search

geosolutions-it / http-proxy

Lean and Mean HTTP Proxy written in Java
GNU General Public License v3.0
21 stars 31 forks source link

HTTP Proxy doesn't support http redirect #35

Closed offtherailz closed 8 years ago

offtherailz commented 8 years ago

an http response to redirect (e.g. 301) simply turn back the response. A client will be redirected to the URL in the Location header, and not the proxy-ed one.

E.g.

Request URL:http://application-host.com/http_proxy/proxy/?url=http%3A%2F%2Fexample.com%2Fpath%2F4to%2Fwms%2Fget%3Fcapabilities%3Daph%26SERVICE%3DWMS%26REQUEST%3DGetCapabilities
Request Method:GET
Status Code:302 Found

Response Headers:

Connection:Keep-Alive
Content-Length:0
Location:http://anothersite.com/path/to/get/capabilities/?dataset=aph&SERVICE=WMS&REQUEST=GetCapabilities

Then the browser will generate an error if the cross-origin request is not allowed (headers).

XMLHttpRequest cannot load http://anothersite.com/path/to/get/capabilities/?dataset=aph&SERVICE=WMS&REQUEST=GetCapabilities. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http:/anothersite.com' is therefore not allowed access.

I propose add the (optional) replacement of the Location header with the current URL of the proxy:

Location: http://application-host.com/http_proxy/proxy/?url=http%3A%2F%2Fanothersite.com%2Fpath%2F4to%2Fwms%2Fget%3Fcapabilities%3Daph%26SERVICE%3DWMS%26REQUEST%3DGetCapabilities
offtherailz commented 8 years ago

The code for this is already present but supports only http status codes 300 and 304, It should support 301 and 302 too (maybe more) here: https://github.com/geosolutions-it/http-proxy/blob/master/src/main/java/it/geosolutions/httpproxy/HTTPProxy.java#L693

We should create a test for this,maybe externalizing this check in a separate utility class.