You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Sangjin Lee (JIRA)" <ji...@apache.org> on 2007/11/21 02:03:43 UTC
[jira] Created: (GERONIMO-3618) when redirected via status code
30x, the original query is incorrectly appended to the location
when redirected via status code 30x, the original query is incorrectly appended to the location
-----------------------------------------------------------------------------------------------
Key: GERONIMO-3618
URL: https://issues.apache.org/jira/browse/GERONIMO-3618
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Components: AsyncHttpClient
Affects Versions: 1.x
Reporter: Sangjin Lee
If you're redirected via status code 30x (302, 301, ...), the code that handles following redirects (HttpIoHandler.messageRecieved()) tries to append the original query from the first request to the URL obtained from the Location header of the response. This is incorrect per HTTP specification. The spec says the value of the Location header is an absoluteURI which is a full URL that includes the proper query if any: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30. The query from the original request should not be part of the second URL.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Reopened: (GERONIMO-3618) when redirected via status code
30x, the original query is incorrectly appended to the location
Posted by "Sangjin Lee (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sangjin Lee reopened GERONIMO-3618:
-----------------------------------
I found another issue related with redirect that was not completely fixed by the first fix.
One can specify query parameters via HttpRequestMessage.setParameter(). These parameters are kept separate from HttpRequestMessage.getUrl(), and these query parameters get added to the URL or to the post body when the request is encoded by HttpRequestEncoder.
The call to add the original query from the getUrl() was removed, but the query parameters still remain, and they get added right back to the redirecting request.
The fix should clear all the query parameters when you send the request. In addition, the request method should also be reset to GET if it is not GET.
Essentially a redirecting request should be a brand new GET request with the URL specified by the Location header.
I have a patch available which I'll upload shortly...
> when redirected via status code 30x, the original query is incorrectly appended to the location
> -----------------------------------------------------------------------------------------------
>
> Key: GERONIMO-3618
> URL: https://issues.apache.org/jira/browse/GERONIMO-3618
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: AsyncHttpClient
> Affects Versions: 1.x
> Reporter: Sangjin Lee
> Attachments: HttpIoHandler.patch, patch.zip
>
>
> If you're redirected via status code 30x (302, 301, ...), the code that handles following redirects (HttpIoHandler.messageRecieved()) tries to append the original query from the first request to the URL obtained from the Location header of the response. This is incorrect per HTTP specification. The spec says the value of the Location header is an absoluteURI which is a full URL that includes the proper query if any: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30. The query from the original request should not be part of the second URL.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (GERONIMO-3618) when redirected via status code
30x, the original query is incorrectly appended to the location
Posted by "Rick McGuire (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rick McGuire resolved GERONIMO-3618.
------------------------------------
Resolution: Fixed
New patch Committed revision 603548.
Thank you for following up with a new fix on this.
> when redirected via status code 30x, the original query is incorrectly appended to the location
> -----------------------------------------------------------------------------------------------
>
> Key: GERONIMO-3618
> URL: https://issues.apache.org/jira/browse/GERONIMO-3618
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: AsyncHttpClient
> Affects Versions: 1.x
> Reporter: Sangjin Lee
> Assignee: Rick McGuire
> Attachments: HttpIoHandler.patch, patch.zip
>
>
> If you're redirected via status code 30x (302, 301, ...), the code that handles following redirects (HttpIoHandler.messageRecieved()) tries to append the original query from the first request to the URL obtained from the Location header of the response. This is incorrect per HTTP specification. The spec says the value of the Location header is an absoluteURI which is a full URL that includes the proper query if any: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30. The query from the original request should not be part of the second URL.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-3618) when redirected via status code
30x, the original query is incorrectly appended to the location
Posted by "Sangjin Lee (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3618?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12544553 ]
Sangjin Lee commented on GERONIMO-3618:
---------------------------------------
Thanks, I see the change. Just a small note, however... The local variable query right above the line that was modified is no longer used, and thus can be removed...
> when redirected via status code 30x, the original query is incorrectly appended to the location
> -----------------------------------------------------------------------------------------------
>
> Key: GERONIMO-3618
> URL: https://issues.apache.org/jira/browse/GERONIMO-3618
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: AsyncHttpClient
> Affects Versions: 1.x
> Reporter: Sangjin Lee
> Attachments: HttpIoHandler.patch
>
>
> If you're redirected via status code 30x (302, 301, ...), the code that handles following redirects (HttpIoHandler.messageRecieved()) tries to append the original query from the first request to the URL obtained from the Location header of the response. This is incorrect per HTTP specification. The spec says the value of the Location header is an absoluteURI which is a full URL that includes the proper query if any: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30. The query from the original request should not be part of the second URL.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-3618) when redirected via status code
30x, the original query is incorrectly appended to the location
Posted by "Sangjin Lee (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sangjin Lee updated GERONIMO-3618:
----------------------------------
Attachment: patch.zip
a more complete fix
> when redirected via status code 30x, the original query is incorrectly appended to the location
> -----------------------------------------------------------------------------------------------
>
> Key: GERONIMO-3618
> URL: https://issues.apache.org/jira/browse/GERONIMO-3618
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: AsyncHttpClient
> Affects Versions: 1.x
> Reporter: Sangjin Lee
> Attachments: HttpIoHandler.patch, patch.zip
>
>
> If you're redirected via status code 30x (302, 301, ...), the code that handles following redirects (HttpIoHandler.messageRecieved()) tries to append the original query from the first request to the URL obtained from the Location header of the response. This is incorrect per HTTP specification. The spec says the value of the Location header is an absoluteURI which is a full URL that includes the proper query if any: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30. The query from the original request should not be part of the second URL.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (GERONIMO-3618) when redirected via status code 30x,
the original query is incorrectly appended to the location
Posted by "Rick McGuire (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rick McGuire closed GERONIMO-3618.
----------------------------------
> when redirected via status code 30x, the original query is incorrectly appended to the location
> -----------------------------------------------------------------------------------------------
>
> Key: GERONIMO-3618
> URL: https://issues.apache.org/jira/browse/GERONIMO-3618
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: AsyncHttpClient
> Affects Versions: 1.x
> Reporter: Sangjin Lee
> Assignee: Rick McGuire
> Attachments: HttpIoHandler.patch, patch.zip
>
>
> If you're redirected via status code 30x (302, 301, ...), the code that handles following redirects (HttpIoHandler.messageRecieved()) tries to append the original query from the first request to the URL obtained from the Location header of the response. This is incorrect per HTTP specification. The spec says the value of the Location header is an absoluteURI which is a full URL that includes the proper query if any: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30. The query from the original request should not be part of the second URL.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (GERONIMO-3618) when redirected via status code 30x,
the original query is incorrectly appended to the location
Posted by "Jeff Genender (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jeff Genender closed GERONIMO-3618.
-----------------------------------
Resolution: Fixed
Patch applied...thanks!
> when redirected via status code 30x, the original query is incorrectly appended to the location
> -----------------------------------------------------------------------------------------------
>
> Key: GERONIMO-3618
> URL: https://issues.apache.org/jira/browse/GERONIMO-3618
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: AsyncHttpClient
> Affects Versions: 1.x
> Reporter: Sangjin Lee
> Attachments: HttpIoHandler.patch
>
>
> If you're redirected via status code 30x (302, 301, ...), the code that handles following redirects (HttpIoHandler.messageRecieved()) tries to append the original query from the first request to the URL obtained from the Location header of the response. This is incorrect per HTTP specification. The spec says the value of the Location header is an absoluteURI which is a full URL that includes the proper query if any: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30. The query from the original request should not be part of the second URL.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (GERONIMO-3618) when redirected via status code
30x, the original query is incorrectly appended to the location
Posted by "Rick McGuire (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rick McGuire reassigned GERONIMO-3618:
--------------------------------------
Assignee: Rick McGuire
> when redirected via status code 30x, the original query is incorrectly appended to the location
> -----------------------------------------------------------------------------------------------
>
> Key: GERONIMO-3618
> URL: https://issues.apache.org/jira/browse/GERONIMO-3618
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: AsyncHttpClient
> Affects Versions: 1.x
> Reporter: Sangjin Lee
> Assignee: Rick McGuire
> Attachments: HttpIoHandler.patch, patch.zip
>
>
> If you're redirected via status code 30x (302, 301, ...), the code that handles following redirects (HttpIoHandler.messageRecieved()) tries to append the original query from the first request to the URL obtained from the Location header of the response. This is incorrect per HTTP specification. The spec says the value of the Location header is an absoluteURI which is a full URL that includes the proper query if any: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30. The query from the original request should not be part of the second URL.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-3618) when redirected via status code
30x, the original query is incorrectly appended to the location
Posted by "Sangjin Lee (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3618?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12549758 ]
Sangjin Lee commented on GERONIMO-3618:
---------------------------------------
Could you please review the latest patch and accept it if it fixes the problem? Thanks!
> when redirected via status code 30x, the original query is incorrectly appended to the location
> -----------------------------------------------------------------------------------------------
>
> Key: GERONIMO-3618
> URL: https://issues.apache.org/jira/browse/GERONIMO-3618
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: AsyncHttpClient
> Affects Versions: 1.x
> Reporter: Sangjin Lee
> Attachments: HttpIoHandler.patch, patch.zip
>
>
> If you're redirected via status code 30x (302, 301, ...), the code that handles following redirects (HttpIoHandler.messageRecieved()) tries to append the original query from the first request to the URL obtained from the Location header of the response. This is incorrect per HTTP specification. The spec says the value of the Location header is an absoluteURI which is a full URL that includes the proper query if any: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30. The query from the original request should not be part of the second URL.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-3618) when redirected via status code
30x, the original query is incorrectly appended to the location
Posted by "Sangjin Lee (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3618?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sangjin Lee updated GERONIMO-3618:
----------------------------------
Attachment: HttpIoHandler.patch
a suggested fix
> when redirected via status code 30x, the original query is incorrectly appended to the location
> -----------------------------------------------------------------------------------------------
>
> Key: GERONIMO-3618
> URL: https://issues.apache.org/jira/browse/GERONIMO-3618
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: AsyncHttpClient
> Affects Versions: 1.x
> Reporter: Sangjin Lee
> Attachments: HttpIoHandler.patch
>
>
> If you're redirected via status code 30x (302, 301, ...), the code that handles following redirects (HttpIoHandler.messageRecieved()) tries to append the original query from the first request to the URL obtained from the Location header of the response. This is incorrect per HTTP specification. The spec says the value of the Location header is an absoluteURI which is a full URL that includes the proper query if any: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30. The query from the original request should not be part of the second URL.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.