8000 Make a relative redirect URI absolute when 'Authorization' header pre… · kalgiz/PowerShell@06b0bb2 · GitHub
[go: up one dir, main page]
Skip to content

Commit 06b0bb2

Browse files
markekrausdaxian-dbw
markekraus
authored and
daxian-dbw
committed
Make a relative redirect URI absolute when 'Authorization' header present (PowerShell#6325)
1 parent 2d58072 commit 06b0bb2

File tree

4 files changed

+12
-2
lines changed

4 files changed

+12
-2
lines changed

src/Microsoft.PowerShell.Commands.Utility/commands/utility/WebCmdlet/Common/WebRequestPSCmdlet.Common.cs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1257,7 +1257,7 @@ internal virtual HttpResponseMessage GetResponse(HttpClient client, HttpRequestM
12571257

12581258
// recreate the HttpClient with redirection enabled since the first call suppressed redirection
12591259
using (client = GetHttpClient(false))
1260-
using (HttpRequestMessage redirectRequest = GetRequest(response.Headers.Location, stripAuthorization:true))
1260+
using (HttpRequestMessage redirectRequest = GetRequest(new Uri(request.RequestUri, response.Headers.Location), stripAuthorization:true))
12611261
{
12621262
FillRequestStream(redirectRequest);
12631263
_cancelToken = new CancellationTokenSource();

test/powershell/Modules/Microsoft.PowerShell.Utility/WebCmdlets.Tests.ps1

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -363,6 +363,8 @@ $redirectTests = @(
363363

364364
@{redirectType = 'TemporaryRedirect'; redirectedMethod = 'GET'}
365365
@{redirectType = 'RedirectKeepVerb'; redirectedMethod = 'GET'} # Synonym for TemporaryRedirect
366+
367+
@{redirectType = 'relative'; redirectedMethod = 'GET'}
366368
)
367369

368370
$PendingCertificateTest = $false

test/tools/WebListener/Controllers/RedirectController.cs

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,12 +30,19 @@ public IActionResult Index(int count)
3030
url = $"{url}/Redirect/{nextHop}";
3131
}
3232

33-
if (Request.Query.TryGetValue("type", out StringValues type) && Enum.TryParse(type.FirstOrDefault(), out HttpStatusCode status))
33+
var typeIsPresent = Request.Query.TryGetValue("type", out StringValues type);
34+
35+
if (typeIsPresent && Enum.TryParse(type.FirstOrDefault(), out HttpStatusCode status))
3436
{
3537
Response.StatusCode = (int)status;
3638
url = $"{url}?type={type.FirstOrDefault()}";
3739
Response.Headers.Add("Location", url);
3840
}
41+
else if (typeIsPresent && String.Equals(type.FirstOrDefault(), "relative", StringComparison.InvariantCultureIgnoreCase))
42+
{
43+
url = new Uri($"{url}?type={type.FirstOrDefault()}").PathAndQuery;
44+
Response.Redirect(url, false);
45+
}
3946
else
4047
{
4148
Response.Redirect(url, false);

test/tools/WebListener/README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -489,6 +489,7 @@ Invoke-RestMethod -Uri $uri -Body $body -Method 'Put'
489489

490490
Will `302` redirect to `/Get/`. If a number is supplied, redirect will occur that many times. Can be used to test maximum redirects.
491491
If the `type` query field is supplied the corresponding `System.Net.HttpStatusCode` will be returned instead of `302`.
492+
If `type` is `relative`, the redirect URI will be relative instead of absolute.
492493

493494
```powershell
494495
$uri = Get-WebListenerUrl -Test 'Redirect' -TestValue '2'

0 commit comments

Comments
 (0)
0