Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

relative paths in the location header are not properly redirected #711

Open
ember-ana opened this issue Dec 24, 2022 · 0 comments
Open

relative paths in the location header are not properly redirected #711

ember-ana opened this issue Dec 24, 2022 · 0 comments

Comments

@ember-ana
Copy link

ember-ana commented Dec 24, 2022

This issue is similar to nodejs/undici#1521.

Bug Description

As outlined in RFC 7231, the Location header can feature relative paths, including strings without a leading slash, like location: abc. Hackney tacks that onto the path instead of replacing the last part as described in the RFC.

Reproducible By

I noticed this while trying to use the Wikipedia API using HTTPoison, which returns relative location headers. Here's example code:

HTTPoison.start
HTTPoison.get("https://en.wikipedia.org/api/rest_v1/page/summary/coffee", [], [follow_redirect: true])

Wikipedia returns a Location: Coffee header, which:

Intended behavior

Should redirect to https://en.wikipedia.org/api/rest_v1/page/summary/Coffee

Actual behavior

Redirects to https://en.wikipedia.org/api/rest_v1/page/summary/coffee/Coffee

Or, more generally

> GET /a/b
> Host: example.com
>
< HTTP/1.1 301 Moved Permanently
< location: c

should redirect to /a/c, as defined by RFC 3986, Section 5.4 but redirects to /a/b/c in hackney.

Environment

Hackney 1.17.1
Erlang/OTP 25 [erts-13.1.1] [source] [64-bit] [smp:8:8] [ds:8:8:10] [async-threads:1] [jit] [dtrace]
Elixir 1.14.2 (compiled with Erlang/OTP 25)
Darwin Kernel Version 22.2.0: Fri Nov 11 02:06:26 PST 2022; root:xnu-8792.61.2~4/RELEASE_ARM64_T8112 arm64 / MacOS Ventura 13.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant