An observation [1] on the Gemini [2] mailing list [3] led me down a very small rabbit hole. I recalled at one time that a web browser was only supposed to follow five consecutive redirects, and sure enough, in RFC (Request For Comments)-2068 (Hypertext Transfer Protocol – HTTP/1.1) [4]:
10.3 Redirection 3xx
This class of status code indicates that further action needs to be taken by the user agent in order to fulfill the request. The action required MAY be carried out by the user agent without interaction with the user if and only if the method used in the second request is GET or HEAD. A user agent SHOULD NOT automatically redirect a request more than 5 times, since such redirections usually indicate an infinite loop.
“Hypertext Transfer Protocol -- HTTP/1.1 [5]”
But that's an old standard from 1997. In fact, the next revision, RFC-2616 (Hypertext Transfer Protocol – HTTP/1.1) [6], updated this section:
10.3 Redirection 3xx
This class of status code indicates that further action needs to be taken by the user agent in order to fulfill the request. The action required MAY be carried out by the user agent without interaction with the user if and only if the method used in the second request is GET or HEAD. A client SHOULD detect infinite redirection loops, since such loops generate network traffic for each redirection.
Note: previous versions of this specification recommended a maximum of five redirections. Content developers should be aware that there might be clients that implement such a fixed limitation.
“Hypertext Transfer Protocol -- HTTP/1.1 [7]”
And subsequent updates have kept that language. So it appears that clients SHOULD NOT (using language from RFC-2119 (Key words for use in RFCs to Indicate Requirement Levels) [8]) limit itself to just five times, but still SHOULD detect loops. It seems like this was changed due to market pressure from various companies and I think the practical limit has gone up over the years.
I know the browser I use, Firefox [9], is highly configurable and decided to see if its configuration [10] included a way to limit redirections. And lo', it does! The option network.http.redirection- limit exists, and the current default value is “20”. I'm curious to see what happens if I set that to “5”. I wonder how many sites will break?
[1] https://lists.orbitalfox.eu/archives/gemini/2019/000201.html
[2] gopher://zaibatsu.circumlunar.space:70/1/~solderpunk/gemini
[3] https://lists.orbitalfox.eu/listinfo/gemini
[4] https://www.ietf.org/rfc/rfc2068.txt
[5] https://www.ietf.org/rfc/rfc2068.txt
[6] https://www.ietf.org/rfc/rfc2616.txt
[7] https://www.ietf.org/rfc/rfc2616.txt