Skip to content

Commit edb7699

Browse files
tvdijentvdijen
authored
Simplify HTTP status code to always be 303 on redirect (#1538)
1 parent c769bc1 commit edb7699

2 files changed

Lines changed: 4 additions & 17 deletions

File tree

lib/SimpleSAML/Utils/HTTP.php

Lines changed: 1 addition & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -225,26 +225,13 @@ private function redirect(string $url, array $parameters = []): void
225225
$url = $this->addURLParameters($url, $parameters);
226226
}
227227

228-
/* Set the HTTP result code. This is either 303 See Other or
229-
* 302 Found. HTTP 303 See Other is sent if the HTTP version
230-
* is HTTP/1.1 and the request type was a POST request.
231-
*/
232-
if (
233-
$_SERVER['SERVER_PROTOCOL'] === 'HTTP/1.1'
234-
&& $_SERVER['REQUEST_METHOD'] === 'POST'
235-
) {
236-
$code = 303;
237-
} else {
238-
$code = 302;
239-
}
240-
241228
if (strlen($url) > 2048) {
242229
Logger::warning('Redirecting to a URL longer than 2048 bytes.');
243230
}
244231

245232
if (!headers_sent()) {
246233
// set the location header
247-
header('Location: ' . $url, true, $code);
234+
header('Location: ' . $url, true, 303);
248235

249236
// disable caching of this response
250237
header('Pragma: no-cache');

tests/www/IndexTest.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,7 @@ public function testRedirection(): void
7474
$resp = $this->server->get('/index.php', [], [
7575
CURLOPT_FOLLOWLOCATION => 0,
7676
]);
77-
$this->assertEquals('302', $resp['code']);
77+
$this->assertEquals('303', $resp['code']);
7878
$this->assertEquals(
7979
'http://example.org/simplesaml/module.php/core/login',
8080
$resp['headers']['Location']
@@ -87,7 +87,7 @@ public function testRedirection(): void
8787
$resp = $this->server->get('/index.php', [], [
8888
CURLOPT_FOLLOWLOCATION => 0,
8989
]);
90-
$this->assertEquals('302', $resp['code']);
90+
$this->assertEquals('303', $resp['code']);
9191
$this->assertEquals(
9292
'https://example.org/module.php/core/login',
9393
$resp['headers']['Location']
@@ -100,7 +100,7 @@ public function testRedirection(): void
100100
$resp = $this->server->get('/index.php', [], [
101101
CURLOPT_FOLLOWLOCATION => 0,
102102
]);
103-
$this->assertEquals('302', $resp['code']);
103+
$this->assertEquals('303', $resp['code']);
104104
$this->assertEquals(
105105
'http://' . $this->server_addr . '/simplesaml/module.php/core/login',
106106
$resp['headers']['Location']

0 commit comments

Comments
 (0)