Merge pull request #1486 from JohnVillalovos/jlvillal/prohibit_redirection

fix!: raise error if there is a 301/302 redirection
author: Nejc Habjan <hab.nejc@gmail.com> 2021-09-08 20:43:29 +0200
committer: GitHub <noreply@github.com> 2021-09-08 20:43:29 +0200
commit: 37424050a00d9b4f46aea9e35d9897478452506d (patch)
tree: 5eff6088a53a482c7feaa739649b26cff3154df5 /gitlab/client.py
parent: 5247e8bc5298bc017e117e1bfa6717183d07827f (diff)
parent: d56a4345c1ae05823b553e386bfa393541117467 (diff)
download: gitlab-37424050a00d9b4f46aea9e35d9897478452506d.tar.gz
1 files changed, 25 insertions, 19 deletions
diff --git a/gitlab/client.py b/gitlab/client.py
index 47fae81..9db3a0e 100644
--- a/gitlab/client.py
+++ b/gitlab/client.py
@@ -29,8 +29,9 @@ import gitlab.exceptions
 from gitlab import utils
 
 REDIRECT_MSG = (
-    "python-gitlab detected an http to https redirection. You "
-    "must update your GitLab URL to use https:// to avoid issues."
+    "python-gitlab detected a {status_code} ({reason!r}) redirection. You must update "
+    "your GitLab URL to the correct URL to avoid issues. The redirection was from: "
+    "{source!r} to {target!r}"
 )
 
 
@@ -456,24 +457,29 @@ class Gitlab(object):
             return "%s%s" % (self._url, path)
 
     def _check_redirects(self, result: requests.Response) -> None:
-        # Check the requests history to detect http to https redirections.
-        # If the initial verb is POST, the next request will use a GET request,
-        # leading to an unwanted behaviour.
-        # If the initial verb is PUT, the data will not be send with the next
-        # request.
-        # If we detect a redirection to https with a POST or a PUT request, we
+        # Check the requests history to detect 301/302 redirections.
+        # If the initial verb is POST or PUT, the redirected request will use a
+        # GET request, leading to unwanted behaviour.
+        # If we detect a redirection with a POST or a PUT request, we
         # raise an exception with a useful error message.
-        if result.history and self._base_url.startswith("http:"):
-            for item in result.history:
-                if item.status_code not in (301, 302):
-                    continue
-                # GET methods can be redirected without issue
-                if item.request.method == "GET":
-                    continue
-                # Did we end-up with an https:// URL?
-                location = item.headers.get("Location", None)
-                if location and location.startswith("https://"):
-                    raise gitlab.exceptions.RedirectError(REDIRECT_MSG)
+        if not result.history:
+            return
+
+        for item in result.history:
+            if item.status_code not in (301, 302):
+                continue
+            # GET methods can be redirected without issue
+            if item.request.method == "GET":
+                continue
+            target = item.headers.get("location")
+            raise gitlab.exceptions.RedirectError(
+                REDIRECT_MSG.format(
+                    status_code=item.status_code,
+                    reason=item.reason,
+                    source=item.url,
+                    target=target,
+                )
+            )
 
     def _prepare_send_data(
         self,
author	Nejc Habjan <hab.nejc@gmail.com>	2021-09-08 20:43:29 +0200
committer	GitHub <noreply@github.com>	2021-09-08 20:43:29 +0200
commit	37424050a00d9b4f46aea9e35d9897478452506d (patch)
tree	5eff6088a53a482c7feaa739649b26cff3154df5 /gitlab/client.py
parent	5247e8bc5298bc017e117e1bfa6717183d07827f (diff)
parent	d56a4345c1ae05823b553e386bfa393541117467 (diff)
download	gitlab-37424050a00d9b4f46aea9e35d9897478452506d.tar.gz