Redirect on YADIS ID de-reference?
Michael Graves
groupmg at gmail.com
Wed Nov 23 10:01:37 PST 2005
So, I'm writing code to implement YADIS discovery (as I currently understand
it), and am wondering what the right thing to do when I get a redirect back when
fetching a YADIS ID.
If I get a 302 back, is it OK to chase the redirect? And if so, should there be
a limit to how many redirects I'm willing to chase to finally get the content,
or should a redirect be an except for YADIS consumers?
Allowing redirects grants the most flexibility, and it's plausiblye to think
that some hosts would implement YADIS dereferencing by handing off the request
to a seperate "YADIS-enabled" server for servicing the request (assuming they
implement more machinery than just capabilities lookup). If so, disallowing
redirects will be a problem. If we do allow them, you have this ambiguous
intermediation between the ID the user supplied and the resources the consumer
uses to validate it. Sounds dangerous to me.
Or is this just local policy for the consumer?
-Mike
More information about the yadis
mailing list