Robin H. Johnson wrote: > My quote was from the first sentence of RFC1738, sec 3.3 (HTTP), para 4.
Missed that, sorry. >> Redirecting clients to new URLs would give you perfect caching as well. > That's why I say i'm willing to do redirection at the cache level. > I do NOT want lots of users with old links to hit the actually web application > if it's just going to redirect all of them to a page that is already in the > cache. I thought you were doing caching/redirects on a service that sits before the real webapp . >>> - The old parsing and variable usage code was the source of multiple >>> bugs as well as the security issue that shuttered the site. >> Only because it passed the raw, unescaped values directly to shell, >> which is of course badly broken. > Have a look at the recent discussion about HTML5 issues > (http://www.crockford.com/html/), which also applies to web applications: > "HTML 5 is strict in the formulation of HTML entities. In the past, some > browsers have been too forgiving of malformed entities, exposing users to > security exploits. Browsers should not perform heroics to try to make bad > content displayable. Such heroics result in security vulnerabilities." I can't follow this one -- how are broken browsers related to non-standard URLs? Why is an attempt to invent a competitive standard to XHTML related to URLs? >> Now that's something that sound reasonable. Why limit the period and >> don't provide it forever? > Time limited to force everybody to move over, and to not have to support > the redirections for the old version of the site forever, when they > weren't advertised as permanent URLs. My question could be re-phrased as "why don't keep those redirects", but you did the work, so you decide how to run it and I have no problems with that :). > I did a quick hack up of some statistics, and I see that only 6.7% (5001 out > of > (69434+5001)) of the overall visitors were arriving at the old locations and > not receiving the content they were originally interested in. Fine with me, thanks for your answers and all the work. Cheers, -jkt -- cd /local/pub && more beer > /dev/mouth
signature.asc
Description: OpenPGP digital signature
