diff options
author | David M. Lee <dlee@digium.com> | 2013-06-28 01:07:32 +0000 |
---|---|---|
committer | David M. Lee <dlee@digium.com> | 2013-06-28 01:07:32 +0000 |
commit | 1426b2b2282ebcb2dd024b07241d9b0a318efecc (patch) | |
tree | d02cdccc4422c160330e131f26e1c3f8361688d8 | |
parent | 0008f15a77d1cc89ed3f086edbb6a0b69c2fdf2f (diff) |
Removed the automatic 302 redirects for ARI URL's that end with a slash.
There were some problems redirecting RESTful API requests; notably the client
would change the request method to GET on the redirected requests. After some
looking into, I decided that a 404 would be simpler and have more consistent
behavior.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393083 65c4cc65-6c06-0410-ace0-fbb531ad65f3
-rw-r--r-- | res/res_stasis_http.c | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/res/res_stasis_http.c b/res/res_stasis_http.c index 99622f067..71ee39205 100644 --- a/res/res_stasis_http.c +++ b/res/res_stasis_http.c @@ -702,10 +702,24 @@ static void remove_trailing_slash(const char *uri, char *slashless = ast_strdupa(uri); slashless[strlen(slashless) - 1] = '\0'; - ast_str_append(&response->headers, 0, - "Location: /stasis/%s\r\n", slashless); - stasis_http_response_error(response, 302, "Found", - "Redirecting to %s", slashless); + /* While it's tempting to redirect the client to the slashless URL, + * that is problematic. A 302 Found is the most appropriate response, + * but most clients issue a GET on the location you give them, + * regardless of the method of the original request. + * + * While there are some ways around this, it gets into a lot of client + * specific behavior and corner cases in the HTTP standard. There's also + * very little practical benefit of redirecting; only GET and HEAD can + * be redirected automagically; all other requests "MUST NOT + * automatically redirect the request unless it can be confirmed by the + * user, since this might change the conditions under which the request + * was issued." + * + * Given all of that, a 404 with a nice message telling them what to do + * is probably our best bet. + */ + stasis_http_response_error(response, 404, "Not Found", + "ARI URL's do not end with a slash. Try /%s", slashless); } /*! |