[TYPO3-core] RFC #9400: Integrate jb_status_code in the TYPO3 core

Andreas Wolf typo3ml at andreaswolf.info
Mon Sep 22 20:30:23 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi Dmitry!

Dmitry Dulepov [typo3] schrieb:
> Andreas Wolf wrote:
>> Btw., we should perhaps disallow usage of Code 302 - it may cause a
>>  problem called URL hijacking with most search engines. See [1] 
>> (unfortunately only in German) for details. Unfortunately what the 
>> English wikipedia [2] says about URL hijacking is something
>> completely different - they use it as a term for typosquatting,
>> which is in no way any similar...
> 
> Well, even if search engines have problem with it, we should not
> disable 302 due to this fact. Search engines do not support flash but
> it does not prevent people from using flash. We develop for humans,
> not robots. If robt does not interpret the specification coreectly,
> this is not our fault.

Your statement would be correct - if it was against the specification.
But it isn't: A temporary redirect (302) is interpreted as "the resource
is at the redirect target now, but it may be somewhere else tomorrow".
So the called URL itself is indexed, the target url is (often) deleted
from the index.

Example: I insert a redirect to typo3.org on
www.mycoolhomepage.com/redirectme.php. Now $robot crawls this page,
finds the redirect to typo3.org, with response code 302.
As typo3.org could be j*****.org tomorrow [1], it only indexes
www.mycoolhomepage.com/redirectme.php and - probably - deletes typo3.org
from its index.

So there is in fact no problem for my own homepage, but for the site I
redirect to. That's why this phenomenon is called URL hijacking.

And in fact the search engines are right according to the HTTP spec.
Just have a look at RFC 2616, section 10.3.3:

  Since the redirection might be altered on occasion, the client SHOULD
  continue to use the Request-URI for future requests.


Hope to have shed some more light on this issue...

[1] don't tear and feather me, it will *never* be ;)


Cheers

Andreas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSNfkPwJFrtzcYmY6AQi0xw/9ELoSyVNtMZ1qNibcL1Ywalq08/BNG7Fo
7ob26ObAzxYCbxGraSITC970iANPRiaeapHyLRG67XMop4zr0t9ie3VECM1/OnSI
pKb0UNtNDZaMd0VJ5WqpY9Ndv1v78s28Nx2s2mCxzTX8GFMSyamnZkDud3JhhAUc
7RHleibXZouRIQOsQnl/t/aM/EPqBLj85hXlJMHh6QVecQjb+GX19io1mCD7A+fz
BY0KXr3mKTmnKfZeNxVwKkIhJ0a7svU957JARJTeIJ9RXoFAx0QsHb1txlTWpvh1
65yWFO7Yc5Swn5KIyeda3OyvIkzcWKrsMAsEAWPB8yHM/+XdckVgNU35adqPJHBk
LZyEwb4sG8xw9cW7ypqopsV1cqltG79rdxn8tHRWXWx5lZZzTzrrI46HCdjDm1Y3
i7UosU07izLle2GvvHd1YgIZo9WpVBpI8NclKTx9FNy7mrakPMXO2I/asDPJzB4b
W1bzkqAr6PSSxcpTcSIoRfZ8vMekuy854Pw/77VugTT8M6YkX+lYRhpxKMmWaVUw
hFsSwd4vgWzEfFljRh1s5/z6EJk0MhpPDEGikLWwhVpfn7FrY5LZZmHG6pbesUQx
AvCX0BrJPDG8CZZXXtwPS1hbKO8vYbr4PUPb/uvZg4dK7E9uFMHRJrpgp7u4fR0z
PFBEp/iIO8Y=
=VUKg
-----END PGP SIGNATURE-----


More information about the TYPO3-team-core mailing list