💾 Archived View for gemi.dev › gemini-mailing-list › 000198.gmi captured on 2024-03-21 at 17:05:21. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-12-28)
-=-=-=-=-=-=-
Given that user-agents should refrain from initiating network connection on their own, should redirects (3x) be manually confirmed? With explicit user consent? The spec is ambivalent: Redirect limits Clients may prompt their users for decisions as to whether or not to follow a redirect, or they may follow redirects automatically. Perhaps user-agents SHOULD prompt for decisions as to whether to follow a redirect, or MAY follow redirects automatically.
On Wed, Jun 10, 2020 at 12:49:11PM +0200, Petite Abeille wrote: > Given that user-agents should refrain from initiating network connection on their own, should redirects (3x) be manually confirmed? With explicit user consent? The recent change in the spec regarding automatic initiation of network connections is very clearly limited in scope to the displaying of link lines, so redirects are not covered by it. > Perhaps user-agents SHOULD prompt for decisions as to whether to follow a redirect, or MAY follow redirects automatically. Bombadillo is an example of a client which always prompts for a decision on redirects with (to my knowledge) a single exception (maybe this is still just planned, not implemented - I don't use Bombadillo often, but Sloum and I talk about client design a lot). If a client requests a URL not ending in a slash, and the server maps it to a directory, the server must issue a redirect which appends the slash to the URL, otherwise relative links will not work. Manually confirming *that* every time will be annoying and serve no good purpose. AV-98 is slightly more pragmatic. If can be configured to prompt on every redirect, but by defaut it automatically follows all redirects
---