Alan Ruttenberg from http://abcl.org/trac/ticket/432:
So if you want to do something like use uiop/stream:copy-file which does something like open the source, open the dest, read/write, it will not do what you might expect. I don't see a way of controlling this behavior. Arguably the default ought to be to follow redirects and open the redirected-to file.
I replied:
ABCL-BUILD now uses uiop/steam:copy-file for the machinery which retreives XDG rooted Ant and Maven installations from well-known URIs c.f. http://abcl.org/trac/browser/trunk/abcl/contrib/abcl-build/build/install.lisp#L49, so the underlying ext:pathname-url implementation on java.net.HTTPUrlConnection seems to be working for cases in which the URI is already canonical in the form that would be idempotent for following across HTTP 3xx redirects.
WORKAROUND: The current usage expected of the user is to introspect any reference to a ext:pathname-url via CL:TRUENAME. If there is an underlying redirect, CL:TRUENAME should somehow offer an API to the user to customize its behavior. I am currently against "jumping" across URI schema changes without a chance for user intervention. Smells like another restart to me.
What would the current users of Armed Bear to do:
automatically follow all HTTP retrieval redirects without regards to security concerns,
or
follow the current policy of doing "whatever ORCL thinks is right for java.net.HTTPUrlConnection"?