X Tutup
Skip to content

Webcmdlets display an error on https to http redirect#18595

Merged
iSazonov merged 13 commits intoPowerShell:masterfrom
CarloToso:check-for-https-->http-redirect
Feb 14, 2023
Merged

Webcmdlets display an error on https to http redirect#18595
iSazonov merged 13 commits intoPowerShell:masterfrom
CarloToso:check-for-https-->http-redirect

Conversation

@CarloToso
Copy link
Copy Markdown
Contributor

@CarloToso CarloToso commented Nov 17, 2022
edited by iSazonov
Loading

PR Summary

At the moment https to http redirect fail silently, after this PR it will show an error.

PR Context

PR Checklist

@CarloToso CarloToso requested a review from PaulHigin as a code owner November 17, 2022 11:03
@ghost ghost assigned anmenaga Nov 17, 2022
@CarloToso CarloToso changed the title Webcmdlets display an error on https to http redirect WIP: Webcmdlets display an error on https to http redirect Nov 17, 2022
@CarloToso CarloToso changed the title WIP: Webcmdlets display an error on https to http redirect Webcmdlets display an error on https to http redirect Nov 17, 2022
PaulHigin
PaulHigin previously requested changes Nov 22, 2022
View reviewed changes
...t.PowerShell.Commands.Utility/commands/utility/WebCmdlet/Common/WebRequestPSCmdlet.Common.cs Outdated
{
ErrorRecord er = new(new InvalidOperationException(), "InsecureRedirection", ErrorCategory.InvalidOperation, request);
er.ErrorDetails = new ErrorDetails(WebCmdletStrings.InsecureRedirection);
WriteError(er);
Copy link
Copy Markdown
Contributor

@PaulHigin PaulHigin Nov 22, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this be a terminating error here? There doesn't seem to be any point in continuing and we should throw ThrowTerminatingError() here.

Copy link
Copy Markdown
Contributor Author

@CarloToso CarloToso Nov 22, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I used WriteError() to mirror the behaviour of lines 1604-1609:

if (WebSession.MaximumRedirection == 0 && IsRedirectCode(response.StatusCode)) // Indicate "HttpClientHandler.AllowAutoRedirect == false"
{
    ErrorRecord er = new(new InvalidOperationException(), "MaximumRedirectExceeded", ErrorCategory.InvalidOperation, request);
    er.ErrorDetails = new ErrorDetails(WebCmdletStrings.MaximumRedirectionCountExceeded);
    WriteError(er);
}

I can change it if needed.

Copy link
Copy Markdown
Collaborator

@iSazonov iSazonov Jan 9, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is a behavior of other utils in the scenario?

Copy link
Copy Markdown
Collaborator

@iSazonov iSazonov Jan 9, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also text in WebCmdletStrings.InsecureRedirection assumes we should throw.

Copy link
Copy Markdown
Contributor Author

@CarloToso CarloToso Jan 9, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Test:
Invoke-WebRequest "https://mockbin.org/redirect/308?to=https://mockbin.org/redirect/302?to=http://mockbin.org/status/200" -SkipHttpErrorCheck --> 302
curl -L "https://mockbin.org/redirect/308?to=https://mockbin.org/redirect/302?to=http://mockbin.org/status/200" --> 200

(HttpClient does not seem to allow insecure redirect: dotnet/runtime#23801)

Copy link
Copy Markdown
Collaborator

@iSazonov iSazonov Jan 9, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add new test.

@ghost ghost added Waiting on Author The PR was reviewed and requires changes or comments from the author before being accept and removed Waiting on Author The PR was reviewed and requires changes or comments from the author before being accept labels Nov 22, 2022
@ghost ghost added the Review - Needed The PR is being reviewed label Nov 30, 2022
@ghost
Copy link
Copy Markdown

ghost commented Nov 30, 2022

This pull request has been automatically marked as Review Needed because it has been there has not been any activity for 7 days.
Maintainer, please provide feedback and/or mark it as Waiting on Author

@CarloToso CarloToso requested review from PaulHigin and iSazonov and removed request for PaulHigin and iSazonov January 9, 2023 14:36
@iSazonov iSazonov added Breaking-Change breaking change that may affect users CL-General Indicates that a PR should be marked as a general cmdlet change in the Change Log and removed Breaking-Change breaking change that may affect users labels Jan 9, 2023
@ghost ghost removed the Review - Needed The PR is being reviewed label Jan 9, 2023
@iSazonov
Copy link
Copy Markdown
Collaborator

iSazonov commented Jan 12, 2023

@CarloToso Please add tests.

@CarloToso
Copy link
Copy Markdown
Contributor Author

CarloToso commented Jan 12, 2023
edited by iSazonov
Loading

@iSazonov I'm working on the tests.

@iSazonov
Copy link
Copy Markdown
Collaborator

iSazonov commented Jan 12, 2023

@CarloToso We could add tests in #18546 after current PR will be merged.

@CarloToso CarloToso mentioned this pull request Jan 13, 2023
Merged
@CarloToso
Copy link
Copy Markdown
Contributor Author

CarloToso commented Jan 13, 2023
edited
Loading

@iSazonov I think we can merge

@iSazonov iSazonov closed this Jan 14, 2023
@iSazonov iSazonov reopened this Jan 14, 2023
@iSazonov iSazonov requested a review from PaulHigin January 14, 2023 07:38
@ghost ghost added the Review - Needed The PR is being reviewed label Jan 23, 2023
@ghost
Copy link
Copy Markdown

ghost commented Jan 23, 2023

This pull request has been automatically marked as Review Needed because it has been there has not been any activity for 7 days.
Maintainer, please provide feedback and/or mark it as Waiting on Author

@CarloToso CarloToso mentioned this pull request Jan 23, 2023
Closed
5 tasks
@CarloToso
Copy link
Copy Markdown
Contributor Author

CarloToso commented Jan 30, 2023

@SteveL-MSFT can we merge this?

@iSazonov iSazonov requested a review from SteveL-MSFT January 31, 2023 05:34
@pull-request-quantifier-deprecated
Copy link
Copy Markdown

pull-request-quantifier-deprecated bot commented Feb 10, 2023

This PR has 17 quantified lines of changes. In general, a change size of upto 200 lines is ideal for the best PR experience!

Quantification details 

Label      : Extra Small
Size       : +12 -5
Percentile : 6.8%

Total files changed: 3

Change summary by file extension:
.cs : +4 -0
.resx : +6 -3
.ps1 : +2 -2

Change counts above are quantified counts, based on the PullRequestQuantifier customizations.

Why proper sizing of changes matters

Optimal pull request sizes drive a better predictable PR flow as they strike a
balance between between PR complexity and PR review overhead. PRs within the
optimal size (typical small, or medium sized PRs) mean:

  • Fast and predictable releases to production:
    • Optimal size changes are more likely to be reviewed faster with fewer
      iterations.
    • Similarity in low PR complexity drives similar review times.
  • Review quality is likely higher as complexity is lower:
    • Bugs are more likely to be detected.
    • Code inconsistencies are more likely to be detected.
  • Knowledge sharing is improved within the participants:
    • Small portions can be assimilated better.
  • Better engineering practices are exercised:
    • Solving big problems by dividing them in well contained, smaller problems.
    • Exercising separation of concerns within the code changes.

What can I do to optimize my changes

  • Use the PullRequestQuantifier to quantify your PR accurately
    • Create a context profile for your repo using the context generator
    • Exclude files that are not necessary to be reviewed or do not increase the review complexity. Example: Autogenerated code, docs, project IDE setting files, binaries, etc. Check out the Excluded section from your prquantifier.yaml context profile.
    • Understand your typical change complexity, drive towards the desired complexity by adjusting the label mapping in your prquantifier.yaml context profile.
    • Only use the labels that matter to you, see context specification to customize your prquantifier.yaml context profile.
  • Change your engineering behaviors
    • For PRs that fall outside of the desired spectrum, review the details and check if:
      • Your PR could be split in smaller, self-contained PRs instead
      • Your PR only solves one particular issue. (For example, don't refactor and code new features in the same PR).

How to interpret the change counts in git diff output

  • One line was added: +1 -0
  • One line was deleted: +0 -1
  • One line was modified: +1 -1 (git diff doesn't know about modified, it will
    interpret that line like one addition plus one deletion)
  • Change percentiles: Change characteristics (addition, deletion, modification)
    of this PR in relation to all other PRs within the repository.

Was this comment helpful? 👍  :ok_hand:  :thumbsdown: (Email)
Customize PullRequestQuantifier for this repository.

@iSazonov iSazonov assigned iSazonov and unassigned anmenaga Feb 14, 2023
@ghost ghost removed the Review - Needed The PR is being reviewed label Feb 14, 2023
@iSazonov iSazonov merged commit 69a4d79 into PowerShell:master Feb 14, 2023
@CarloToso CarloToso deleted the check-for-https-->http-redirect branch February 14, 2023 10:36
@ghost
Copy link
Copy Markdown

ghost commented Mar 14, 2023

🎉v7.4.0-preview.2 has been released which incorporates this pull request.:tada:

Handy links:

@crlogic
Copy link
Copy Markdown

crlogic commented Apr 6, 2023
edited
Loading

Breaking changes

  • None

Hrmm, this breaks every IRM across any insecure (corporate|zero-trust) proxies by making AllowInsecureRedirect mandatory (because I cannot control this as an end user). Except I can't perform a blanket "add AllowInsecureRedirect" to all IRM's because agents/executors/etc won't all be upgraded big-bang to 7.4 (rolling upgrades).

Script modules are now completely broken if there is a insecure proxy. Wouldn't that make this a breaking change?
https://github.com/dell/OpenManage-PowerShell-Modules

Is there an easier way?

    if ($psVersionTable.PSVersion.Major -ge 7 -and $psVersionTable.PSVersion.Minor -ge 4) {
        $querySplat.Add('AllowInsecureRedirect',$true)
    }
GitHub
Contribute to dell/OpenManage-PowerShell-Modules development by creating an account on GitHub.

@CarloToso
Copy link
Copy Markdown
Contributor Author

CarloToso commented Apr 6, 2023

@crlogic Could you please open an issue to discuss this?

@crlogic crlogic mentioned this pull request Apr 6, 2023
Closed
5 tasks
@CarloToso CarloToso mentioned this pull request Apr 7, 2023
Merged
22 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SteveL-MSFT SteveL-MSFT SteveL-MSFT approved these changes

@iSazonov iSazonov iSazonov approved these changes

@PaulHigin PaulHigin Awaiting requested review from PaulHigin

Assignees

@iSazonov iSazonov

Labels

CL-General Indicates that a PR should be marked as a general cmdlet change in the Change Log Extra Small

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@CarloToso @iSazonov @crlogic @SteveL-MSFT @PaulHigin @anmenaga
X Tutup