[wp-trac] [WordPress Trac] #10624: Redirection should be disabled for HEAD requests (was: Upon redirection limit being hit return redirected URL in wp_error data fields)

WordPress Trac wp-trac at lists.automattic.com
Tue Dec 22 09:20:02 UTC 2009 

#10624: Redirection should be disabled for HEAD requests
--------------------------+-------------------------------------------------
 Reporter:  dd32          |       Owner:  dd32          
     Type:  defect (bug)  |      Status:  new           
 Priority:  normal        |   Milestone:  Future Release
Component:  HTTP          |     Version:  2.9           
 Severity:  normal        |    Keywords:  needs-patch   
--------------------------+-------------------------------------------------
Changes (by dd32):

  * keywords:  => needs-patch


Old description:

> Currently if you request a URL that attempts to redirect past your
> redirection limit, you'll get a object similar to this:
>
> {{{
> object(WP_Error)#106 (2) {
>   ["errors"]=>
>   array(1) {
>     ["http_request_failed"]=>
>     array(1) {
>       [0]=>
>       string(30) "Maximum (0) redirects followed"
>     }
>   }
>   ["error_data"]=>
>   array(0) {
>   }
> }
> }}}
>
> The major problem with this is that its impossible to retrieve the
> location its being  redirected to.
>
> Right now, I'm using wp_remote_head() to check if its redirecting to a
> different location, Unfortunately thats not possible...
>
> I'll add a patch which adds the location header to the error data objects
>
> But i'm also tempted to suggest, that if its a HEAD request (Or really,
> any request) and redirects are set to 0, then it shouldnt attempt to
> redirect at all, and simply return the headers as is (ie. as a 301 with a
> location header and possibly empty body)

New description:

 Updated:

 Currently, HEAD requests will follow redirections in some(or all)
 transports. HEAD requests should not follow redirects.

 ----
 Original:

 Currently if you request a URL that attempts to redirect past your
 redirection limit, you'll get a object similar to this:

 {{{
 object(WP_Error)#106 (2) {
   ["errors"]=>
   array(1) {
     ["http_request_failed"]=>
     array(1) {
       [0]=>
       string(30) "Maximum (0) redirects followed"
     }
   }
   ["error_data"]=>
   array(0) {
   }
 }
 }}}

 The major problem with this is that its impossible to retrieve the
 location its being  redirected to.

 Right now, I'm using wp_remote_head() to check if its redirecting to a
 different location, Unfortunately thats not possible...

 I'll add a patch which adds the location header to the error data objects

 But i'm also tempted to suggest, that if its a HEAD request (Or really,
 any request) and redirects are set to 0, then it shouldnt attempt to
 redirect at all, and simply return the headers as is (ie. as a 301 with a
 location header and possibly empty body)

--

Comment:

 > I am surprised that HEAD requests follow the redirects and I would
 expect to get the HEAD results back and read the information out.

 Me too, I'll write in a patch for that - Damn, it'll create conflicts with
 all my other HTTP patches from this evening :)

 > As for returning the redirected url - which of the many urls would you
 return?
 The last one. However, You're right i think, Its not really a typical use-
 case.. It'd be a pretty rare occurance.

 Lets skip returning the URL, and stick to preventing redirects for Head
 requests.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/10624#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list