Make a relative redirect URI absolute when 'Authorization' header present (#6325)
This commit is contained in:
parent
2d58072460
commit
06b0bb2eb2
|
@ -1257,7 +1257,7 @@ namespace Microsoft.PowerShell.Commands
|
|||
|
||||
// recreate the HttpClient with redirection enabled since the first call suppressed redirection
|
||||
using (client = GetHttpClient(false))
|
||||
using (HttpRequestMessage redirectRequest = GetRequest(response.Headers.Location, stripAuthorization:true))
|
||||
using (HttpRequestMessage redirectRequest = GetRequest(new Uri(request.RequestUri, response.Headers.Location), stripAuthorization:true))
|
||||
{
|
||||
FillRequestStream(redirectRequest);
|
||||
_cancelToken = new CancellationTokenSource();
|
||||
|
|
|
@ -363,6 +363,8 @@ $redirectTests = @(
|
|||
|
||||
@{redirectType = 'TemporaryRedirect'; redirectedMethod = 'GET'}
|
||||
@{redirectType = 'RedirectKeepVerb'; redirectedMethod = 'GET'} # Synonym for TemporaryRedirect
|
||||
|
||||
@{redirectType = 'relative'; redirectedMethod = 'GET'}
|
||||
)
|
||||
|
||||
$PendingCertificateTest = $false
|
||||
|
|
|
@ -30,12 +30,19 @@ namespace mvc.Controllers
|
|||
url = $"{url}/Redirect/{nextHop}";
|
||||
}
|
||||
|
||||
if (Request.Query.TryGetValue("type", out StringValues type) && Enum.TryParse(type.FirstOrDefault(), out HttpStatusCode status))
|
||||
var typeIsPresent = Request.Query.TryGetValue("type", out StringValues type);
|
||||
|
||||
if (typeIsPresent && Enum.TryParse(type.FirstOrDefault(), out HttpStatusCode status))
|
||||
{
|
||||
Response.StatusCode = (int)status;
|
||||
url = $"{url}?type={type.FirstOrDefault()}";
|
||||
Response.Headers.Add("Location", url);
|
||||
}
|
||||
else if (typeIsPresent && String.Equals(type.FirstOrDefault(), "relative", StringComparison.InvariantCultureIgnoreCase))
|
||||
{
|
||||
url = new Uri($"{url}?type={type.FirstOrDefault()}").PathAndQuery;
|
||||
Response.Redirect(url, false);
|
||||
}
|
||||
else
|
||||
{
|
||||
Response.Redirect(url, false);
|
||||
|
|
|
@ -489,6 +489,7 @@ Invoke-RestMethod -Uri $uri -Body $body -Method 'Put'
|
|||
|
||||
Will `302` redirect to `/Get/`. If a number is supplied, redirect will occur that many times. Can be used to test maximum redirects.
|
||||
If the `type` query field is supplied the corresponding `System.Net.HttpStatusCode` will be returned instead of `302`.
|
||||
If `type` is `relative`, the redirect URI will be relative instead of absolute.
|
||||
|
||||
```powershell
|
||||
$uri = Get-WebListenerUrl -Test 'Redirect' -TestValue '2'
|
||||
|
|
Loading…
Reference in a new issue