Skip to content

Add option to retain request method on 301/302/303 redirects#887

Open
hamzahrmalik wants to merge 4 commits intoswift-server:mainfrom
hamzahrmalik:redirect_dont_convert_to_get
Open

Add option to retain request method on 301/302/303 redirects#887
hamzahrmalik wants to merge 4 commits intoswift-server:mainfrom
hamzahrmalik:redirect_dont_convert_to_get

Conversation

@hamzahrmalik
Copy link
Contributor

@hamzahrmalik hamzahrmalik commented Feb 16, 2026

Add a configuration option to not use GET when receiving 301/302/303 a redirect on a POST request.

Changes

  • Add a new struct to encapsulate the (now 3) arguments of the follow case of the redirect mode
  • Add a new option convertToGet. Defaults to true because thats the existing behaviour today
  • When it is false, do not convert requests to GET after following a redirect
  • Note: this does not affect 307/308 redirects. They always preserve their method

fabianfett
fabianfett reviewed Feb 17, 2026
View reviewed changes
Sources/AsyncHTTPClient/HTTPClient.swift Outdated
/// - Parameters:
/// - max: The maximum number of allowed redirects.
/// - allowCycles: Whether cycles are allowed.
/// - convertToGet: Whether to convert POST requests into GET requests when following a 301, 302 or 303 redirect. This does not apply to 307 or 308. Those always retain the original method.
Copy link
Member

@fabianfett fabianfett Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should call out that this should be true except, if users have clear needs.

fabianfett
fabianfett reviewed Feb 17, 2026
View reviewed changes
Sources/AsyncHTTPClient/HTTPClient.swift Outdated
Comment on lines 1321 to 1325
/// Redirects are followed with a specified limit.
///
/// - parameters
///
/// - warning: Cycle detection will keep all visited URLs in memory which means a malicious server could use this as a denial-of-service vector.
Copy link
Member

@fabianfett fabianfett Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This comments looks weird.

Copy link
Contributor Author

@hamzahrmalik hamzahrmalik Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i copied it from the existing one above

fabianfett
fabianfett reviewed Feb 17, 2026
View reviewed changes
Copy link
Member

@fabianfett fabianfett left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Love the tests. Let the naming bike-shed begin.

Sources/AsyncHTTPClient/HTTPClient.swift Outdated
Comment on lines 1281 to 1283
/// Whether to convert POST requests into GET requests when following a 301, 302 or 303 redirect.
/// This does not apply to 307 or 308. Those always retain the original method.
public var convertToGet: Bool
Copy link
Member

@fabianfett fabianfett Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like that curls specifically calls out 301, 302 and 303. I wonder if we should do the same here? convertToGet sounds too broad for me.

Sources/AsyncHTTPClient/HTTPClient.swift
}

/// Configuration for following redirects.
public struct FollowConfiguration: Hashable, Sendable {
Copy link
Member

@fabianfett fabianfett Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if it is worth adding this new struct now? If I see this correctly, we don't pass it around at all. Lets just add another property on the enum for now.

Copy link
Contributor Author

@hamzahrmalik hamzahrmalik Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

given that we're doing 3 properties now, imo we should keep the struct. We can actually take advantage of it by holding the struct inside the RedirectState

Copy link
Contributor Author

@hamzahrmalik hamzahrmalik Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see last commit

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fabianfett fabianfett Awaiting requested review from fabianfett

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hamzahrmalik @fabianfett

Comments