Return-Path: X-Original-To: apmail-hc-dev-archive@www.apache.org Delivered-To: apmail-hc-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 36271108A6 for ; Fri, 24 Jan 2014 14:28:41 +0000 (UTC) Received: (qmail 68528 invoked by uid 500); 24 Jan 2014 14:28:39 -0000 Delivered-To: apmail-hc-dev-archive@hc.apache.org Received: (qmail 68486 invoked by uid 500); 24 Jan 2014 14:28:38 -0000 Mailing-List: contact dev-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpComponents Project" Delivered-To: mailing list dev@hc.apache.org Received: (qmail 68475 invoked by uid 99); 24 Jan 2014 14:28:38 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 24 Jan 2014 14:28:38 +0000 Date: Fri, 24 Jan 2014 14:28:37 +0000 (UTC) From: "Lars Bachmann (JIRA)" To: dev@hc.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (HTTPCLIENT-1452) in case of a redirect a wrong host param is set to http header MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HTTPCLIENT-1452?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lars Bachmann updated HTTPCLIENT-1452: -------------------------------------- Description: The following url will lead to a circular redirect and a CircularRedirectException in the end: http://it.bing.com/ The reason is that http://it.bing.com will redirect to http://www.bing.com but the header param "host" is not set to the new host (bing.com), instead the host param of the original request (it.bing.com) is used. In the end the redirect request will not call http://www.bing.com but http://it.bing.com instead, which is the same location like the original url and will end up in a circular deadlock. The fix would be to override the host param with the value of the redirect request after copying all header params from the original request to the redirect request. The class to adjust is: org.apache.http.impl.client.DefaultRequestDirector.java The problem is also addressed here: http://stackoverflow.com/questions/6698214/avoid-circular-redirect-using-httpclient-4-1-1 was: The following url will lead to an circular redirect and an CircularRedirectException in the end: http://it.bing.com/ The reason is that http://it.bing.com will redirect to http://www.bing.com but the header param "host" is not set to the new host (bing.com), instead the host param of the original (it.bing.com) request is used. In the end the redirect request will not call http://www.bing.com but instead http://it.bing.com which is the same location like the original url and will end up in a circular dead lock. The fix would be after copying all header params from the original request to the redirect request, to override the host param with the value of the redirect request The class to adjust is: org.apache.http.impl.client.DefaultRequestDirector.java The problem is also adressed here: http://stackoverflow.com/questions/6698214/avoid-circular-redirect-using-httpclient-4-1-1 > in case of a redirect a wrong host param is set to http header > -------------------------------------------------------------- > > Key: HTTPCLIENT-1452 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1452 > Project: HttpComponents HttpClient > Issue Type: Bug > Components: HttpClient > Reporter: Lars Bachmann > > The following url will lead to a circular redirect and a CircularRedirectException in the end: > http://it.bing.com/ > The reason is that http://it.bing.com will redirect to http://www.bing.com but the header param "host" is not set to the new host (bing.com), instead the host param of the original request (it.bing.com) is used. In the end the redirect request will not call http://www.bing.com but http://it.bing.com instead, which is the same location like the original url and will end up in a circular deadlock. > The fix would be to override the host param with the value of the redirect request after copying all header params from the original request to the redirect request. > The class to adjust is: org.apache.http.impl.client.DefaultRequestDirector.java > The problem is also addressed here: > http://stackoverflow.com/questions/6698214/avoid-circular-redirect-using-httpclient-4-1-1 -- This message was sent by Atlassian JIRA (v6.1.5#6160) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org For additional commands, e-mail: dev-help@hc.apache.org