Motivation
TWiki's behavior in the following situations are unusual for non TWiki users and make them puzzle.
- When a nonexistent topic is viewed
- When a nonexistent web is viewed
- When topic view, change, rename, or delete is denied
- When web rename or delete is denied
Description and Documentation
TWiki will behave as follows.
Status code change will be unnoticeable for human users, but for crawlers and other programs, it's beneficial.
Having the web server return a specified status code is only a matter of including a 'Status:' field in the response header.
When a nonexistent topic is viewed
TWiki will return "404 Not Found" status rather than "200 OK".
Other than that, it will behave as now.
When a nonexistent web is viewed
TWiki will not redirect to the oops script and stay at the same URL.
And it will return "404 Not Found" status rather than "200 OK".
The title of the page will be "Not Found" rather than "Access Denied".
When a user enters an incorrect web name, the current behavior of redirecting to oops is inconvenient.
And "Access Denied" message is a bit weird.
When topic view, change, rename, or delete is denied
TWiki will not redirect to the oops script and stay at the same URL.
And it will return "403 Forbidden" status rather than "200 OK".
The content of the page will stay the same.
With change, rename, or delete operation, the link to the view page of the topic is displayed.
The current behavior of redirecting to the oops script makes one wonder what URL caused the access-denied.
Examples
Impact
Implementation
The basic strategy is to have TWiki::UI::execute() call TWiki::UI::Oops::oops() instead of TWiki::OopsException::redirect(). This way, the redirect is prevented while the error messages are displayed as before.
To have TWiki return "404 Not Found" and "403 Forbidden" status values, TWiki::writeCompletePage() gets the fourth argument
$status. For that, TWiki::generateHTTPHeaders() gets the third argument
$status, which is passed from TWiki::writeCompletePage()'s
$status argument.
Given the
$status argument of TWiki::writeCompletePage(), TWiki::UI::Oops::oops() extract the status value from the
$keep hash and hand it to TWiki::writeCompletePage(). As such, when you want to have TWiki return a status value other than "200 OK", you are supposed to provide the
status parameter as follows.
throw
TWiki::OopsException( 'notfound',
def => 'no_such_web',
web => $webName,
topic => $topic,
status => '404 Not Found',
params => [ $op ] );
For viewing a nonexistent topic to cause "404 Not Found" status, TWiki::UI::View::view() is to hand "404 Not Found" as the
$status argument to TWiki::writeCompletePage() when needed.
When a nonexistent web is viewed, the page needs to be titled "Not Found". To achieve this, a new page template oopsnotfound.tmpl is introduced and used in TWiki::UI::checkWebExists() and checkTopicExists().
--
Contributors: 
Hideyo Imazu - 2013-04-19
Discussion
Discussed at
JerusalemReleaseMeeting2013x04x26, sensible enhancement.
--
Peter Thoeny - 2013-04-26
Good work here Hideyo-san!
--
Peter Thoeny - 2013-08-22
Site map
Blog web
Create New Topic
Index
Search
Advanced search
My topics of interest
Changes
Major changes only
All tags
Notifications
RSS Feed
Statistics
Preferences
Community 
Readme first
Developers News
How you can help
Community roles
#twiki IRC
Lima Release
Feature Proposals
Bugs Changes
Categories 
Account 
Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.