On 11/16/2010 09:16 PM, Amos Jeffries wrote:
> This makes Squid send an HTTP/1.1 307 status response to 1.1+ clients if
> the deny_info directive is used to redirect non-GET/HEAD requests.
>
> Current behaviour is to use a 302, which browsers will prevent
> displaying for security protection against injection attacks. Using 307
> will give browsers a better chance to identify the redirects and handle
> them safely.
The change in the default status code should probably be reflected in
squid.conf.
Thank you,
Alex.
Received on Wed Nov 17 2010 - 19:27:39 MST
This archive was generated by hypermail 2.2.0 : Thu Nov 18 2010 - 12:00:05 MST