diff options
| author | John L. Villalovos <john@sodarock.com> | 2021-05-30 16:31:44 -0700 |
|---|---|---|
| committer | John L. Villalovos <john@sodarock.com> | 2021-09-08 09:27:41 -0700 |
| commit | d56a4345c1ae05823b553e386bfa393541117467 (patch) | |
| tree | fd7bab55106e7b9aaeefacddbe44b3c14d5b5594 /docs | |
| parent | b8a47bae3342400a411fb9bf4bef3c15ba91c98e (diff) | |
| download | gitlab-d56a4345c1ae05823b553e386bfa393541117467.tar.gz | |
fix!: raise error if there is a 301/302 redirection
Before we raised an error if there was a 301, 302 redirect but only
from an http URL to an https URL. But we didn't raise an error for
any other redirects.
This caused two problems:
1. PUT requests that are redirected get changed to GET requests
which don't perform the desired action but raise no error. This
is because the GET response succeeds but since it wasn't a PUT it
doesn't update. See issue:
https://github.com/python-gitlab/python-gitlab/issues/1432
2. POST requests that are redirected also got changed to GET
requests. They also caused hard to debug tracebacks for the user.
See issue:
https://github.com/python-gitlab/python-gitlab/issues/1477
Correct this by always raising a RedirectError exception and improve
the exception message to let them know what was redirected.
Closes: #1485
Closes: #1432
Closes: #1477
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/api-usage.rst | 11 | ||||
| -rw-r--r-- | docs/cli-usage.rst | 9 |
2 files changed, 18 insertions, 2 deletions
diff --git a/docs/api-usage.rst b/docs/api-usage.rst index 2f7166e..d4a4106 100644 --- a/docs/api-usage.rst +++ b/docs/api-usage.rst @@ -14,7 +14,9 @@ To connect to a GitLab server, create a ``gitlab.Gitlab`` object: import gitlab # private token or personal token authentication - gl = gitlab.Gitlab('http://10.0.0.1', private_token='JVNSESs8EwWRx5yDxM5q') + # Note that a 'url' that results in 301/302 redirects will cause an error + # (see below for more information). + gl = gitlab.Gitlab(url='https://gitlab.example.com', private_token='JVNSESs8EwWRx5yDxM5q') # oauth token authentication gl = gitlab.Gitlab('http://10.0.0.1', oauth_token='my_long_token_here') @@ -47,6 +49,13 @@ configuration files. If the GitLab server you are using redirects requests from http to https, make sure to use the ``https://`` protocol in the URL definition. +.. note:: + + It is highly recommended to use the final destination in the ``url`` field. + What this means is that you should not use a URL which redirects as it will + most likely cause errors. python-gitlab will raise a ``RedirectionError`` + when it encounters a redirect which it believes will cause an error. + Note on password authentication ------------------------------- diff --git a/docs/cli-usage.rst b/docs/cli-usage.rst index 1a80bbc..e263ef2 100644 --- a/docs/cli-usage.rst +++ b/docs/cli-usage.rst @@ -89,6 +89,13 @@ You must define the ``url`` in each GitLab server section. If the GitLab server you are using redirects requests from http to https, make sure to use the ``https://`` protocol in the ``url`` definition. +.. note:: + + It is highly recommended to use the final destination in the ``url`` field. + What this means is that you should not use a URL which redirects as it will + most likely cause errors. python-gitlab will raise a ``RedirectionError`` + when it encounters a redirect which it believes will cause an error. + Only one of ``private_token``, ``oauth_token`` or ``job_token`` should be defined. If neither are defined an anonymous request will be sent to the Gitlab server, with very limited permissions. @@ -101,7 +108,7 @@ We recommend that you use `Credential helpers`_ to securely store your tokens. * - Option - Description * - ``url`` - - URL for the GitLab server + - URL for the GitLab server. Do **NOT** use a URL which redirects. * - ``private_token`` - Your user token. Login/password is not supported. Refer to `the official documentation |