3 var url = require('url')
6 function Redirect (request) {
8 this.followRedirect = true
9 this.followRedirects = true
10 this.followAllRedirects = false
11 this.allowRedirect = function () {return true}
12 this.maxRedirects = 10
14 this.redirectsFollowed = 0
15 this.removeRefererHeader = false
18 Redirect.prototype.onRequest = function (options) {
21 if (options.maxRedirects !== undefined) {
22 self.maxRedirects = options.maxRedirects
24 if (typeof options.followRedirect === 'function') {
25 self.allowRedirect = options.followRedirect
27 if (options.followRedirect !== undefined) {
28 self.followRedirects = !!options.followRedirect
30 if (options.followAllRedirects !== undefined) {
31 self.followAllRedirects = options.followAllRedirects
33 if (self.followRedirects || self.followAllRedirects) {
34 self.redirects = self.redirects || []
36 if (options.removeRefererHeader !== undefined) {
37 self.removeRefererHeader = options.removeRefererHeader
41 Redirect.prototype.redirectTo = function (response) {
43 , request = self.request
46 if (response.statusCode >= 300 && response.statusCode < 400 && response.caseless.has('location')) {
47 var location = response.caseless.get('location')
48 request.debug('redirect', location)
50 if (self.followAllRedirects) {
52 } else if (self.followRedirects) {
53 switch (request.method) {
58 // Do not follow redirects
65 } else if (response.statusCode === 401) {
66 var authHeader = request._auth.onResponse(response)
68 request.setHeader('authorization', authHeader)
69 redirectTo = request.uri
75 Redirect.prototype.onResponse = function (response) {
77 , request = self.request
79 var redirectTo = self.redirectTo(response)
80 if (!redirectTo || !self.allowRedirect.call(request, response)) {
84 request.debug('redirect to', redirectTo)
86 // ignore any potential response body. it cannot possibly be useful
87 // to us at this point.
88 // response.resume should be defined, but check anyway before calling. Workaround for browserify.
89 if (response.resume) {
93 if (self.redirectsFollowed >= self.maxRedirects) {
94 request.emit('error', new Error('Exceeded maxRedirects. Probably stuck in a redirect loop ' + request.uri.href))
97 self.redirectsFollowed += 1
99 if (!isUrl.test(redirectTo)) {
100 redirectTo = url.resolve(request.uri.href, redirectTo)
103 var uriPrev = request.uri
104 request.uri = url.parse(redirectTo)
106 // handle the case where we change protocol from https to http or vice versa
107 if (request.uri.protocol !== uriPrev.protocol) {
112 { statusCode : response.statusCode
113 , redirectUri: redirectTo
116 if (self.followAllRedirects && request.method !== 'HEAD'
117 && response.statusCode !== 401 && response.statusCode !== 307) {
118 request.method = 'GET'
120 // request.method = 'GET' // Force all redirects to use GET || commented out fixes #215
123 delete request._started
124 if (response.statusCode !== 401 && response.statusCode !== 307) {
125 // Remove parameters from the previous response, unless this is the second request
126 // for a server that requires digest authentication.
129 if (request.headers) {
130 request.removeHeader('host')
131 request.removeHeader('content-type')
132 request.removeHeader('content-length')
133 if (request.uri.hostname !== request.originalHost.split(':')[0]) {
134 // Remove authorization if changing hostnames (but not if just
135 // changing ports or protocols). This matches the behavior of curl:
136 // https://github.com/bagder/curl/blob/6beb0eee/lib/http.c#L710
137 request.removeHeader('authorization')
142 if (!self.removeRefererHeader) {
143 request.setHeader('referer', uriPrev.href)
146 request.emit('redirect')
153 exports.Redirect = Redirect