Open ghost opened 3 years ago
Here's the IEEE RFC for the 308 response: https://tools.ietf.org/html/rfc7238 In particular, note this section
Note: This status code is similar to 301 (Moved Permanently) ([RFC7231], Section 6.4.2), except that it does not allow changing the request method from POST to GET.
Make sense
Currently, the api issues a 301 response if a request arrives with a
http
scheme as opposed to anhttps
scheme. The 301 status works fine forGET
requests and forwards the request correctly, but for some user-agents a 301 status leads to aPOST
request being changed to aGET
request.A
308
response serves the same purpose as a301
, but leaves the method of the request intact, meaning that thePOST
request is served correctly. Here's a cURL request that you can try out:Because of the 301 status, the POST method in that request gets clobbered into a GET method after the redirect and we get an error