cli icon indicating copy to clipboard operation
cli copied to clipboard
verified publisher icon httpie

Ability to modify redirect's type (--post301 etc.)

Open deviantony opened this issue 7 years ago • 3 comments

I'm using httpie to execute a POST request against my api at myapi.mydomain.com/endpoint:

http POST http://myapi.mydomain.com/endpoint         
HTTP/1.1 301 Moved Permanently
Content-Length: 17
Content-Type: text/plain; charset=utf-8
Date: Thu, 29 Nov 2018 21:17:20 GMT
Location: https://myapi.mydomain.com:443/endpoint

Moved Permanently

Now using follow:

http -F POST http://myapi.mydomain.com/endpoint
HTTP/1.1 405 Method Not Allowed
Content-Length: 0
Date: Thu, 29 Nov 2018 21:18:39 GMT

Seems that the request method is changed to GET, when using curl, the redirect is working fine:

curl -L -X POST http://myapi.mydomain.com/endpoint
{"msg":"hello world"}

Using httpie version 0.9.8

deviantony avatar Nov 29 '18 21:11 deviantony

@deviantony changing to GET is actually the correct behaviour (or at least the expected default behaviour on today's web).

(If you, for example, submit a form on a website, the most likely behaviour is that the server redirects you to another "thank you" page after processing your request to avoid double-submit on reload, etc.)

curl's behaviour with -X POST is different, but it‘s described as having potential "unintended side-effect" in the docs:

The method string you set with -X, --request will be used for all requests, which if you for example use -L, --location may cause unintended side-effects when curl doesn't change request method according to the HTTP 30x response codes - and similar. — https://curl.haxx.se/docs/manpage.html#-X

I assume that curl does change the method only when you use -d '' without -X POST.

So httpie's default behaviour looks legit to me. What I think it is missing, though, is something like --data301 (similar to curl's --post301 & co) which would explicitly instruct it to reuse the method and re-send the request data on redirect.

jkbrzt avatar Nov 29 '18 23:11 jkbrzt

Thanks for the detailed explanation.

I was exactly looking at the equivalent of curl's --post301 option in a machine to machine HTTP communication context.

deviantony avatar Nov 30 '18 03:11 deviantony

As per the specs, in order for the server to instruct the client to repeat the request on a redirected location with the original HTTP method it should return 307 or 308. I did not test to see if the httpie respects these status codes appropriately.

ibnesayeed avatar Jan 11 '19 23:01 ibnesayeed