Re: Potential Bug In Circular Redirect
Oleg, Thanks for the reply. Ok, the behavior can be correct, i understand you have a flag to disable circular redirects, but this still seems inappropriate. Becasue i still want to guard against genuine circular redirects from these false circular redirects, and since all browsers support this functionality, i think it would be nice if HttpClient could offer support for Browser HTTP Protocol like you can set a Param to act.like.a.browser which will 302 redirect when the uri is same but query string is different and basically operate as a forgiving http protocol if you so choose. Just an idea since the http protocol and the way all popular browsers implement it are much different. Thanks Oleg Kalnichevski wrote: On Thu, 2006-02-16 at 17:24 -0500, Ryan Smith wrote: ... I am using 3.0 RELEASE But i checked out the latest snap shot code, and the logic in HttpMethodDirector.java only checks for the URI, not URI + Query string. Ryan, I think this behavior is correct. It was implemented per this bug report: http://issues.apache.org/bugzilla/show_bug.cgi?id=33021 Set 'http.protocol.allow-circular-redirects' parameter to true to disable the check Oleg Below, plerase see my MANIFEST.MF that came with my httpclient.jar : Manifest-Version: 1.0 Ant-Version: Apache Ant 1.5.3 Created-By: Apache Maven Built-By: Michael Package: org.apache.commons.httpclient Build-Jdk: 1.3.1_17 Extension-Name: commons-httpclient Specification-Title: Jakarta Commons HttpClient Specification-Vendor: Apache Software Foundation Implementation-Title: org.apache.commons.httpclient Implementation-Vendor: Apache Software Foundation Implementation-Version: 3.0 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Potential Bug In Circular Redirect
Ryan Smith wrote: Oleg, Thanks for the reply. Ok, the behavior can be correct, i understand you have a flag to disable circular redirects, but this still seems inappropriate. Becasue i still want to guard against genuine circular redirects from these false circular redirects, and since all browsers support this functionality, i think it would be nice if HttpClient could offer support for Browser HTTP Protocol like you can set a Param to act.like.a.browser which will 302 redirect when the uri is same but query string is different and basically operate as a forgiving http protocol if you so choose. Just an idea since the http protocol and the way all popular browsers implement it are much different. The trouble is that so called popular browsers do it rather badly. They tend to accept any garbage some badly written CGI scripts spit out at them instead of rejecting malformed HTTP messages as invalid thus giving the developers of those sites some incentive to do their job properly. We usually provide a lenient mode in those cases where the wording of the HTTP spec is vague or ambiguous, but we have no intension to work around some pretty gross violations of the HTTP spec that common browsers tend to forgive. After all, HttpClient is not a browser, nor a vacuum cleaner, it is what it is, an HTTP library. Hope this explains our position Oleg Thanks Oleg Kalnichevski wrote: On Thu, 2006-02-16 at 17:24 -0500, Ryan Smith wrote: ... I am using 3.0 RELEASE But i checked out the latest snap shot code, and the logic in HttpMethodDirector.java only checks for the URI, not URI + Query string. Ryan, I think this behavior is correct. It was implemented per this bug report: http://issues.apache.org/bugzilla/show_bug.cgi?id=33021 Set 'http.protocol.allow-circular-redirects' parameter to true to disable the check Oleg Below, plerase see my MANIFEST.MF that came with my httpclient.jar : Manifest-Version: 1.0 Ant-Version: Apache Ant 1.5.3 Created-By: Apache Maven Built-By: Michael Package: org.apache.commons.httpclient Build-Jdk: 1.3.1_17 Extension-Name: commons-httpclient Specification-Title: Jakarta Commons HttpClient Specification-Vendor: Apache Software Foundation Implementation-Title: org.apache.commons.httpclient Implementation-Vendor: Apache Software Foundation Implementation-Version: 3.0 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Potential Bug In Circular Redirect
Oleg, Understood, thanks. Well, in the future, if you would ever decide to offer that functionality to be lienient on http as an option, i have some code for ya. Reverse Engineering popular browsers is a pain! Thanks again! :) -Ryan Oleg Kalnichevski wrote: Ryan Smith wrote: Oleg, Thanks for the reply. Ok, the behavior can be correct, i understand you have a flag to disable circular redirects, but this still seems inappropriate. Becasue i still want to guard against genuine circular redirects from these false circular redirects, and since all browsers support this functionality, i think it would be nice if HttpClient could offer support for Browser HTTP Protocol like you can set a Param to act.like.a.browser which will 302 redirect when the uri is same but query string is different and basically operate as a forgiving http protocol if you so choose. Just an idea since the http protocol and the way all popular browsers implement it are much different. The trouble is that so called popular browsers do it rather badly. They tend to accept any garbage some badly written CGI scripts spit out at them instead of rejecting malformed HTTP messages as invalid thus giving the developers of those sites some incentive to do their job properly. We usually provide a lenient mode in those cases where the wording of the HTTP spec is vague or ambiguous, but we have no intension to work around some pretty gross violations of the HTTP spec that common browsers tend to forgive. After all, HttpClient is not a browser, nor a vacuum cleaner, it is what it is, an HTTP library. Hope this explains our position Oleg Thanks Oleg Kalnichevski wrote: On Thu, 2006-02-16 at 17:24 -0500, Ryan Smith wrote: ... I am using 3.0 RELEASE But i checked out the latest snap shot code, and the logic in HttpMethodDirector.java only checks for the URI, not URI + Query string. Ryan, I think this behavior is correct. It was implemented per this bug report: http://issues.apache.org/bugzilla/show_bug.cgi?id=33021 Set 'http.protocol.allow-circular-redirects' parameter to true to disable the check Oleg Below, plerase see my MANIFEST.MF that came with my httpclient.jar : Manifest-Version: 1.0 Ant-Version: Apache Ant 1.5.3 Created-By: Apache Maven Built-By: Michael Package: org.apache.commons.httpclient Build-Jdk: 1.3.1_17 Extension-Name: commons-httpclient Specification-Title: Jakarta Commons HttpClient Specification-Vendor: Apache Software Foundation Implementation-Title: org.apache.commons.httpclient Implementation-Vendor: Apache Software Foundation Implementation-Version: 3.0 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Potential Bug In Circular Redirect
Ryan Smith wrote: Oleg, Understood, thanks. Well, in the future, if you would ever decide to offer that functionality to be lienient on http as an option, i have some code for ya. Reverse Engineering popular browsers is a pain! Thanks again! :) -Ryan Ryan, Commons HttpClient in its present form suffers from feature and options bloat more than anything else. We can no longer keep on piling stuff on top of it. We (The Jakarta HttpComponents project) are currently in the process of rewriting HttpClient from scratch, primarily to make it more modular and reusable http://wiki.apache.org/jakarta-httpclient/HttpClientApiRedesign http://wiki.apache.org/jakarta-httpclient/ProjectGoalsPage Feel free to consider submitting your code to HttpComponents at some point of time Oleg Oleg Kalnichevski wrote: Ryan Smith wrote: Oleg, Thanks for the reply. Ok, the behavior can be correct, i understand you have a flag to disable circular redirects, but this still seems inappropriate. Becasue i still want to guard against genuine circular redirects from these false circular redirects, and since all browsers support this functionality, i think it would be nice if HttpClient could offer support for Browser HTTP Protocol like you can set a Param to act.like.a.browser which will 302 redirect when the uri is same but query string is different and basically operate as a forgiving http protocol if you so choose. Just an idea since the http protocol and the way all popular browsers implement it are much different. The trouble is that so called popular browsers do it rather badly. They tend to accept any garbage some badly written CGI scripts spit out at them instead of rejecting malformed HTTP messages as invalid thus giving the developers of those sites some incentive to do their job properly. We usually provide a lenient mode in those cases where the wording of the HTTP spec is vague or ambiguous, but we have no intension to work around some pretty gross violations of the HTTP spec that common browsers tend to forgive. After all, HttpClient is not a browser, nor a vacuum cleaner, it is what it is, an HTTP library. Hope this explains our position Oleg Thanks Oleg Kalnichevski wrote: On Thu, 2006-02-16 at 17:24 -0500, Ryan Smith wrote: ... I am using 3.0 RELEASE But i checked out the latest snap shot code, and the logic in HttpMethodDirector.java only checks for the URI, not URI + Query string. Ryan, I think this behavior is correct. It was implemented per this bug report: http://issues.apache.org/bugzilla/show_bug.cgi?id=33021 Set 'http.protocol.allow-circular-redirects' parameter to true to disable the check Oleg Below, plerase see my MANIFEST.MF that came with my httpclient.jar : Manifest-Version: 1.0 Ant-Version: Apache Ant 1.5.3 Created-By: Apache Maven Built-By: Michael Package: org.apache.commons.httpclient Build-Jdk: 1.3.1_17 Extension-Name: commons-httpclient Specification-Title: Jakarta Commons HttpClient Specification-Vendor: Apache Software Foundation Implementation-Title: org.apache.commons.httpclient Implementation-Vendor: Apache Software Foundation Implementation-Version: 3.0 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Potential Bug In Circular Redirect
Olag, Thanks, i am exactly looking for a project like this. Thanks so much. I was thinking, the component idea is great, i like the http-spider, since thats what i work on . I have an open source project that was started a year ago: http://aspider.sf.net/ This is a autonomous java spider 1.4 compatible. Do you know who i could contact at the new http components projects to offer suggestions/code? Thanks again. -Ryan Oleg Kalnichevski wrote: Ryan Smith wrote: Oleg, Understood, thanks. Well, in the future, if you would ever decide to offer that functionality to be lienient on http as an option, i have some code for ya. Reverse Engineering popular browsers is a pain! Thanks again! :) -Ryan Ryan, Commons HttpClient in its present form suffers from feature and options bloat more than anything else. We can no longer keep on piling stuff on top of it. We (The Jakarta HttpComponents project) are currently in the process of rewriting HttpClient from scratch, primarily to make it more modular and reusable http://wiki.apache.org/jakarta-httpclient/HttpClientApiRedesign http://wiki.apache.org/jakarta-httpclient/ProjectGoalsPage Feel free to consider submitting your code to HttpComponents at some point of time Oleg Oleg Kalnichevski wrote: Ryan Smith wrote: Oleg, Thanks for the reply. Ok, the behavior can be correct, i understand you have a flag to disable circular redirects, but this still seems inappropriate. Becasue i still want to guard against genuine circular redirects from these false circular redirects, and since all browsers support this functionality, i think it would be nice if HttpClient could offer support for Browser HTTP Protocol like you can set a Param to act.like.a.browser which will 302 redirect when the uri is same but query string is different and basically operate as a forgiving http protocol if you so choose. Just an idea since the http protocol and the way all popular browsers implement it are much different. The trouble is that so called popular browsers do it rather badly. They tend to accept any garbage some badly written CGI scripts spit out at them instead of rejecting malformed HTTP messages as invalid thus giving the developers of those sites some incentive to do their job properly. We usually provide a lenient mode in those cases where the wording of the HTTP spec is vague or ambiguous, but we have no intension to work around some pretty gross violations of the HTTP spec that common browsers tend to forgive. After all, HttpClient is not a browser, nor a vacuum cleaner, it is what it is, an HTTP library. Hope this explains our position Oleg Thanks Oleg Kalnichevski wrote: On Thu, 2006-02-16 at 17:24 -0500, Ryan Smith wrote: ... I am using 3.0 RELEASE But i checked out the latest snap shot code, and the logic in HttpMethodDirector.java only checks for the URI, not URI + Query string. Ryan, I think this behavior is correct. It was implemented per this bug report: http://issues.apache.org/bugzilla/show_bug.cgi?id=33021 Set 'http.protocol.allow-circular-redirects' parameter to true to disable the check Oleg Below, plerase see my MANIFEST.MF that came with my httpclient.jar : Manifest-Version: 1.0 Ant-Version: Apache Ant 1.5.3 Created-By: Apache Maven Built-By: Michael Package: org.apache.commons.httpclient Build-Jdk: 1.3.1_17 Extension-Name: commons-httpclient Specification-Title: Jakarta Commons HttpClient Specification-Vendor: Apache Software Foundation Implementation-Title: org.apache.commons.httpclient Implementation-Vendor: Apache Software Foundation Implementation-Version: 3.0 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Potential Bug In Circular Redirect
On Fri, 2006-02-17 at 12:51 -0500, Ryan Smith wrote: Olag, Thanks, i am exactly looking for a project like this. Thanks so much. I was thinking, the component idea is great, i like the http-spider, since thats what i work on . I have an open source project that was started a year ago: http://aspider.sf.net/ This is a autonomous java spider 1.4 compatible. Do you know who i could contact at the new http components projects to offer suggestions/code? Thanks again. -Ryan Ryan, You can get in touch with the Jakarta HttpComponents developers by subscribing to the httpclient-dev@jakarta.apache.org list. Just post your suggestions / ideas / patches to the list and participate in the discussion that will follow. Cheers, Oleg Oleg Kalnichevski wrote: Ryan Smith wrote: Oleg, Understood, thanks. Well, in the future, if you would ever decide to offer that functionality to be lienient on http as an option, i have some code for ya. Reverse Engineering popular browsers is a pain! Thanks again! :) -Ryan Ryan, Commons HttpClient in its present form suffers from feature and options bloat more than anything else. We can no longer keep on piling stuff on top of it. We (The Jakarta HttpComponents project) are currently in the process of rewriting HttpClient from scratch, primarily to make it more modular and reusable http://wiki.apache.org/jakarta-httpclient/HttpClientApiRedesign http://wiki.apache.org/jakarta-httpclient/ProjectGoalsPage Feel free to consider submitting your code to HttpComponents at some point of time Oleg Oleg Kalnichevski wrote: Ryan Smith wrote: Oleg, Thanks for the reply. Ok, the behavior can be correct, i understand you have a flag to disable circular redirects, but this still seems inappropriate. Becasue i still want to guard against genuine circular redirects from these false circular redirects, and since all browsers support this functionality, i think it would be nice if HttpClient could offer support for Browser HTTP Protocol like you can set a Param to act.like.a.browser which will 302 redirect when the uri is same but query string is different and basically operate as a forgiving http protocol if you so choose. Just an idea since the http protocol and the way all popular browsers implement it are much different. The trouble is that so called popular browsers do it rather badly. They tend to accept any garbage some badly written CGI scripts spit out at them instead of rejecting malformed HTTP messages as invalid thus giving the developers of those sites some incentive to do their job properly. We usually provide a lenient mode in those cases where the wording of the HTTP spec is vague or ambiguous, but we have no intension to work around some pretty gross violations of the HTTP spec that common browsers tend to forgive. After all, HttpClient is not a browser, nor a vacuum cleaner, it is what it is, an HTTP library. Hope this explains our position Oleg Thanks Oleg Kalnichevski wrote: On Thu, 2006-02-16 at 17:24 -0500, Ryan Smith wrote: ... I am using 3.0 RELEASE But i checked out the latest snap shot code, and the logic in HttpMethodDirector.java only checks for the URI, not URI + Query string. Ryan, I think this behavior is correct. It was implemented per this bug report: http://issues.apache.org/bugzilla/show_bug.cgi?id=33021 Set 'http.protocol.allow-circular-redirects' parameter to true to disable the check Oleg Below, plerase see my MANIFEST.MF that came with my httpclient.jar : Manifest-Version: 1.0 Ant-Version: Apache Ant 1.5.3 Created-By: Apache Maven Built-By: Michael Package: org.apache.commons.httpclient Build-Jdk: 1.3.1_17 Extension-Name: commons-httpclient Specification-Title: Jakarta Commons HttpClient Specification-Vendor: Apache Software Foundation Implementation-Title: org.apache.commons.httpclient Implementation-Vendor: Apache Software Foundation Implementation-Version: 3.0 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Potential Bug In Circular Redirect
If i try a GET request on http://domain.com/site.html?x=1 And the domain.com web server does a 302 redirect to : /site.html?y=2 HttpCleint thinks its a Circular redirect b/c its *JUST* looking at the uri, not the uri + query string. Not sure if this breaks the protocol or not, but thought i would bring it to your attention, All browser support this type of redirect and recognizes it as not being circular, maybe HttpClient should examine the URI + the query string? Just a thought, ANy reply back on this would help alot. Currently i have to have the application to allow circular redirects. Thanks -Ryan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Potential Bug In Circular Redirect
On Thu, 2006-02-16 at 15:39 -0500, Ryan Smith wrote: If i try a GET request on http://domain.com/site.html?x=1 And the domain.com web server does a 302 redirect to : /site.html?y=2 HttpCleint thinks its a Circular redirect b/c its *JUST* looking at the uri, not the uri + query string. Not sure if this breaks the protocol or not, but thought i would bring it to your attention, All browser support this type of redirect and recognizes it as not being circular, maybe HttpClient should examine the URI + the query string? Just a thought, ANy reply back on this would help alot. Currently i have to have the application to allow circular redirects. Thanks -Ryan Ryan, What version of HttpClient are you using? Oleg - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Potential Bug In Circular Redirect
Oleg Kalnichevski wrote: On Thu, 2006-02-16 at 15:39 -0500, Ryan Smith wrote: If i try a GET request on http://domain.com/site.html?x=1 And the domain.com web server does a 302 redirect to : /site.html?y=2 HttpCleint thinks its a Circular redirect b/c its *JUST* looking at the uri, not the uri + query string. Not sure if this breaks the protocol or not, but thought i would bring it to your attention, All browser support this type of redirect and recognizes it as not being circular, maybe HttpClient should examine the URI + the query string? Just a thought, ANy reply back on this would help alot. Currently i have to have the application to allow circular redirects. Thanks -Ryan Ryan, What version of HttpClient are you using? Oleg - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] I am using 3.0 RELEASE But i checked out the latest snap shot code, and the logic in HttpMethodDirector.java only checks for the URI, not URI + Query string. Below, plerase see my MANIFEST.MF that came with my httpclient.jar : Manifest-Version: 1.0 Ant-Version: Apache Ant 1.5.3 Created-By: Apache Maven Built-By: Michael Package: org.apache.commons.httpclient Build-Jdk: 1.3.1_17 Extension-Name: commons-httpclient Specification-Title: Jakarta Commons HttpClient Specification-Vendor: Apache Software Foundation Implementation-Title: org.apache.commons.httpclient Implementation-Vendor: Apache Software Foundation Implementation-Version: 3.0 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Potential Bug In Circular Redirect
On Thu, 2006-02-16 at 17:24 -0500, Ryan Smith wrote: ... I am using 3.0 RELEASE But i checked out the latest snap shot code, and the logic in HttpMethodDirector.java only checks for the URI, not URI + Query string. Ryan, I think this behavior is correct. It was implemented per this bug report: http://issues.apache.org/bugzilla/show_bug.cgi?id=33021 Set 'http.protocol.allow-circular-redirects' parameter to true to disable the check Oleg Below, plerase see my MANIFEST.MF that came with my httpclient.jar : Manifest-Version: 1.0 Ant-Version: Apache Ant 1.5.3 Created-By: Apache Maven Built-By: Michael Package: org.apache.commons.httpclient Build-Jdk: 1.3.1_17 Extension-Name: commons-httpclient Specification-Title: Jakarta Commons HttpClient Specification-Vendor: Apache Software Foundation Implementation-Title: org.apache.commons.httpclient Implementation-Vendor: Apache Software Foundation Implementation-Version: 3.0 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
