[web2py:24143] Re: Proposal for auth

Sun, 14 Jun 2009 10:35:40 -0700 

Ok, Massimo, do you still think this is a good idea?
Should I make this optional for auth module with default set to [SE-friendly] 
401?

On Saturday 13 June 2009 20:08:36 Alexey Nezhdanov wrote:
> On Saturday 13 June 2009 16:58:33 mdipierro wrote:
> > I will take this patch!
>
> Here it is, attached. Tested with latest stable, then ported to trunk
> version and tested again.
> However there is one problem with it. On error code 401 browser actually
> _renders_ the page causing it to be blanked and redrawn as opposed to 303
> which just waits a bit, then instantly replaces page content.
> I do not know if there is a way to suppress that page blanking.
> Otherwise it seems to be working as intended.
>
> > On Jun 13, 6:19 am, Alexey Nezhdanov <snak...@gmail.com> wrote:
> > > I'm writing unit tests for my app and come across this problem:
> > > if I try to access the page which has @auth.requires_login()
> > > I get error 303 - i.e. redirect to the page with login/password form.
> > > While this works visually for browsers, it is actually wrong for
> > > testing AND for search engines. Status codes are important for robots
> > > and here status is set incorrectly (should be 401).
> > > So why we not set this to 401 and make redirect with other means
> > > (javascript/meta tags)? We know that pages that are larger than certain
> > > size are displayed ok in IE so this should not be a problem.
> > > Here is sample page with redirect:
> > >
> > > """<html>
> > >     <head>
> > >         <meta http-equiv="expires" content="0" />
> > >         <meta http-equiv="refresh" content="0;url=%(nexturl)s/" />
> > >         <script type="text/javascript"><!--
> > >           window.location='%(nexturl)s';
> > >           // --></script>
> > >     </head>
> > >     <body />
> > > </html>
> > > """%{'nexturl':URL(r=request,c='auth',f='login')}
> > >
> > > If this is a good idea - I'll write a patch.
> > >
> > > --
> > > Sincerely yours
> > > Alexey Nezhdanov
> >
> > 


-- 
Sincerely yours
Alexey Nezhdanov

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to 
web2py+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to