Fix tunneling after redirection from https #1881
Conversation
|
I don't feel comfortable altering that logic. Why do you think that the current implementation is wrong? I would like @nylen to chime in here as well. |
|
Thanks for your review! There are some reasons:
For these reasons, I changed tunneling logic. |
|
I spent a good 20 minutes looking through the history of this code. As far as I can tell, in #1374 I was just trying to preserve the existing behavior of the library, which was a bit convoluted. I don't have a problem with the change to the tunneling logic given that (1) existing browsers behave this new way and (2) this behavior is very well-tested. Leaving some inline notes about changes that look unrelated to the tunneling behavior. |
| @@ -135,6 +135,8 @@ Redirect.prototype.onResponse = function (response) { | |||
| // changing ports or protocols). This matches the behavior of curl: | |||
| // https://github.com/bagder/curl/blob/6beb0eee/lib/http.c#L710 | |||
| request.removeHeader('authorization') | |||
| delete request.options.auth | |||
| delete request.options.oauth | |||
There was a problem hiding this comment.
This does not appear related to the tunneling changes, can you explain?
There was a problem hiding this comment.
You are right.. This is related to init changes in redirect.js, not tunneling.
|
@nylen yep, those lines you commented are probably not going in, my question was about the tunneling logic only. I'll take a look at the issues you mentioned 👍 |
|
Thanks for your reviews, @simov @nylen! Here is another way. Please see this commit. If this is better, I will commit this to fix-tunneling-after-redirection branch too. |
|
@falms take a look at this commit simov@7943dce My thinking is that the Now, it's a bit weird that the Let me know what do you think. |
|
@simov Holding and re-using initial user options is not so good as I thought a few days ago. I want to merge simov@7943dce into Could you tell me the best way to merge, please? |
|
Check out your branch Then you can push it into another PR - I think that's the easiest way. |
|
I prefer the first version of this change (https://github.com/falms/request/commit/d678bfc14e7170546abfdbf9b0e3967711e04839) over https://github.com/falms/request/commit/f4e9b0b95cd714ce564c5c61dfda8b266d5cd1bb - it's a simpler change that doesn't require adding an extra property. @simov may disagree though - I haven't been active here recently so will leave it up to him. |
|
@nylen the extra state property is needed, because you want the check in Take a look at the final version of the function and the initialization this is what we are talking about. |
|
I created new PR #1894. Well, both versions have extra property. In addition, changing |
…imple Fix tunneling after redirection from https (Original: #1881)
Current stable module (request@2.65.0) cannot handle https-to-http redirection with proxy properly.
When redirected from https to http with
options.tunnel = undefined,the http request should be proxied without CONNECT tunneling.
This pull-request includes these changes:
optionsagain after redirection.tunneloption.This pull-request solves this problem.