use of org.zaproxy.zap.network.HttpRedirectionValidator in project zaproxy by zaproxy.
the class HttpSender method followRedirections.
/**
* Follows redirections using the response of the given {@code message}. The {@code validator}
* in the given request configuration will be called for each redirection received. After the
* call to this method the given {@code message} will have the contents of the last response
* received (possibly the response of a redirection).
*
* <p>The validator is notified of each message sent and received (first message and
* redirections followed, if any).
*
* @param message the message that will be sent, must not be {@code null}
* @param requestConfig the request configuration that contains the validator responsible for
* validation of redirections, must not be {@code null}.
* @throws IOException if an error occurred while sending the message or following the
* redirections
* @see #isRedirectionNeeded(int)
*/
private void followRedirections(HttpMessage message, HttpRequestConfig requestConfig) throws IOException {
HttpRedirectionValidator validator = requestConfig.getRedirectionValidator();
validator.notifyMessageReceived(message);
User requestingUser = getUser(message);
HttpMessage redirectMessage = message;
int maxRedirections = client.getParams().getIntParameter(HttpClientParams.MAX_REDIRECTS, 100);
for (int i = 0; i < maxRedirections && isRedirectionNeeded(redirectMessage.getResponseHeader().getStatusCode()); i++) {
URI newLocation = extractRedirectLocation(redirectMessage);
if (newLocation == null || !validator.isValid(newLocation)) {
return;
}
redirectMessage = redirectMessage.cloneAll();
redirectMessage.setRequestingUser(requestingUser);
redirectMessage.getRequestHeader().setURI(newLocation);
if (isRequestRewriteNeeded(redirectMessage)) {
redirectMessage.getRequestHeader().setMethod(HttpRequestHeader.GET);
redirectMessage.getRequestHeader().setHeader(HttpHeader.CONTENT_TYPE, null);
redirectMessage.getRequestHeader().setHeader(HttpHeader.CONTENT_LENGTH, null);
redirectMessage.setRequestBody("");
}
sendAndReceiveImpl(redirectMessage, requestConfig);
validator.notifyMessageReceived(redirectMessage);
// Update the response of the (original) message
message.setResponseHeader(redirectMessage.getResponseHeader());
message.setResponseBody(redirectMessage.getResponseBody());
}
}
Aggregations