diff options
| author | John L. Villalovos <john@sodarock.com> | 2021-05-30 16:31:44 -0700 |
|---|---|---|
| committer | John L. Villalovos <john@sodarock.com> | 2021-09-08 09:27:41 -0700 |
| commit | d56a4345c1ae05823b553e386bfa393541117467 (patch) | |
| tree | fd7bab55106e7b9aaeefacddbe44b3c14d5b5594 /gitlab/client.py | |
| parent | b8a47bae3342400a411fb9bf4bef3c15ba91c98e (diff) | |
| download | gitlab-d56a4345c1ae05823b553e386bfa393541117467.tar.gz | |
fix!: raise error if there is a 301/302 redirection
Before we raised an error if there was a 301, 302 redirect but only
from an http URL to an https URL. But we didn't raise an error for
any other redirects.
This caused two problems:
1. PUT requests that are redirected get changed to GET requests
which don't perform the desired action but raise no error. This
is because the GET response succeeds but since it wasn't a PUT it
doesn't update. See issue:
https://github.com/python-gitlab/python-gitlab/issues/1432
2. POST requests that are redirected also got changed to GET
requests. They also caused hard to debug tracebacks for the user.
See issue:
https://github.com/python-gitlab/python-gitlab/issues/1477
Correct this by always raising a RedirectError exception and improve
the exception message to let them know what was redirected.
Closes: #1485
Closes: #1432
Closes: #1477
Diffstat (limited to 'gitlab/client.py')
| -rw-r--r-- | gitlab/client.py | 44 |
1 files changed, 25 insertions, 19 deletions
diff --git a/gitlab/client.py b/gitlab/client.py index 47fae81..9db3a0e 100644 --- a/gitlab/client.py +++ b/gitlab/client.py @@ -29,8 +29,9 @@ import gitlab.exceptions from gitlab import utils REDIRECT_MSG = ( - "python-gitlab detected an http to https redirection. You " - "must update your GitLab URL to use https:// to avoid issues." + "python-gitlab detected a {status_code} ({reason!r}) redirection. You must update " + "your GitLab URL to the correct URL to avoid issues. The redirection was from: " + "{source!r} to {target!r}" ) @@ -456,24 +457,29 @@ class Gitlab(object): return "%s%s" % (self._url, path) def _check_redirects(self, result: requests.Response) -> None: - # Check the requests history to detect http to https redirections. - # If the initial verb is POST, the next request will use a GET request, - # leading to an unwanted behaviour. - # If the initial verb is PUT, the data will not be send with the next - # request. - # If we detect a redirection to https with a POST or a PUT request, we + # Check the requests history to detect 301/302 redirections. + # If the initial verb is POST or PUT, the redirected request will use a + # GET request, leading to unwanted behaviour. + # If we detect a redirection with a POST or a PUT request, we # raise an exception with a useful error message. - if result.history and self._base_url.startswith("http:"): - for item in result.history: - if item.status_code not in (301, 302): - continue - # GET methods can be redirected without issue - if item.request.method == "GET": - continue - # Did we end-up with an https:// URL? - location = item.headers.get("Location", None) - if location and location.startswith("https://"): - raise gitlab.exceptions.RedirectError(REDIRECT_MSG) + if not result.history: + return + + for item in result.history: + if item.status_code not in (301, 302): + continue + # GET methods can be redirected without issue + if item.request.method == "GET": + continue + target = item.headers.get("location") + raise gitlab.exceptions.RedirectError( + REDIRECT_MSG.format( + status_code=item.status_code, + reason=item.reason, + source=item.url, + target=target, + ) + ) def _prepare_send_data( self, |