search

chocolatey / choco

Chocolatey - the package manager for Windows
https://chocolatey.org
Other
10.36k stars 903 forks source link

Cookie isn't being resent in Get-WebFile with a redirect #1279

Open flcdrg opened 7 years ago

flcdrg commented 7 years ago

This package https://chocolatey.org/packages/server-jre8 is currently having to use .NET WebClient to download as for some reason if the script tries to set the Cookie using the Options collection, the cookie isn't maintained in the HTTP requests.

eg.

$options =
@{
  Headers = @{
    Cookie = "oraclelicense=accept-securebackup-cookie";
  }
}

Get-ChocolateyWebFile -PackageName $packageName -FileFullPath $tarGzFile -Url $url -Checksum $checksum -ChecksumType SHA256 -Options $options

I wonder if this is because the cookie is added using the request url as the cookie domain, but in this case the server responds with a 302 that redirects to a different url before redirecting back to the download.

Maybe because the second request then doesn't include the cookie, the download fails.

Tracking with Fiddler, I can see that the WebClient call does send the cookie on the request following the redirect response.

GET http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/server-jre-8u131-windows-x64.tar.gz HTTP/1.1 Cookie: oraclelicense=accept-securebackup-cookie Host: download.oracle.com Connection: Keep-Alive

HTTP/1.1 302 Moved Temporarily Server: AkamaiGHost Content-Length: 0 Location: https://edelivery.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/server-jre-8u131-windows-x64.tar.gz Date: Wed, 03 May 2017 02:20:04 GMT Connection: keep-alive

CONNECT edelivery.oracle.com:443 HTTP/1.1 Host: edelivery.oracle.com Connection: Keep-Alive

GET http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/server-jre-8u131-windows-x64.tar.gz?AuthParam=1493778125_2bc580fe9e8c9ee94dd9b0f390a94940 HTTP/1.1 Cookie: oraclelicense=accept-securebackup-cookie Host: download.oracle.com

If Get-WebFile is used, the following is observed

GET http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/server-jre-8u131-windows-x64.tar.gz HTTP/1.1 Accept: / User-Agent: chocolatey command line Host: download.oracle.com Accept-Encoding: gzip, deflate Connection: Keep-Alive

HTTP/1.1 302 Moved Temporarily Server: AkamaiGHost Content-Length: 0 Location: https://edelivery.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/server-jre-8u131-windows-x64.tar.gz Date: Wed, 03 May 2017 02:32:36 GMT Connection: keep-alive

CONNECT edelivery.oracle.com:443 HTTP/1.1 Host: edelivery.oracle.com Connection: Keep-Alive

GET http://download.oracle.com/errors/download-fail-1505220.html HTTP/1.1 Accept: / User-Agent: chocolatey command line Accept-Encoding: gzip, deflate Host: download.oracle.com

ferventcoder commented 7 years ago

Thanks for logging this.

Cubix651 commented 7 years ago

I'll try to fix it. :)