[Webkit-unassigned] [Bug 109576] New: [Soup] Incorrect multilevel redirections (cannot login to Google+)
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Feb 12 05:38:51 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=109576
Summary: [Soup] Incorrect multilevel redirections (cannot login
to Google+)
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
URL: http://plus.google.com
OS/Version: Unspecified
Status: NEW
Keywords: Gtk, Soup
Severity: Normal
Priority: P2
Component: WebKit Gtk
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: svillar at igalia.com
CC: danw at gnome.org, gns at gnome.org, mrobinson at webkit.org,
rakuco at webkit.org
I found this when trying to login to plus.google.com with the current master and WebKitGtk+ (I guess the same happens with Efl). I was totally unable to login and the server was responding to some of the requests with 405 (Invalid method). I noticed that we were incorrectly redirecting with a POST when we should be using a GET in some cases.
This is more or less the sequence of events:
client server
(1) POST url --->
<--- return 302
(2) GET url --->
<--- return 302
(3) POST url --->
<--- return 405
So (2) is OK but the POST in (3) is not. The problem is the following, in doRedirect we create the new Request from the _original_ request (which is a POST), but the SoupMessage corresponds to the last client-server HTTP communication. So if the original request was a POST, it will never be rewritten to a GET for multilevel redirects (because the last SoupMessage method is a GET).
Patch coming soon
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list