0

Possible Bug with Headers when Redirects are Handled on y.rest requests

I've been fooling around with developing my own open data table to expand on the html table, by providing functionality to modify request headers and use the POST method, just as suggested here. However, I think I've stumbled upon a major roadblock that may be some sort of YQL bug.

I was posting some data to a login form, and the response from the server is a 302 along with some set-cookie headers that I need. The headers in the response from the y.rest.post() method ignores the cookie headers sent on the redirect, and follows the 302 to the final destination. Along the way, the set-cookie headers sent on the 302 response are lost. The responses from y.rest.get() do the same thing.

I suspect this is due to the fact that the responses contain no body, because I did manage to find a page y.rest.get() would send me the 302 as well as the corresponding headers. This page did have a body, so I'm guessing that when y.rest.get()/post() encounter http/https responses with no body, the redirects are automatically followed. I think auto-following the redirect(s) is a nice feature. Doing so while ignoring cookies sent on the redirect(s) does impose a severe limitation as to what you can do with y.rest.post() when dealing with forms that respond with cookies sent on redirects.

Perhaps you could:

  • Add a property/method to y.rest to prevent the auto-follow(s) from taking place
    OR
  • Perform the redirects, but on the final output where the body (and 200 response) is received, include any Set-Cookie headers that were sent on the redirect(s)

Am I the only one that has experienced this issue? Any chance this can be fixed?

GeekLad
http://geeklad.com

by
3 Replies
  • Undocumented as of yet, but on rest requests you can set followRedirects(false) and grab the intermediate data and follow the redirect yourself.

    Sam
    0
  • Works like a charm, thanks Sam!
    0
  • QUOTE (GeekLad @ Oct 13 2009, 11:54 AM) <{POST_SNAPBACK}>
    I've been fooling around with developing my own open data table to expand on the html table, by providing functionality to modify request headers and use the POST method, just as suggested here. However, I think I've stumbled upon a major roadblock that may be some sort of YQL bug.

    I was posting some data to a login form, and the response from the server is a 302 along with some set-cookie headers that I need. The headers in the response from the y.rest.post() method ignores the cookie headers sent on the redirect, and follows the 302 to the final destination. Along the way, the set-cookie headers sent on the 302 response are lost. The responses from y.rest.get() do the same thing.

    I suspect this is due to the fact that the responses contain no body, because I did manage to find a page y.rest.get() would send me the 302 as well as the corresponding headers. This page did have a body, so I'm guessing that when y.rest.get()/post() encounter http/https responses with no body, the redirects are automatically followed. I think auto-following the redirect(s) is a nice feature. Doing so while ignoring cookies sent on the redirect(s) does impose a severe limitation as to what you can do with y.rest.post() when dealing with forms that respond with cookies sent on redirects.

    Perhaps you could:

    • Add a property/method to y.rest to prevent the auto-follow(s) from taking place
      OR
    • Perform the redirects, but on the final output where the body (and 200 response) is received, include any Set-Cookie headers that were sent on the redirect(s)

    Am I the only one that has experienced this issue? Any chance this can be fixed?

    GeekLad
    http://geeklad.com



    Hey, We do have a way to customize followRedirects on the y.rest(..) object
    CODE
      y.rest('http://url').followRedirects(false); // Would do what you expect it to do


    Hope that helps.

    -- Nagesh
    0

Recent Posts

in YQL