CIBA: Redirects and the Client Notification Endpoint
Issue #84
resolved
I just want to check the reasoning for the current wording:
The Client SHOULD NOT return an HTTP 3xx code.
The OP SHOULD NOT follow redirects.
All redirects MUST be HTTPS.
I think this is saying:
- Client shouldn't have any redirects on their notification endpoint
- OPs shouldn't follow redirects if the client ignores this
- Even there are redirects then they must be HTTPS
Is my understanding correct and is the WG happy with this approach?
Comments (6)
-
reporter -
reporter -
assigned issue to
-
assigned issue to
-
So, If I understand well, only the 3rd sentence must change?, maybe dissapear?
-
reporter yes - I'll open a pull request
-
reporter -
- changed status to resolved
revolved by merging pull request #17
- Log in to comment
There was discussion of this and an agreement that redirects should not be allowed.