mirror of
https://github.com/lunarmodules/luasocket.git
synced 2024-12-25 12:08:21 +01:00
fix(http): Allow relative redirect on https (#395)
Location header can now be relative: https://httpwg.org/specs/rfc9110.html#field.location
This commit is contained in:
parent
26b524e1d7
commit
8c2ff7217e
@ -300,6 +300,8 @@ local function shouldredirect(reqt, code, headers)
|
|||||||
if not location then return false end
|
if not location then return false end
|
||||||
location = string.gsub(location, "%s", "")
|
location = string.gsub(location, "%s", "")
|
||||||
if location == "" then return false end
|
if location == "" then return false end
|
||||||
|
-- the RFC says the redirect URL may be relative
|
||||||
|
location = url.absolute(reqt.url, location)
|
||||||
local scheme = url.parse(location).scheme
|
local scheme = url.parse(location).scheme
|
||||||
if scheme and (not SCHEMES[scheme]) then return false end
|
if scheme and (not SCHEMES[scheme]) then return false end
|
||||||
-- avoid https downgrades
|
-- avoid https downgrades
|
||||||
@ -323,8 +325,7 @@ end
|
|||||||
local trequest, tredirect
|
local trequest, tredirect
|
||||||
|
|
||||||
--[[local]] function tredirect(reqt, location)
|
--[[local]] function tredirect(reqt, location)
|
||||||
-- the RFC says the redirect URL has to be absolute, but some
|
-- the RFC says the redirect URL may be relative
|
||||||
-- servers do not respect that
|
|
||||||
local newurl = url.absolute(reqt.url, location)
|
local newurl = url.absolute(reqt.url, location)
|
||||||
-- if switching schemes, reset port and create function
|
-- if switching schemes, reset port and create function
|
||||||
if url.parse(newurl).scheme ~= reqt.scheme then
|
if url.parse(newurl).scheme ~= reqt.scheme then
|
||||||
|
@ -265,6 +265,37 @@ ignore = {
|
|||||||
}
|
}
|
||||||
check_request(request, expect, ignore)
|
check_request(request, expect, ignore)
|
||||||
|
|
||||||
|
-- Use https://httpbin.org/#/Dynamic_data/get_base64__value_ for testing
|
||||||
|
-----------------------------------------------------
|
||||||
|
io.write("testing absolute https redirection: ")
|
||||||
|
request = {
|
||||||
|
url = "https://httpbin.org/redirect-to?url=https://httpbin.org/base64/THVhIFNvY2tldA=="
|
||||||
|
}
|
||||||
|
expect = {
|
||||||
|
code = 200,
|
||||||
|
body = "Lua Socket"
|
||||||
|
}
|
||||||
|
ignore = {
|
||||||
|
status = 1,
|
||||||
|
headers = 1
|
||||||
|
}
|
||||||
|
check_request(request, expect, ignore)
|
||||||
|
|
||||||
|
-----------------------------------------------------
|
||||||
|
io.write("testing relative https redirection: ")
|
||||||
|
request = {
|
||||||
|
url = "https://httpbin.org/redirect-to?url=/base64/THVhIFNvY2tldA=="
|
||||||
|
}
|
||||||
|
expect = {
|
||||||
|
code = 200,
|
||||||
|
body = "Lua Socket"
|
||||||
|
}
|
||||||
|
ignore = {
|
||||||
|
status = 1,
|
||||||
|
headers = 1
|
||||||
|
}
|
||||||
|
check_request(request, expect, ignore)
|
||||||
|
|
||||||
------------------------------------------------------------------------
|
------------------------------------------------------------------------
|
||||||
--[[
|
--[[
|
||||||
io.write("testing proxy with redirection: ")
|
io.write("testing proxy with redirection: ")
|
||||||
|
Loading…
Reference in New Issue
Block a user