[go] net/http: fix 302 empty location header error

21 views
Skip to first unread message

Gerrit Bot (Gerrit)

unread,
Dec 31, 2020, 4:36:45 PM12/31/20
to goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com

Gerrit Bot has uploaded this change for review.

View Change

net/http: fix 302 empty location header error

We need to add a Location check for other redirection codes, otherwise in some cases it causes a fatal error.

Example:
```
package main

import (
	"fmt"
	"io/ioutil"
	"net/http"
)

func main() {
	/**
	index.php
		<?php
		http_response_code(302);
		?>
		<!DOCTYPE html>
		<html>
			<body>
				body
			</body>
		</html>
	**/
	resp, _ := http.Get("http://example.com")
	defer resp.Body.Close()
	body, _ := ioutil.ReadAll(resp.Body)
	fmt.Println(string(body))
}
```

And error:
```
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x40 pc=0x564a6681987e]

goroutine 1 [running]:
main.main
        /home/test2.go:23
exit status 2
```

Change-Id: I9103806ab0da374e25dd73200f49147f97670de7
GitHub-Last-Rev: aa9265bf43749fe5097c95a6fb9892810606fcf9
GitHub-Pull-Request: golang/go#43448
---
M src/net/http/client.go
1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/net/http/client.go b/src/net/http/client.go
index 88e2028..ba3da59 100644
--- a/src/net/http/client.go
+++ b/src/net/http/client.go
@@ -500,7 +500,13 @@
 		redirectMethod = reqMethod
 		shouldRedirect = true
 		includeBody = false
-
+		if resp.Header.Get("Location") == "" {
+			shouldRedirect = false
+			break
+		}
+		if ireq.GetBody == nil && ireq.outgoingLength() != 0 {
+			shouldRedirect = false
+		}
 		// RFC 2616 allowed automatic redirection only with GET and
 		// HEAD requests. RFC 7231 lifts this restriction, but we still
 		// restrict other methods to GET to maintain compatibility.

To view, visit change 280952. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: go
Gerrit-Branch: master
Gerrit-Change-Id: I9103806ab0da374e25dd73200f49147f97670de7
Gerrit-Change-Number: 280952
Gerrit-PatchSet: 1
Gerrit-Owner: Gerrit Bot <letsus...@gmail.com>
Gerrit-MessageType: newchange

Brad Fitzpatrick (Gerrit)

unread,
Apr 16, 2021, 12:44:36 PM4/16/21
to Gerrit Bot, goph...@pubsubhelper.golang.org, Brad Fitzpatrick, Russ Cox, Roberto Clapis, Go Bot, golang-co...@googlegroups.com

Brad Fitzpatrick abandoned this change.

View Change

Abandoned This would need a test. But from your code snippet, it looks like you're just crashing because you're ignoring errors. Please start with filing a bug on GitHub and discussing the problem there. Then reference this fix and we can reopen this change after discussion on the bug.

To view, visit change 280952. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: go
Gerrit-Branch: master
Gerrit-Change-Id: I9103806ab0da374e25dd73200f49147f97670de7
Gerrit-Change-Number: 280952
Gerrit-PatchSet: 1
Gerrit-Owner: Gerrit Bot <letsus...@gmail.com>
Gerrit-Reviewer: Brad Fitzpatrick <brad...@golang.org>
Gerrit-CC: Go Bot <go...@golang.org>
Gerrit-CC: Roberto Clapis <rob...@golang.org>
Gerrit-CC: Russ Cox <r...@golang.org>
Gerrit-MessageType: abandon
Reply all
Reply to author
Forward
0 new messages