Quick patch suggestion: don't use relative redirects


Relative redirects are technically not defined in HTTP/1.1, so it’s cleaner to not be returning those (Piwik currently does, e.g. in redirecting / to /index.php?..). Instead, use absolute URLs. Thanks.

From URL redirection - Wikipedia

“According to the HTTP protocol, the Location header must contain an absolute URI.[5] When redirecting from one page to another within the same site, it is a common mistake to use a relative URI. As a result most browsers tolerate relative URIs in the Location header, but some browsers display a warning to the end user.”

(vipsoft) #2

Yes, we know it's counter to the current spec (rfc2616) That said, many UAs support the relative URI in the redirect (not sure about Opera 11) since it is used widely (for example, it's simpler for webapps behind proxy servers).

Note: the Httpbis working group has this on the roadmap for the next revision of the HTTP spec. See http://trac.tools.ietf.org/wg/httpbis/trac/ticket/185 and related discussion in the ietf-http-wg mailing list.