Review Request: Broken redirections in handling of webdav when server requests a redirection from http to https

Dawit Alemayehu adawit at kde.org
Fri Jan 29 19:57:34 GMT 2010 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.kde.org/r/2760/#review3971
-----------------------------------------------------------

Ship it!


Looks ok... You probably need the fallback in case the protocol of the redirection/response url is "webdav" and not "http" ??  Alternatively you can simply replace "http" with "webdav" to avoid having to deal with those checks:

QString protocol (u.protocol());
u.setProtocol(protocol.replace(QLatin1String("http"), QLatin1String("webdav"));

Either way it seems fine and should be back ported since it is a fix...

- Dawit


On 2010-01-29 15:52:47, Matthew Dawson wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://reviewboard.kde.org/r/2760/
> -----------------------------------------------------------
> 
> (Updated 2010-01-29 15:52:47)
> 
> 
> Review request for kdelibs.
> 
> 
> Summary
> -------
> 
> When a website holding a webdav repository automatically redirects all http requests to https, the webdav handler in kio_http forces the request back to http.  The problem occurs as the code assumes the webdav protocol will not change.
> 
> This patch fixes the issue by analyzing the returned url, and sets webdav/webdavs based on whether the server requested a redirection to http/https respectively (it also will handle redirects from webdavs to webdav).  It also includes a fallback to the old behaviour if no protocol is specified, or the protocol is not http/https (is that even a legal request?  If not I can remove the fallback).
> 
> Also, is it ok to backport this patch for KDE SC 4.4?
> 
> 
> Diffs
> -----
> 
>   /trunk/KDE/kdelibs/kioslave/http/http.cpp 1082000 
> 
> Diff: http://reviewboard.kde.org/r/2760/diff
> 
> 
> Testing
> -------
> 
> Locally against a remote server running lighttpd that auto redirects all requests from http to https.  The webdav implementation used comes from webcit, included in the citadel mail server.  Url was:
> 
> webdav://mail.mjdsystems.ca/groupdav
> 
> Tested using kioclient (running kioclient get $url and checking debug output).
> 
> 
> Thanks,
> 
> Matthew
> 
>

More information about the kde-core-devel mailing list