[TYPO3-core] RFC #15621: Feature: TYPO3 misses page-option to force SSL oder Non-SSL to page
Ernesto Baschny [cron IT]
ernst at cron-it.de
Thu Sep 2 16:12:57 CEST 2010
Christian Futterlieb schrieb am 02.09.2010 11:35:
> Hi list!
>
> On 02.09.2010 09:52, Dmitry Dulepov wrote:
>> Another thing I thought of is that we should use HTTP status code 303 if
>> there is something in $_POST. The reason for this is that redirection with
>> 301 will not work properly for forms. 303 will. I do not insist on that but
>> it can be a good free convenience for users :)
>
> I think that this point could be very important. As explained in RFC
> 2616, the 303 header code is expicitely used for redirections with POST
> data [1].
>
> Maybe it would make sense to implement something like this:
>
> if(!empty($_POST)) {
> $headerCode = t3lib_utility_Http::HTTP_STATUS_303;
> } else {
> $headerCode = t3lib_utility_Http::HTTP_STATUS_301;
> }
> [1] http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.4
Or maybe:
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$headerCode = t3lib_utility_Http::HTTP_STATUS_303;
} else {
$headerCode = t3lib_utility_Http::HTTP_STATUS_301;
}
Cheers,
Ernesto
More information about the TYPO3-team-core
mailing list