hstspreload icon indicating copy to clipboard operation
hstspreload copied to clipboard
verified publisher icon chromium

Return distinct error codes for 'redirects.too_many' depending on whether the starting URL is HTTP/HTTPS

Open april opened this issue 9 years ago • 2 comments

The Object looks like this:

{
  "errors": [
    {
      "code": "internal.domain.name.cannot_compute_etld1",
      "summary": "Internal Error",
      "message": "Could not compute eTLD+1."
    },
    {
      "code": "response.no_header",
      "summary": "No HSTS header",
      "message": "Response error: No HSTS header is present on the response."
    },
    {
      "code": "redirects.too_many",
      "summary": "Too many redirects",
      "message": "There are more than 3 redirects starting from `http://blogspot.com`."
    },
    {
      "code": "redirects.http.first_redirect.insecure",
      "summary": "HTTP does not redirect to HTTPS",
      "message": "`http://blogspot.com` (HTTP) redirects to `http://www.blogger.com/`. The first redirect from `http://blogspot.com` should be to a secure page on the same host (`https://blogspot.com`)."
    },
    {
      "code": "redirects.too_many",
      "summary": "Too many redirects",
      "message": "There are more than 3 redirects starting from `https://blogspot.com`."
    }
  ],
  "warnings": []
}

april avatar Jun 23 '16 19:06 april

@This is intentional; one is starting from HTTP, the other is starting from HTTPS. If HTTP redirects to HTTPS on the same host, then having two errors is usually redundant, but there are cases where it's useful to have both.

Would you prefer if they were different error codes, at least?

lgarron avatar Jun 23 '16 20:06 lgarron

Oh, you're right. I didn't see that they were from different URLs. Different error codes would be nice, although I guess I could always coalesce errors on my end.

april avatar Jun 23 '16 20:06 april