From e2704f6a7b87b558bb7a5271ab649eb86397e35b Mon Sep 17 00:00:00 2001 From: evazion Date: Mon, 29 Mar 2021 01:55:54 -0500 Subject: [PATCH] Danbooru::Http: redirect POST to GET on 302. When a POST request returns a 302 redirect, follow the redirect with a GET request instead of with a POST request. HTTP standards leave it unspecified whether a POST request that returns a 302 redirect should be followed with a GET or with a POST. A GET is what most browsers use, which means it's what most servers expect. Fixes the /tagme Discord command not working because when we uploaded the image to DeepDanbooru, the POST request returned a 302 redirect, which the server expected us to follow with a GET, not with a POST. Ref: * https://stackoverflow.com/questions/17605915/what-is-the-correct-behavior-expected-of-an-http-post-302-redirect-to-get --- app/logical/danbooru/http/redirector.rb | 2 +- test/unit/danbooru_http_test.rb | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/app/logical/danbooru/http/redirector.rb b/app/logical/danbooru/http/redirector.rb index 26331226e..388dd3d58 100644 --- a/app/logical/danbooru/http/redirector.rb +++ b/app/logical/danbooru/http/redirector.rb @@ -31,7 +31,7 @@ module Danbooru uri = HTTP::URI.parse(location) verb = request.verb - verb = :get if response.status == 303 && !request.verb.in?([:get, :head]) + verb = :get if response.status.in?([302, 303]) && !request.verb.in?([:get, :head]) request.redirect(uri, verb) end diff --git a/test/unit/danbooru_http_test.rb b/test/unit/danbooru_http_test.rb index 3187e60dd..0c5dbd623 100644 --- a/test/unit/danbooru_http_test.rb +++ b/test/unit/danbooru_http_test.rb @@ -78,6 +78,13 @@ class DanbooruHttpTest < ActiveSupport::TestCase end end + context "#post method" do + should "follow 302 redirects with a GET" do + response = Danbooru::Http.get(httpbin_url("redirect-to?url=#{httpbin_url("get")}")) + assert_equal(200, response.status) + end + end + context "cache feature" do should "cache multiple requests to the same url" do http = Danbooru::Http.cache(1.hour)