Redirect loops and mazes

Sean Conner sean at conman.org
Wed Oct 16 18:23:11 BST 2019

Previous message (by thread): Redirect loops and mazes
Next message (by thread): Redirect loops and mazes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It was thus said that the Great solderpunk once stated:
> 
> But that's not quite true, actually.  Just because the spec says
> cross-protocol redirects are forbidden doesn't mean malicious servers
> couldn't serve them up anyway.  So well-written clients need to be on
> the lookout for this anyway, no matter what the spec says.  I guess at
> the very least this point should be mentioned in the Best Practices doc
> so it's not overlooked by client iplementors.
> 
> This is not to say it isn't still worthwhile forbidding them in the
> spec.  I think I'm still inclined to do this if nobody comes forward
> with a compelling use case.

  What about content being moved from Gemini to TOR? [1]  Or an archive file
that grew too big to be safely served from Gemini so a switch to HTTPS is in
order? (and you don't want to break an existing link)

  I can see disuading people from doing that, but an ourright ban seems
excessive (to me).

  -spc

[1]	I'm not sure how stuff is addressed with TOR.

Previous message (by thread): Redirect loops and mazes
Next message (by thread): Redirect loops and mazes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list