arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-19 23:22:16 +03:00
Code

Better follow redirection for HTTPClient (#7157)

Browse Source 
* Add way to force follow redirections in `HTTPClient`

* Follow other client implementations about `HTTP_CODE_FOUND`; Small rewrite of `sendRequest` function of `HTTPClient`

* Better names for follow redirection modes in `HTTPClient`

Also changed a bit order of the enums (0 element to be DISABLED)

* Rewrite `sendRequest` to remove recursion

Also got rid of unnecessary `redirectCount` field. Now redirect counting and limiting is handled in `sendRequest` directly.

* Use new `setFollowRedirects` of `HTTPClient` instead deprecated one.

* More explanatory comment for `followRedirects_t` in HTTPClient
This commit is contained in:
Patryk (PsychoX) Ludwikowski 2020-03-25 23:33:54 +01:00 committed by GitHub
parent 1127a090ad
commit d91f1dac36
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 125 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
libraries/ESP8266HTTPClient/src/ESP8266HTTPClient.cpp
View File

@ -423,7 +423,6 @@ void HTTPClient::end(void)
{
disconnect(false);
clear();
_redirectCount = 0;
}
/**
@ -558,8 +557,17 @@ bool HTTPClient::setURL(const String& url)
/**
* set true to follow redirects.
* @param follow
* @deprecated
*/
void HTTPClient::setFollowRedirects(bool follow)
{
_followRedirects = follow ? HTTPC_STRICT_FOLLOW_REDIRECTS : HTTPC_DISABLE_FOLLOW_REDIRECTS;
}
/**
* set redirect follow mode. See `followRedirects_t` enum for avaliable modes.
* @param follow
*/
void HTTPClient::setFollowRedirects(followRedirects_t follow)
{
_followRedirects = follow;
}
@ -652,8 +660,9 @@ int HTTPClient::sendRequest(const char * type, const String& payload)
*/
int HTTPClient::sendRequest(const char * type, const uint8_t * payload, size_t size)
{
int code;
bool redirect = false;
int code = 0;
uint16_t redirectCount = 0;
do {
// wipe out any existing headers from previous request
for(size_t i = 0; i < _headerKeysCount; i++) {
@ -662,8 +671,7 @@ int HTTPClient::sendRequest(const char * type, const uint8_t * payload, size_t s
}
}
redirect = false;
DEBUG_HTTPCLIENT("[HTTP-Client][sendRequest] type: '%s' redirCount: %d\n", type, _redirectCount);
DEBUG_HTTPCLIENT("[HTTP-Client][sendRequest] type: '%s' redirCount: %d\n", type, redirectCount);
// connect to server
if(!connect()) {
@ -687,9 +695,9 @@ int HTTPClient::sendRequest(const char * type, const uint8_t * payload, size_t s
int towrite = std::min((int)size, (int)HTTP_TCP_BUFFER_SIZE);
written = _client->write(p + bytesWritten, towrite);
if (written < 0) {
return returnError(HTTPC_ERROR_SEND_PAYLOAD_FAILED);
return returnError(HTTPC_ERROR_SEND_PAYLOAD_FAILED);
} else if (written == 0) {
return returnError(HTTPC_ERROR_CONNECTION_LOST);
return returnError(HTTPC_ERROR_CONNECTION_LOST);
}
bytesWritten += written;
size -= written;
@ -700,42 +708,67 @@ int HTTPClient::sendRequest(const char * type, const uint8_t * payload, size_t s
code = handleHeaderResponse();
//
// We can follow redirects for 301/302/307 for GET and HEAD requests and
// and we have not exceeded the redirect limit preventing an infinite
// redirect loop.
//
// Handle redirections as stated in RFC document:
// https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
//
if (_followRedirects &&
(_redirectCount < _redirectLimit) &&
(_location.length() > 0) &&
(code == 301 || code == 302 || code == 307) &&
(!strcmp(type, "GET") || !strcmp(type, "HEAD"))
) {
_redirectCount += 1; // increment the count for redirect.
redirect = true;
DEBUG_HTTPCLIENT("[HTTP-Client][sendRequest] following redirect:: '%s' redirCount: %d\n", _location.c_str(), _redirectCount);
if (!setURL(_location)) {
// return the redirect instead of handling on failure of setURL()
redirect = false;
// Implementing HTTP_CODE_FOUND as redirection with GET method,
// to follow most of existing user agent implementations.
//
redirect = false;
if (
_followRedirects != HTTPC_DISABLE_FOLLOW_REDIRECTS &&
redirectCount < _redirectLimit &&
_location.length() > 0
) {
switch (code) {
// redirecting using the same method
case HTTP_CODE_MOVED_PERMANENTLY:
case HTTP_CODE_TEMPORARY_REDIRECT: {
if (
// allow to force redirections on other methods
// (the RFC require user to accept the redirection)
_followRedirects == HTTPC_FORCE_FOLLOW_REDIRECTS ||
// allow GET and HEAD methods without force
!strcmp(type, "GET") ||
!strcmp(type, "HEAD")
) {
redirectCount += 1;
DEBUG_HTTPCLIENT("[HTTP-Client][sendRequest] following redirect (the same method): '%s' redirCount: %d\n", _location.c_str(), redirectCount);
if (!setURL(_location)) {
DEBUG_HTTPCLIENT("[HTTP-Client][sendRequest] failed setting URL for redirection\n");
// no redirection
break;
}
// redirect using the same request method and payload, diffrent URL
redirect = true;
}
break;
}
// redirecting with method dropped to GET or HEAD
// note: it does not need `HTTPC_FORCE_FOLLOW_REDIRECTS` for any method
case HTTP_CODE_FOUND:
case HTTP_CODE_SEE_OTHER: {
redirectCount += 1;
DEBUG_HTTPCLIENT("[HTTP-Client][sendRequest] following redirect (dropped to GET/HEAD): '%s' redirCount: %d\n", _location.c_str(), redirectCount);
if (!setURL(_location)) {
DEBUG_HTTPCLIENT("[HTTP-Client][sendRequest] failed setting URL for redirection\n");
// no redirection
break;
}
// redirect after changing method to GET/HEAD and dropping payload
type = "GET";
payload = nullptr;
size = 0;
redirect = true;
break;
}
default:
break;
}
}
} while (redirect);
// handle 303 redirect for non GET/HEAD by changing to GET and requesting new url
if (_followRedirects &&
(_redirectCount < _redirectLimit) &&
(_location.length() > 0) &&
(code == 303) &&
strcmp(type, "GET") && strcmp(type, "HEAD")
) {
_redirectCount += 1;
if (setURL(_location)) {
code = sendRequest("GET");
}
}
// handle Server Response (Header)
return returnError(code);
}

26
libraries/ESP8266HTTPClient/src/ESP8266HTTPClient.h
View File

@ -130,6 +130,23 @@ typedef enum {
HTTPC_TE_CHUNKED
} transferEncoding_t;
/**
* redirection follow mode.
* + `HTTPC_DISABLE_FOLLOW_REDIRECTS` - no redirection will be followed.
* + `HTTPC_STRICT_FOLLOW_REDIRECTS` - strict RFC2616, only requests using
* GET or HEAD methods will be redirected (using the same method),
* since the RFC requires end-user confirmation in other cases.
* + `HTTPC_FORCE_FOLLOW_REDIRECTS` - all redirections will be followed,
* regardless of a used method. New request will use the same method,
* and they will include the same body data and the same headers.
* In the sense of the RFC, it's just like every redirection is confirmed.
*/
typedef enum {
HTTPC_DISABLE_FOLLOW_REDIRECTS,
HTTPC_STRICT_FOLLOW_REDIRECTS,
HTTPC_FORCE_FOLLOW_REDIRECTS
} followRedirects_t;
#if HTTPCLIENT_1_1_COMPATIBLE
class TransportTraits;
typedef std::unique_ptr<TransportTraits> TransportTraitsPtr;
@ -173,8 +190,12 @@ public:
void setAuthorization(const char * user, const char * password);
void setAuthorization(const char * auth);
void setTimeout(uint16_t timeout);
void setFollowRedirects(bool follow);
// Redirections
void setFollowRedirects(bool follow) __attribute__ ((deprecated));
void setFollowRedirects(followRedirects_t follow);
void setRedirectLimit(uint16_t limit); // max redirects to follow for a single request
bool setURL(const String& url); // handy for handling redirects
void useHTTP10(bool usehttp10 = true);
@ -252,8 +273,7 @@ protected:
int _returnCode = 0;
int _size = -1;
bool _canReuse = false;
bool _followRedirects = false;
uint16_t _redirectCount = 0;
followRedirects_t _followRedirects = HTTPC_DISABLE_FOLLOW_REDIRECTS;
uint16_t _redirectLimit = 10;
String _location;
transferEncoding_t _transferEncoding = HTTPC_TE_IDENTITY;

4
libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.cpp
View File

@ -30,12 +30,12 @@ extern "C" uint32_t _FS_start;
extern "C" uint32_t _FS_end;
ESP8266HTTPUpdate::ESP8266HTTPUpdate(void)
: _httpClientTimeout(8000), _followRedirects(false), _ledPin(-1)
: _httpClientTimeout(8000), _followRedirects(HTTPC_DISABLE_FOLLOW_REDIRECTS), _ledPin(-1)
{
}
ESP8266HTTPUpdate::ESP8266HTTPUpdate(int httpClientTimeout)
: _httpClientTimeout(httpClientTimeout), _followRedirects(false), _ledPin(-1)
: _httpClientTimeout(httpClientTimeout), _followRedirects(HTTPC_DISABLE_FOLLOW_REDIRECTS), _ledPin(-1)
{
}

17
libraries/ESP8266httpUpdate/src/ESP8266httpUpdate.h
View File

@ -82,7 +82,20 @@ public:
_rebootOnUpdate = reboot;
}
void followRedirects(bool follow)
/**
* set true to follow redirects.
* @param follow
* @deprecated Please use `setFollowRedirects(followRedirects_t follow)`
*/
void followRedirects(bool follow) __attribute__ ((deprecated))
{
_followRedirects = follow ? HTTPC_STRICT_FOLLOW_REDIRECTS : HTTPC_DISABLE_FOLLOW_REDIRECTS;
}
/**
* set redirect follow mode. See `followRedirects_t` enum for avaliable modes.
* @param follow
*/
void setFollowRedirects(followRedirects_t follow)
{
_followRedirects = follow;
}
@ -160,7 +173,7 @@ protected:
bool _closeConnectionsOnUpdate = true;
private:
int _httpClientTimeout;
bool _followRedirects;
followRedirects_t _followRedirects;
// Callbacks
HTTPUpdateStartCB _cbStart;

29
tests/device/test_sw_http_client/test_sw_http_client.ino
View File

@ -71,10 +71,10 @@ TEST_CASE("HTTP GET & POST requests", "[HTTPClient]")
http.end();
}
{
// 301 redirect with follow enabled
// GET 301 redirect with strict RFC follow enabled
WiFiClient client;
HTTPClient http;
http.setFollowRedirects(true);
http.setFollowRedirects(HTTPC_STRICT_FOLLOW_REDIRECTS);
String uri = String("/redirect301?host=")+getenv("SERVER_IP");
http.begin(client, getenv("SERVER_IP"), 8088, uri.c_str());
auto httpCode = http.GET();
@ -83,7 +83,7 @@ TEST_CASE("HTTP GET & POST requests", "[HTTPClient]")
REQUIRE(payload == "redirect success");
}
{
// 301 redirect with follow disabled
// GET 301 redirect with follow disabled
WiFiClient client;
HTTPClient http;
String uri = String("/redirect301?host=")+getenv("SERVER_IP");
@ -92,10 +92,10 @@ TEST_CASE("HTTP GET & POST requests", "[HTTPClient]")
REQUIRE(httpCode == 301);
}
{
// 302 redirect with follow enabled
// GET 302 redirect with strict RFC follow enabled
WiFiClient client;
HTTPClient http;
http.setFollowRedirects(true);
http.setFollowRedirects(HTTPC_STRICT_FOLLOW_REDIRECTS);
String uri = String("/redirect302?host=")+getenv("SERVER_IP");
http.begin(client, getenv("SERVER_IP"), 8088, uri.c_str());
auto httpCode = http.GET();
@ -104,7 +104,7 @@ TEST_CASE("HTTP GET & POST requests", "[HTTPClient]")
REQUIRE(payload == "redirect success");
}
{
// 302 redirect with follow disabled
// GET 302 redirect with follow disabled
WiFiClient client;
HTTPClient http;
String uri = String("/redirect302?host=")+getenv("SERVER_IP");
@ -113,10 +113,10 @@ TEST_CASE("HTTP GET & POST requests", "[HTTPClient]")
REQUIRE(httpCode == 302);
}
{
// 307 redirect with follow enabled
// GET 307 redirect with strict RFC follow enabled
WiFiClient client;
HTTPClient http;
http.setFollowRedirects(true);
http.setFollowRedirects(HTTPC_STRICT_FOLLOW_REDIRECTS);
String uri = String("/redirect307?host=")+getenv("SERVER_IP");
http.begin(client, getenv("SERVER_IP"), 8088, uri.c_str());
auto httpCode = http.GET();
@ -125,7 +125,7 @@ TEST_CASE("HTTP GET & POST requests", "[HTTPClient]")
REQUIRE(payload == "redirect success");
}
{
// 307 redirect with follow disabled
// GET 307 redirect with follow disabled
WiFiClient client;
HTTPClient http;
String uri = String("/redirect307?host=")+getenv("SERVER_IP");
@ -134,10 +134,10 @@ TEST_CASE("HTTP GET & POST requests", "[HTTPClient]")
REQUIRE(httpCode == 307);
}
{
// 301 exceeding redirect limit
// GET 301 exceeding redirect limit
WiFiClient client;
HTTPClient http;
http.setFollowRedirects(true);
http.setFollowRedirects(HTTPC_STRICT_FOLLOW_REDIRECTS);
http.setRedirectLimit(0);
String uri = String("/redirect301?host=")+getenv("SERVER_IP");
http.begin(client, getenv("SERVER_IP"), 8088, uri.c_str());
@ -145,20 +145,22 @@ TEST_CASE("HTTP GET & POST requests", "[HTTPClient]")
REQUIRE(httpCode == 301);
}
{
// POST 303 redirect with follow enabled
// POST 303 redirect with strict RFC follow enabled
WiFiClient client;
HTTPClient http;
http.setFollowRedirects(true);
http.setFollowRedirects(HTTPC_STRICT_FOLLOW_REDIRECTS);
http.begin(client, getenv("SERVER_IP"), 8088, "/redirect303");
auto httpCode = http.POST(getenv("SERVER_IP"));
REQUIRE(httpCode == HTTP_CODE_OK);
String payload = http.getString();
REQUIRE(payload == "redirect success");
// TODO: need check for dropping: redirection should use GET method
}
{
// POST 303 redirect with follow disabled
WiFiClient client;
HTTPClient http;
http.setFollowRedirects(HTTPC_DISABLE_FOLLOW_REDIRECTS);
http.begin(client, getenv("SERVER_IP"), 8088, "/redirect303");
auto httpCode = http.POST(getenv("SERVER_IP"));
REQUIRE(httpCode == 303);
@ -167,6 +169,7 @@ TEST_CASE("HTTP GET & POST requests", "[HTTPClient]")
// 302 redirect with follow disabled
WiFiClient client;
HTTPClient http;
http.setFollowRedirects(HTTPC_DISABLE_FOLLOW_REDIRECTS);
String uri = String("/redirect302?host=")+getenv("SERVER_IP");
http.begin(client, getenv("SERVER_IP"), 8088, uri.c_str());
auto httpCode = http.GET();