You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Paul Richards <p....@elsevier.co.uk> on 1996/05/14 16:52:43 UTC
Apache problem (fwd)
Any comments?
> The action taken when an error occurs is influenced by the line in srm.conf
> which reads:
> ErrorDocument 403 /cgi-bin/errors/403.pl
> The NCSA daemon would catch the error, get the handler document (i.e., start
> the CGI script), and send that document as if it were a new document. This
> includes the generation of header lines, most importantly the statusline,
> which would be
> HTTP/1.0 200 Document follows
> The Apache server also gets the handler document, but it retains the
> original status line, which is
> HTTP/1.0 403 Forbidden
> indicating that the client does not have access to the requested document.
>
> Netscape totally ignores the status line, and happily displays the document.
> However, some older versions of Mosaic see that an error occurs, and decide
> that it's better to display everything that follows. This includes header
> information, so Mosaic users of the electronic journals get the header
> information on their screen when they try to enter an access protected area.
> Microsoft Internet Explorer sees the error status line, and generates an
> alerting pop-up window, telling that you do not have access, without
> displaying the document.
--
Paul Richards. Originative Solutions Ltd. (Netcraft Ltd. contractor)
Elsevier Science TIS online journal project.
Email: p.richards@elsevier.co.uk
Phone: 0370 462071 (Mobile), +44 (0)1865 843155
Re: Apache problem (fwd)
Posted by Tony Sanders <sa...@bsdi.com>.
Paul Richards writes:
> Any comments?
>
> > Netscape totally ignores the status line, and happily displays the document.
It really should be red-flaging the document (death to all popups)
so that it is clear to the user that there was an error; but it's
good that it displays the document.
[you could always put a nice red-flag in the document itself :-]
> > However, some older versions of Mosaic see that an error occurs, and decide
> > that it's better to display everything that follows. This includes header
> > information, so Mosaic users of the electronic journals get the header
> > information on their screen when they try to enter an access protected area.
> > Microsoft Internet Explorer sees the error status line, and generates an
> > alerting pop-up window, telling that you do not have access, without
> > displaying the document.
That is just totally bogus; the information returned by the server
is potentially *critical* to the user to figure out what they have
done wrong.
Quoting from the spec [draft-ietf-http-v10-spec-05; Feb 1996]:
9.4 Client Error 4xx
...
Except when responding to a HEAD request, the server should
include an entity containing an explanation of the error
situation, and whether it is a temporary or permanent condition.
[Of course, when el-users are at the helm it's usually permanent :-]