3 var url = require('url')
6 function Redirect (request) {
8 this.followRedirect = true
9 this.followRedirects = true
10 this.followAllRedirects = false
11 this.followOriginalHttpMethod = false
12 this.allowRedirect = function () {return true}
13 this.maxRedirects = 10
15 this.redirectsFollowed = 0
16 this.removeRefererHeader = false
19 Redirect.prototype.onRequest = function (options) {
22 if (options.maxRedirects !== undefined) {
23 self.maxRedirects = options.maxRedirects
25 if (typeof options.followRedirect === 'function') {
26 self.allowRedirect = options.followRedirect
28 if (options.followRedirect !== undefined) {
29 self.followRedirects = !!options.followRedirect
31 if (options.followAllRedirects !== undefined) {
32 self.followAllRedirects = options.followAllRedirects
34 if (self.followRedirects || self.followAllRedirects) {
35 self.redirects = self.redirects || []
37 if (options.removeRefererHeader !== undefined) {
38 self.removeRefererHeader = options.removeRefererHeader
40 if (options.followOriginalHttpMethod !== undefined) {
41 self.followOriginalHttpMethod = options.followOriginalHttpMethod
45 Redirect.prototype.redirectTo = function (response) {
47 , request = self.request
50 if (response.statusCode >= 300 && response.statusCode < 400 && response.caseless.has('location')) {
51 var location = response.caseless.get('location')
52 request.debug('redirect', location)
54 if (self.followAllRedirects) {
56 } else if (self.followRedirects) {
57 switch (request.method) {
62 // Do not follow redirects
69 } else if (response.statusCode === 401) {
70 var authHeader = request._auth.onResponse(response)
72 request.setHeader('authorization', authHeader)
73 redirectTo = request.uri
79 Redirect.prototype.onResponse = function (response) {
81 , request = self.request
83 var redirectTo = self.redirectTo(response)
84 if (!redirectTo || !self.allowRedirect.call(request, response)) {
88 request.debug('redirect to', redirectTo)
90 // ignore any potential response body. it cannot possibly be useful
91 // to us at this point.
92 // response.resume should be defined, but check anyway before calling. Workaround for browserify.
93 if (response.resume) {
97 if (self.redirectsFollowed >= self.maxRedirects) {
98 request.emit('error', new Error('Exceeded maxRedirects. Probably stuck in a redirect loop ' + request.uri.href))
101 self.redirectsFollowed += 1
103 if (!isUrl.test(redirectTo)) {
104 redirectTo = url.resolve(request.uri.href, redirectTo)
107 var uriPrev = request.uri
108 request.uri = url.parse(redirectTo)
110 // handle the case where we change protocol from https to http or vice versa
111 if (request.uri.protocol !== uriPrev.protocol) {
116 { statusCode : response.statusCode
117 , redirectUri: redirectTo
120 if (self.followAllRedirects && request.method !== 'HEAD'
121 && response.statusCode !== 401 && response.statusCode !== 307) {
122 request.method = self.followOriginalHttpMethod ? request.method : 'GET'
124 // request.method = 'GET' // Force all redirects to use GET || commented out fixes #215
127 delete request._started
128 if (response.statusCode !== 401 && response.statusCode !== 307) {
129 // Remove parameters from the previous response, unless this is the second request
130 // for a server that requires digest authentication.
133 if (request.headers) {
134 request.removeHeader('host')
135 request.removeHeader('content-type')
136 request.removeHeader('content-length')
137 if (request.uri.hostname !== request.originalHost.split(':')[0]) {
138 // Remove authorization if changing hostnames (but not if just
139 // changing ports or protocols). This matches the behavior of curl:
140 // https://github.com/bagder/curl/blob/6beb0eee/lib/http.c#L710
141 request.removeHeader('authorization')
146 if (!self.removeRefererHeader) {
147 request.setHeader('referer', uriPrev.href)
150 request.emit('redirect')
157 exports.Redirect = Redirect