hc-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ol...@apache.org
Subject svn commit: r1727394 - /httpcomponents/httpclient/trunk/httpclient5/src/main/java/org/apache/hc/client5/http/impl/protocol/DefaultRedirectStrategy.java
Date Thu, 28 Jan 2016 16:16:48 GMT
Author: olegk
Date: Thu Jan 28 16:16:48 2016
New Revision: 1727394

URL: http://svn.apache.org/viewvc?rev=1727394&view=rev
Log:
HTTPCLIENT-1716: redirect handling of unsafe methods defined by RFC 7231

Modified:
    httpcomponents/httpclient/trunk/httpclient5/src/main/java/org/apache/hc/client5/http/impl/protocol/DefaultRedirectStrategy.java

Modified: httpcomponents/httpclient/trunk/httpclient5/src/main/java/org/apache/hc/client5/http/impl/protocol/DefaultRedirectStrategy.java
URL: http://svn.apache.org/viewvc/httpcomponents/httpclient/trunk/httpclient5/src/main/java/org/apache/hc/client5/http/impl/protocol/DefaultRedirectStrategy.java?rev=1727394&r1=1727393&r2=1727394&view=diff
==============================================================================
--- httpcomponents/httpclient/trunk/httpclient5/src/main/java/org/apache/hc/client5/http/impl/protocol/DefaultRedirectStrategy.java
(original)
+++ httpcomponents/httpclient/trunk/httpclient5/src/main/java/org/apache/hc/client5/http/impl/protocol/DefaultRedirectStrategy.java
Thu Jan 28 16:16:48 2016
@@ -30,6 +30,8 @@ package org.apache.hc.client5.http.impl.
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.util.Locale;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -59,11 +61,10 @@ import org.apache.hc.core5.util.TextUtil
 
 /**
  * Default implementation of {@link RedirectStrategy}. This strategy honors the restrictions
- * on automatic redirection of entity enclosing methods such as POST and PUT imposed by the
- * HTTP specification. {@code 302 Moved Temporarily}, {@code 301 Moved Permanently} and
- * {@code 307 Temporary Redirect} status codes will result in an automatic redirect of
- * HEAD and GET methods only. POST and PUT methods will not be automatically redirected
- * as requiring user confirmation.
+ * on automatic redirection of unsafe methods such as POST, PUT and DELETE imposed by
+ * the HTTP specification. Non safe methods will be redirected as GET in response to
+ * status code {@link HttpStatus#SC_MOVED_PERMANENTLY}, {@link HttpStatus#SC_MOVED_TEMPORARILY}
+ * and {@link HttpStatus#SC_SEE_OTHER}.
  *
  * @since 4.1
  */
@@ -74,8 +75,18 @@ public class DefaultRedirectStrategy imp
 
     public static final DefaultRedirectStrategy INSTANCE = new DefaultRedirectStrategy();
 
-    public DefaultRedirectStrategy() {
+    private final ConcurrentMap<String, Boolean> safeMethods;
+
+    public DefaultRedirectStrategy(final String... safeMethods) {
         super();
+        this.safeMethods = new ConcurrentHashMap<>();
+        for (String safeMethod: safeMethods) {
+            this.safeMethods.put(safeMethod.toUpperCase(Locale.ROOT), Boolean.TRUE);
+        }
+    }
+
+    public DefaultRedirectStrategy() {
+        this("GET", "HEAD", "OPTIONS", "TRACE");
     }
 
     @Override
@@ -183,8 +194,8 @@ public class DefaultRedirectStrategy imp
             case HttpStatus.SC_MOVED_PERMANENTLY:
             case HttpStatus.SC_MOVED_TEMPORARILY:
             case HttpStatus.SC_SEE_OTHER:
-                final String method = request.getRequestLine().getMethod();
-                if (method.equalsIgnoreCase("POST")) {
+                final String method = request.getRequestLine().getMethod().toUpperCase(Locale.ROOT);
+                if (!this.safeMethods.containsKey(method)) {
                     return new HttpGet(uri);
                 }
             case HttpStatus.SC_TEMPORARY_REDIRECT:



Mime
View raw message