Hi,
As specced in RFC2616, the 301 response code allows the server* to
arbitrarily and permanently change the configuration of a user agent.
Thus anything from a temporary misconfiguration of the server to a
deliberate attack can cause a bookmark or automated client to never
work again (unless the user has backups). I'm shocked there's no
verbiage in the spec pointing out this pitfall. Am I missing something?
(* or rather the currently connected network, since there's no
guarantee you're speaking to the original server)
Graham
