[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] FW: Comments on Bindings and Profiles doc - Draft 06
Scott, I understand the processing - the HTML form has the TARGET value within - so that when the POST occurs that value will be available to the receiving web application. The web application could then use that value to do a redirect etc to the actual target. My only point is that this is not explained at all - and I believe it should do - accepting of course that it is non-normative. John > -----Original Message----- > From: Scott Cantor [mailto:cantor.2@osu.edu] > Sent: 20 May 2003 17:15 > To: 'John Hughes'; security-services@lists.oasis-open.org > Subject: RE: [security-services] FW: Comments on Bindings and Profiles > doc - Draft 06 > > > > Also some comments on the Browser/POST Profile section: > > > > General - seems strange to the reader that the TARGET value > > supplied in the HTML form received back is then not used in > > the POST. I think something should be said on this matter. > > Used in what sense? Normally it gets used to redirect the browser > to the resource, but since the profile doesn't formally require > TARGET be used in that way, it doesn't mandate anything. > > -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]