Your message dated Sun, 24 Mar 2013 09:03:55 +0800
with message-id <[email protected]>
and subject line Bug#609997: apt: http method reencodes Location URIs in case
of redirect
has caused the Debian Bug report #609997,
regarding apt: http method reencodes Location URIs in case of redirect
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
609997: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609997
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: apt
Version: 0.8.10
When an HTTP redirection code is received with a Location header, the
http apt method tries again with the URL provided by that header.
However, the URL gets quoted a second time, incorrectly escaping any %
character in the initial request. The result is that the web server the
request was redirected to is unable to serve the file associated with
the URL.
An illustration with a sample HTTP conversation:
1. a package file such as foo-1.1~bar_all.deb will be first requested by
Apt with a properly encoded URL:
GET /.../foo-1.1%7ebar_all.deb HTTP/1.1
Host: hosta
2. The web server on hosta then redirects with a 301 or 302 response,
quoting the request URL without modification:
HTTP/1.1 301 Moved Permanently
Location: http://hostb/path/.../foo-1.1%7ebar_all.deb
3. Apt then encodes the URL in the location field, and proceeds to
request it to the second web server:
GET /path/.../foo-1.1%257ebar_all.deb
Host: hostb
4. The web server at hostb is unable to find the requested URL and
responds with:
HTTP/1.1 404 Not Found
Below is a very simple patch to fix this issue.
---
methods/http.cc | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/methods/http.cc b/methods/http.cc
index 25e31de..c0ff134 100644
--- a/methods/http.cc
+++ b/methods/http.cc
@@ -949,7 +949,7 @@ HttpMethod::DealWithHeaders(FetchResult
&Res,ServerState *Srv)
{
if (!Srv->Location.empty())
{
- NextURI = Srv->Location;
+ NextURI = DeQuoteString(Srv->Location);
return TRY_AGAIN_OR_REDIRECT;
}
/* else pass through for error message */
--
1.7.1.1
--- End Message ---
--- Begin Message ---
Version: 0.8.15
Benjamin Ryzman <[email protected]> wrote:
>> When an HTTP redirection code is received with a Location header, the
>> http apt method tries again with the URL provided by that header.
>> However, the URL gets quoted a second time, incorrectly escaping any %
>> character in the initial request. The result is that the web server the
>> request was redirected to is unable to serve the file associated with
>> the URL.
Raphael Geissert <[email protected]> wrote:
> AFAICS, sid's apt has been fixed already. Not sure about other
> versions.
This was #602412, which is now archived so I will not merge it.
Closing.
--- End Message ---
