Review Request: Broken redirections in handling of webdav when server requests a redirection from http to https
Matthew Dawson
matthew at mjdsystems.ca
Thu Feb 4 03:54:17 GMT 2010
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.kde.org/r/2760/
-----------------------------------------------------------
(Updated 2010-02-04 03:54:17.504805)
Review request for kdelibs.
Changes
-------
Update patch to actual version checked in. Only will handle cases where protocol requested is explicitly http/https. All other protocols are passed through unchanged.
Summary
-------
When a website holding a webdav repository automatically redirects all http requests to https, the webdav handler in kio_http forces the request back to http. The problem occurs as the code assumes the webdav protocol will not change.
This patch fixes the issue by analyzing the returned url, and sets webdav/webdavs based on whether the server requested a redirection to http/https respectively (it also will handle redirects from webdavs to webdav). It also includes a fallback to the old behaviour if no protocol is specified, or the protocol is not http/https (is that even a legal request? If not I can remove the fallback).
Also, is it ok to backport this patch for KDE SC 4.4?
Diffs (updated)
-----
/trunk/KDE/kdelibs/kioslave/http/http.cpp 1084209
Diff: http://reviewboard.kde.org/r/2760/diff
Testing
-------
Locally against a remote server running lighttpd that auto redirects all requests from http to https. The webdav implementation used comes from webcit, included in the citadel mail server. Url was:
webdav://mail.mjdsystems.ca/groupdav
Tested using kioclient (running kioclient get $url and checking debug output).
Thanks,
Matthew
More information about the kde-core-devel
mailing list