You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Paul Richards <p....@elsevier.co.uk> on 1996/05/14 16:52:43 UTC

Apache problem (fwd)

Any comments? 

> The action taken when an error occurs is influenced by the line in srm.conf
> which reads:
> 	ErrorDocument 403 /cgi-bin/errors/403.pl
> The NCSA daemon would catch the error, get the handler document (i.e., start
> the CGI script), and send that document as if it were a new document. This
> includes the generation of header lines, most importantly the statusline,
> which would be
> 	HTTP/1.0 200 Document follows
> The Apache server also gets the handler document, but it retains the
> original status line, which is
> 	HTTP/1.0 403 Forbidden
> indicating that the client does not have access to the requested document.
> 
> Netscape totally ignores the status line, and happily displays the document.
> However, some older versions of Mosaic see that an error occurs, and decide
> that it's better to display everything that follows. This includes header
> information, so Mosaic users of the electronic journals get the header
> information on their screen when they try to enter an access protected area.
> Microsoft Internet Explorer sees the error status line, and generates an
> alerting pop-up window, telling that you do not have access, without
> displaying the document.


-- 
  Paul Richards. Originative Solutions Ltd.  (Netcraft Ltd. contractor)
  Elsevier Science TIS online journal project.
  Email: p.richards@elsevier.co.uk
  Phone: 0370 462071 (Mobile), +44 (0)1865 843155

Re: Apache problem (fwd)

Posted by Tony Sanders <sa...@bsdi.com>.

Paul Richards writes:
> Any comments? 
> 
> > Netscape totally ignores the status line, and happily displays the document.
It really should be red-flaging the document (death to all popups)
so that it is clear to the user that there was an error; but it's
good that it displays the document.

[you could always put a nice red-flag in the document itself :-]

> > However, some older versions of Mosaic see that an error occurs, and decide
> > that it's better to display everything that follows. This includes header
> > information, so Mosaic users of the electronic journals get the header
> > information on their screen when they try to enter an access protected area.
> > Microsoft Internet Explorer sees the error status line, and generates an
> > alerting pop-up window, telling that you do not have access, without
> > displaying the document.

That is just totally bogus; the information returned by the server
is potentially *critical* to the user to figure out what they have
done wrong.

Quoting from the spec [draft-ietf-http-v10-spec-05; Feb 1996]:
	9.4 Client Error 4xx

	...
	Except when responding to a HEAD request, the server should
	include an entity containing an explanation of the error
	situation, and whether it is a temporary or permanent condition.

[Of course, when el-users are at the helm it's usually permanent :-]