>
> > > > > > """%{'nexturl':URL(r=request,c='auth',f='login')}
> >
> > > > > > If this is a good idea - I'll write a patch.
> >
> > > > > > --
> > > > > > Sincerely yours
> > > > > > Alexey Nezhdanov
> >
> > > > --
> > > > Sincerely yours
> > > > Alexey Nezhdanov
> >
> > > > noauth-401-403.diff
> > > > 5KViewDownload
> >
> > --
> > Sincerely yours
> > Alexey Nezhdanov
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
