Well, curl gives you back the 303 (See Other) with
the Location header, unless you add -L (follow redirection)
in which case it reposts any original header (including Authorization) to
the new location.  i.e. "it just works".

What would be nice for restclient is a separate keystroke
which either does or does not follow the redirection; sometimes
you want to debug the initial hop.  But the default should be
to do what it does now, which is to follow; i.e. "act like a browser".

Hope this helps.

  Alain

On 21 September 2016 at 18:15, Andreas Schwab <schwab@suse.de> wrote:

> On Sep 21 2016, Alain Picard <alain@gocatch.com> wrote:
>
> > Problem: I am using restclient.el, and hitting a server which
> > issues a redirect, and I receive a 400 Forbidden response because
> > the redirected call does not receive the authentication header
> > (I can see this from the log of my server).
>
> How does curl or wget handle this?
>
> Andreas.
>
> --
> Andreas Schwab, SUSE Labs, schwab@suse.de
> GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7
> "And now for something completely different."
>

-- 
 <http://www.gocatch.com>
<http://www.facebook.com/goCatch> <http://twitter.com/goCatchApp> 
<http://www.linkedin.com/company/gocatch> 
<https://www.instagram.com/gocatch/> 
<https://itunes.apple.com/au/app/gocatch/id444439909?mt=8> 
<https://play.google.com/store/apps/details?id=com.gocatchapp.goCatch&hl=en>