You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hc.apache.org by "Lars Bachmann (JIRA)" <ji...@apache.org> on 2014/01/24 15:34:38 UTC

[jira] [Commented] (HTTPCLIENT-1452) in case of a redirect a wrong host param is set to http header

    [ https://issues.apache.org/jira/browse/HTTPCLIENT-1452?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13881001#comment-13881001 ] 

Lars Bachmann commented on HTTPCLIENT-1452:
-------------------------------------------

To fix it update class org.apache.http.impl.client.DefaultRequestDirector.java with the following patch:

1107,1109d1106
< 		// set host of redirect request
< 		this.log.debug("Setting host param: " + uri.getHost());
< 		redirect.setHeader("Host", uri.getHost());


> in case of a redirect a wrong host param is set to http header
> --------------------------------------------------------------
>
>                 Key: HTTPCLIENT-1452
>                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1452
>             Project: HttpComponents HttpClient
>          Issue Type: Bug
>          Components: HttpClient
>            Reporter: Lars Bachmann
>
> The following url will lead to a circular redirect and a CircularRedirectException in the end:
> http://it.bing.com/
> The reason is that http://it.bing.com will redirect to http://www.bing.com but the header param "host" is not set to the new host (bing.com), instead the host param of the original request (it.bing.com) is used. In the end the redirect request will not call http://www.bing.com but http://it.bing.com instead, which is the same location like the original url and will end up in a circular deadlock.
> The fix would be to override the host param with the value of the redirect request after copying all header params from the original request to the redirect request.
> The class to adjust is: org.apache.http.impl.client.DefaultRequestDirector.java
> The problem is also addressed here:
> http://stackoverflow.com/questions/6698214/avoid-circular-redirect-using-httpclient-4-1-1



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org