[svn-commits] dlee: trunk r393083 - /trunk/res/res_stasis_http.c

Thu, 27 Jun 2013 18:08:17 -0700 

Author: dlee
Date: Thu Jun 27 20:07:32 2013
New Revision: 393083

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=393083
Log:
Removed the automatic 302 redirects for ARI URL's that end with a slash.

There were some problems redirecting RESTful API requests; notably the client
would change the request method to GET on the redirected requests. After some
looking into, I decided that a 404 would be simpler and have more consistent
behavior.

Modified:
    trunk/res/res_stasis_http.c

Modified: trunk/res/res_stasis_http.c
URL: 
http://svnview.digium.com/svn/asterisk/trunk/res/res_stasis_http.c?view=diff&rev=393083&r1=393082&r2=393083
==============================================================================
--- trunk/res/res_stasis_http.c (original)
+++ trunk/res/res_stasis_http.c Thu Jun 27 20:07:32 2013
@@ -702,10 +702,24 @@
        char *slashless = ast_strdupa(uri);
        slashless[strlen(slashless) - 1] = '\0';
 
-       ast_str_append(&response->headers, 0,
-                      "Location: /stasis/%s\r\n", slashless);
-       stasis_http_response_error(response, 302, "Found",
-                                  "Redirecting to %s", slashless);
+       /* While it's tempting to redirect the client to the slashless URL,
+        * that is problematic. A 302 Found is the most appropriate response,
+        * but most clients issue a GET on the location you give them,
+        * regardless of the method of the original request.
+        *
+        * While there are some ways around this, it gets into a lot of client
+        * specific behavior and corner cases in the HTTP standard. There's also
+        * very little practical benefit of redirecting; only GET and HEAD can
+        * be redirected automagically; all other requests "MUST NOT
+        * automatically redirect the request unless it can be confirmed by the
+        * user, since this might change the conditions under which the request
+        * was issued."
+        *
+        * Given all of that, a 404 with a nice message telling them what to do
+        * is probably our best bet.
+        */
+       stasis_http_response_error(response, 404, "Not Found",
+               "ARI URL's do not end with a slash. Try /%s", slashless);
 }
 
 /*!


--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

svn-commits mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/svn-commits

Reply via email to