can't the login page be included in the error page?
This way you have both the error and no need for redirect as a user
can directly login.
On Mon, Jun 15, 2009 at 8:08 AM, Alexey Nezhdanov<snak...@gmail.com> wrote:
> Sure. For a start I'll provide the list that I have.
>
> Pros:
> 1) Search-engine friendly. SEs see proper '401 Not authorised' response
> instead of '303 Found' when trying to access login-only pages
> 2) Unit tests - binding to 401/403 codes is more explicit. Receiving them
> gives better understanding on what happens.
> 3) RFC compliance
>
> Cons:
> 1) Browser must render the page to trigger the redirect. So at least in some
> browsers (for me it is Fx 2.0) this causes a momentary page clear before new
> page is drawn (old page -> blank -> new page).
>
> So far I can see only one workaround: put there some content so that page
> will not look so blank - in this case only 'content' part of the scren
> should clear leaving menus/logos/other decorators static. That can be done
> only in application I think.
>
>
> On Mon, Jun 15, 2009 at 9:52 AM, mdipierro <mdipie...@cs.depaul.edu> wrote:
>>
>> I would like to hear more opinions about this before changing it.
>> Pros? Cons?
>>
>> Massimo
>>
>> On Jun 14, 10:28 pm, Alexey Nezhdanov <snak...@gmail.com> wrote:
>> > No, I didn't meant IE. I meant that since redirect page doesn't have
>> > anybody
>> > for a user AND it is not a 301/303 page - it actually rendered.
>> > That is visible at least in Firefox.
>> > Also if I just add some random content (like 'you are being redirected')
>> > it
>> > will be visible too (site -> 'you are being redirected' -> site again).
>> > If
>> > you think that it is a good idea - I'll do.
>> >
>> > On Monday 15 June 2009 01:05:25 mdipierro wrote:
>> >
>> >
>> >
>> > > You can replace the page blanking by adding some content longer than
>> > > 512 chars
>> >
>> > > On Jun 13, 11:08 am, Alexey Nezhdanov <snak...@gmail.com> wrote:
>> > > > On Saturday 13 June 2009 16:58:33 mdipierro wrote:> I will take this
>> > > > patch!
>> >
>> > > > Here it is, attached. Tested with latest stable, then ported to
>> > > > trunk
>> > > > version and tested again.
>> > > > However there is one problem with it. On error code 401 browser
>> > > > actually
>> > > > _renders_ the page causing it to be blanked and redrawn as opposed
>> > > > to 303
>> > > > which just waits a bit, then instantly replaces page content.
>> > > > I do not know if there is a way to suppress that page blanking.
>> > > > Otherwise it seems to be working as intended.
>> >
>> > > > > On Jun 13, 6:19 am, Alexey Nezhdanov <snak...@gmail.com> wrote:
>> > > > > > I'm writing unit tests for my app and come across this problem:
>> > > > > > if I try to access the page which has @auth.requires_login()
>> > > > > > I get error 303 - i.e. redirect to the page with login/password
>> > > > > > form.
>> > > > > > While this works visually for browsers, it is actually wrong for
>> > > > > > testing AND for search engines. Status codes are important for
>> > > > > > robots
>> > > > > > and here status is set incorrectly (should be 401).
>> > > > > > So why we not set this to 401 and make redirect with other means
>> > > > > > (javascript/meta tags)? We know that pages that are larger than
>> > > > > > certain size are displayed ok in IE so this should not be a
>> > > > > > problem.
>> > > > > > Here is sample page with redirect:
>> >
>> > > > > > """<html>
>> > > > > > <head>
>> > > > > > <meta http-equiv="expires" content="0" />
>> > > > > > <meta http-equiv="refresh" content="0;url=%(nexturl)s/"
>> > > > > > />
>> > > > > > <script type="text/javascript"><!--
>> > > > > > window.location='%(nexturl)s';
>> > > > > > // --></script>
>> > > > > > </head>
>> > > > > > <body />
>> > > > > > </html>
>> > > > > > """%{'nexturl':URL(r=request,c='auth',f='login')}
>> >
>> > > > > > If this is a good idea - I'll write a patch.
>> >
>> > > > > > --
>> > > > > > Sincerely yours
>> > > > > > Alexey Nezhdanov
>> >
>> > > > --
>> > > > Sincerely yours
>> > > > Alexey Nezhdanov
>> >
>> > > > noauth-401-403.diff
>> > > > 5KViewDownload
>> >
>> > --
>> > Sincerely yours
>> > Alexey Nezhdanov
>>
>
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
