[go] net/http: 308 redirects should use the previous hop's body
2 views
Skip to first unread message
Damien Neil (Gerrit)
Nov 6, 2024, 4:01:16 PM11/6/24
to goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, Go LUCI, Jonathan Amsterdam, golang-co...@googlegroups.com
Damien Neil submitted the change with unreviewed changes![]( "Open in Gerrit")
Unreviewed changes
1 is the latest approved patch-set.
The change was submitted with unreviewed changes in the following files:
```
The name of the file: src/net/http/client_test.go
Insertions: 3, Deletions: 43.
@@ -346,7 +346,7 @@
`POST /?code=307&next=303,308,302 "c307"`,
`POST /?code=303&next=308,302 "c307"`,
`GET /?code=308&next=302 ""`,
- `GET /?code=302 "c307"`,
+ `GET /?code=302 ""`,
`GET / ""`,
`POST /?code=308&next=302,301 "c308"`,
`POST /?code=302&next=301 "c308"`,
@@ -376,7 +376,7 @@
`DELETE /?code=301&next=302,308 "c301"`,
`GET /?code=302&next=308 ""`,
`GET /?code=308 ""`,
- `GET / "c301"`,
+ `GET / ""`,
`DELETE /?code=302&next=302 "c302"`,
`GET /?code=302 ""`,
`GET / ""`,
@@ -385,7 +385,7 @@
`DELETE /?code=307&next=301,308,303,302,304 "c307"`,
`DELETE /?code=301&next=308,303,302,304 "c307"`,
`GET /?code=308&next=303,302,304 ""`,
- `GET /?code=303&next=302,304 "c307"`,
+ `GET /?code=303&next=302,304 ""`,
`GET /?code=302&next=304 ""`,
`GET /?code=304 ""`,
`DELETE /?code=308&next=307 "c308"`,
@@ -566,46 +566,6 @@
}
}
-// If we follow a redirect chain from a 301 to a 308,
-// the 301 changes the request to a GET with no body and
-// the 308 should not use the original method or body.
-func TestClientRedirect301To308WithBody(t *testing.T) { run(t, testClientRedirect301To308WithBody) }
-func testClientRedirect301To308WithBody(t *testing.T, mode testMode) {
- const body = "hello"
- ts := newClientServerTest(t, mode, HandlerFunc(func(rw ResponseWriter, req *Request) {
- t.Log(req.Method, req.URL.Path, string(body))
- var wantMethod, wantBody string
- switch req.URL.Path {
- case "/":
- wantMethod = "POST"
- wantBody = body
- rw.Header().Set("Location", "/1")
- rw.WriteHeader(301)
- case "/1":
- wantMethod = "GET"
- wantBody = ""
- rw.Header().Set("Location", "/2")
- rw.WriteHeader(308)
- case "/2":
- wantMethod = "GET"
- wantBody = ""
- }
- if got, want := req.Method, wantMethod; got != want {
- t.Errorf("request to %q: method = %v, want %v", req.URL.Path, got, want)
- }
- gotBody, _ := io.ReadAll(req.Body)
- if got, want := string(gotBody), wantBody; got != want {
- t.Errorf("request to %q: body = %q, want %q", req.URL.Path, got, want)
- }
- })).ts
- buf := bytes.NewBuffer([]byte(body))
- req, _ := NewRequest("POST", ts.URL, buf)
- resp, _ := ts.Client().Do(req)
- if resp != nil {
- resp.Body.Close()
- }
-}
-
var expectedCookies = []*Cookie{
{Name: "ChocolateChip", Value: "tasty"},
{Name: "First", Value: "Hit"},
```
Change information
Commit message:
net/http: 308 redirects should use the previous hop's body
On a 301 redirect, the HTTP client changes the request to be
a GET with no body.
On a 308 redirect, the client leaves the request method and
body unchanged.
A 308 following a 301 should preserve the rewritten request
from the first redirect: GET with no body. We were preserving
the method, but sending the original body. Fix this.
Fixes #70180
Change-Id: Ie20027a6058a82bfdffc7197d07ac6c7f98099e2
Reviewed-on: https://go-review.googlesource.com/c/go/+/626055
Reviewed-by: Jonathan Amsterdam <j...@google.com>
LUCI-TryBot-Result: Go LUCI <golang...@luci-project-accounts.iam.gserviceaccount.com>
Files:
- M src/net/http/client.go
- M src/net/http/client_test.go
Change size: S
Delta: 2 files changed, 11 insertions(+), 6 deletions(-)
Branch: refs/heads/master
Submit Requirements:
Code-Review: +2 by Jonathan Amsterdam
TryBots-Pass: LUCI-TryBot-Result+1 by Go LUCI
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
Reply all
Reply to author
Forward
0 new messages