Re: [WWWOFFLE-Users] Making WWWOFFLE refetch redirections only

Mon, 24 Dec 2001 23:11:58 -0800 

"Paul A. Rombouts" <[EMAIL PROTECTED]> writes:

> I have a problem using WWWOFFLE with some websites that redirect you to an
> authentication page when you request an article without first logging in.
> An example of this can found at the site of the New York Times.
> For instance, if you try to view the article with the URL
> http://www.nytimes.com/2001/12/20/science/20QUAN.html, you get a response
> that redirects you to
> 
>http://www.nytimes.com/auth/login?URI=http://www.nytimes.com/2001/12/20/science/20QUAN.html,
> which automatically authenticates you if have the appropriate cookies set.
> The last page then redirects you back to
> http://www.nytimes.com/2001/12/20/science/20QUAN.html.
> The trouble begins if WWWOFFLE instead of refetching the first URL, gives
> the browser the cached version which is a redirection. In this case you get
> caught in end endless loop of redirections.

There are many ways that a server can try and authenticate the user.
The most obvious way is to use the HTTP authentication methods.
More complex methods are also possible, for example using Cookies.

The problem with all authentication schemes is that they make pages
uncacheable.  They must do this so that a user that has been not
authenticated cannot access the cached version of the page that was
requested by somebody that has been authenticated.  The server must
take steps to ensure that the page is not cached by any proxies that
are between the server and the user.

It should be possible to find out the method that the server is using
to make the pages uncacheable and ensure that WWWOFFLE does not cache
them (or actually to make sure that they are re-fetched).

Try looking at the request-expired and request-no-cache options that
are in the OnlineOptions section of the configuration file.  These
will allow you to define that WWWOFFLE will always fetch a new version
of an expired web-page or a new version of a page that is marked as
not cacheable.

The other problem is that when cookies are used for this type of
authentication it is difficult for WWWOFFLE to know what to do.  There
is a section in the WWWOFFLE FAQ about the problems with cookies, so I
won't repeat it here.


-- 
Andrew.
----------------------------------------------------------------------
Andrew M. Bishop                             [EMAIL PROTECTED]
                                      http://www.gedanken.demon.co.uk/

WWWOFFLE users page:
        http://www.gedanken.demon.co.uk/wwwoffle/version-2.6/user.html

Reply via email to