summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--methods/basehttp.cc24
-rwxr-xr-xtest/integration/test-bug-602412-dequote-redirect4
-rw-r--r--test/interactive-helper/aptwebserver.cc1
3 files changed, 15 insertions, 14 deletions
diff --git a/methods/basehttp.cc b/methods/basehttp.cc
index d7d9bccd0..5eb8a8e7e 100644
--- a/methods/basehttp.cc
+++ b/methods/basehttp.cc
@@ -286,18 +286,18 @@ BaseHttpMethod::DealWithHeaders(FetchResult &Res, RequestState &Req)
return IMS_HIT;
}
- /* Redirect
- *
- * Note that it is only OK for us to treat all redirection the same
- * because we *always* use GET, not other HTTP methods. There are
- * three redirection codes for which it is not appropriate that we
- * redirect. Pass on those codes so the error handling kicks in.
- */
- if (AllowRedirect
- && (Req.Result > 300 && Req.Result < 400)
- && (Req.Result != 300 // Multiple Choices
- && Req.Result != 304 // Not Modified
- && Req.Result != 306)) // (Not part of HTTP/1.1, reserved)
+ /* Note that it is only OK for us to treat all redirection the same
+ because we *always* use GET, not other HTTP methods.
+ Codes not mentioned are handled as errors later as required by the
+ HTTP spec to handle unknown codes the same as the x00 code. */
+ constexpr unsigned int RedirectCodes[] = {
+ 301, // Moved Permanently
+ 302, // Found
+ 303, // See Other
+ 307, // Temporary Redirect
+ 308, // Permanent Redirect
+ };
+ if (AllowRedirect && std::find(std::begin(RedirectCodes), std::end(RedirectCodes), Req.Result) != std::end(RedirectCodes))
{
if (Req.Location.empty() == true)
;
diff --git a/test/integration/test-bug-602412-dequote-redirect b/test/integration/test-bug-602412-dequote-redirect
index 9c6aa3945..3db7b5ea0 100755
--- a/test/integration/test-bug-602412-dequote-redirect
+++ b/test/integration/test-bug-602412-dequote-redirect
@@ -30,7 +30,7 @@ Reading package lists..." aptget update
testsuccess --nomsg aptget install unrelated --download-only -y
}
-for CODE in 301 302 307; do
+for CODE in 301 302 307 308; do
webserverconfig 'aptwebserver::redirect::httpcode' "$CODE"
rm -f aptarchive/webserver.log.client*.log
testrun "$CODE" "http://localhost:${APTHTTPPORT}"
@@ -40,7 +40,7 @@ done
changetohttpswebserver
-for CODE in 301 302 307; do
+for CODE in 301 302 307 308; do
webserverconfig 'aptwebserver::redirect::httpcode' "$CODE"
rm -f aptarchive/webserver.log.client*.log
testrun "$CODE" "https://localhost:${APTHTTPSPORT}"
diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc
index 22fc4121b..cbefe48d9 100644
--- a/test/interactive-helper/aptwebserver.cc
+++ b/test/interactive-helper/aptwebserver.cc
@@ -54,6 +54,7 @@ static std::string httpcodeToStr(int const httpcode) /*{{{*/
case 304: return _config->Find("aptwebserver::httpcode::304", "304 Not Modified");
case 305: return _config->Find("aptwebserver::httpcode::305", "305 Use Proxy");
case 307: return _config->Find("aptwebserver::httpcode::307", "307 Temporary Redirect");
+ case 308: return _config->Find("aptwebserver::httpcode::308", "308 Permanent Redirect");
// Client errors 4xx
case 400: return _config->Find("aptwebserver::httpcode::400", "400 Bad Request");
case 401: return _config->Find("aptwebserver::httpcode::401", "401 Unauthorized");