Re: Redirects continued -- was: Problem with certificate on home-grown WebID from Henry Story on 2011-12-21 (public-xg-webid@w3.org from December 2011)

From: Henry Story <henry.story@bblfish.net>
Date: Wed, 21 Dec 2011 19:44:54 +0100
To: Pierre-Antoine Champin <pierre-antoine.champin@liris.cnrs.fr>
Cc: Sebastian Trüg <sebastian@trueg.de>, public-xg-webid XG <public-xg-webid@w3.org>, Carvalho Melvin <melvincarvalho@gmail.com>, foaf-protocols@lists.foaf-project.org, Alexandre Bertalis <alexandre@bertails.org>
Message-Id: <BFE61AA2-6C67-4825-A5A9-37B784644D27@bblfish.net>

On 21 Dec 2011, at 19:41, Henry Story wrote:

> Ok I found the issue in the new code I deployed yesterday on foafssl.org. We are
> using in the read-write-web project the Apache HttpClient library 4.1.2 which has
> the class DefaultRequestDirector. This class does in fact follow redirects, but it does 
> not follow redirects by default to different hosts! Here is the offending (to some, 
> unknown to most) code:
> 
> 1045  // Invalidate auth states if redirecting to another host
> 1046  if (!route.getTargetHost().equals(newTarget)) {
> 1047      targetAuthState.invalidate();
> 1048      AuthScheme authScheme = proxyAuthState.getAuthScheme();
> 1049      if (authScheme != null && authScheme.isConnectionBased()) {
> 1050          proxyAuthState.invalidate();
> 1051      }
> 1052  }

Oops silly me! this is just removing the auth state which obviously should be done when you
redirect! Sorry, still searching....



> http://bit.ly/vcZjqb
> 
> Btw, it is interesting to note that this library limits redirects to 100 by default
> and checks for loops. It would be interesting to know why they put that in there.
> 
> 
> Henry 
> 
> 
> On 21 Dec 2011, at 18:20, Pierre-Antoine Champin wrote:
> 
>> On 12/21/2011 05:19 PM, Henry Story wrote:
>>> 
>>> On 21 Dec 2011, at 16:57, Pierre-Antoine Champin wrote:
>>> 
>>>> Hi,
>>>> 
>>>> I had the same misunderstanding as Sebastian, creating WebID
>>>> http://champin.net/pa
>>>> 
>>>> I now created
>>>> http://champin.net/#pa
>>>> (which I too prefer, btw).
>>>> 
>>>> But that one does not work with foafssl.org :-(
>>> 
>>> That's because at present it does not have redirection implemented and you resource redirects
>>> 
>>> $ curl -i  http://champin.net/ 
>>> HTTP/1.0 302 Found
>>> Server: BaseHTTP/0.3 Python/2.5.2
>>> Date: Wed, 21 Dec 2011 16:15:10 GMT
>>> Location: http://liris.cnrs.fr/~pchampin/
>>> Content-type: text/html
>>> Vary: Host
>> 
>> 
>> I beg to differ: http://champin.net/pa redirected as well, and it worked
>> (and still does)!
> 
> Social Web Architect
> http://bblfish.net/
> 

Social Web Architect
http://bblfish.net/

Received on Wednesday, 21 December 2011 18:45:25 UTC