[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev lynx2.8.4pre.4
From: |
Noah |
Subject: |
Re: lynx-dev lynx2.8.4pre.4 |
Date: |
Thu, 12 Jul 2001 02:59:13 -0400 (EDT) |
> In a recent note, Thomas Dickey said:
> Date: Tue, 10 Jul 2001 15:49:47 -0400
>
> I don't have any further changes for 2.8.4, barring bug reports.
> 2001-07-10 (2.8.4pre.4)
I just ran across something, and I'm not certain whether it's a bug or a
feature. I've written a small modperl authentication system. It's your
basic "boy meets webpage, boy enters username and password, server sends a
cookie and a redirect, boy gets access" kind of story. So, the user clicks
submit, and (if authed) a 303 See Other with a target URL is sent, along
with a cookie which will allow the user access as long as he's not idle
for more than N minutes.
Fine.
Except the target URL is the same as the URL containing the form; the
existence of the cookie redefines the server response. This works in opera
(the only GUI browser I have access to right this second), but lynx simply
re-displays the login page. Looks as tho it's simply re-displaying the
copy of the page from cache rather than re-fetching it; I don't see the
GET request for the page it's supposed to be displaying in my logs. And
yes, no-cache headers are being used (both Cache-Control and Pragma). Even
tried tossing a max-age=0 to see if that helped. No such luck.
So.
Am I doing something wrong, or is lynx? As near as I can tell, I'm not
violating any RFC by doing this. I can work around this by adding
'?foo=bar' or some such to the URL (and will, if needed) but I find that
aesthetically displeasing. I'm just weird like that. If I'm violating
something, I'll fix. But I want to be certain I am first. :)
Thanks.
--noah
; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden