0

my problem is the following.

I am acting as a http(s) client in c/c++. Now i get redirected very often with status code 302, from http to https and vice versa. Inside the code i have to delete the http client and create a https client every time i get redirected from http to https and vice versa.

Is there a better way, without calling constructor/destructor again and again ?

I was thinking about one client for http and https. The problem i am facing here is that usually the ports differ, so thats not possible, right ?

Just to add one more thing. Sometimes the new location is even from another host. So basically i end up recreating the client for only e.g. one GET request. The servers i am dealing with are not google or other nice ones, but still i cannot believe that recreating is the only way.

Thank you in advance,

Best Regards

  • In my opinion the question is too broad. There is practically nothing known about your code, what your constructors and desctructors actually do, if your client is able to deal with HTTP keep-alive etc etc. Based on the very few information you provide it is not possible to make useful design suggestions without blindly guessing which of the many ways of implementing a HTTP client you actually do. – Steffen Ullrich Dec 30 '17 at 12:10
  • 1
    Being redirected from `https` to `http` might expose private user data if not handled correctly (i.e., removing secure cookie data etc'). Consider reporting this as an error. – Myst Dec 30 '17 at 14:53

1 Answers1

-1

Is there a better way, without calling constructor/destructor again and again ?

If the host you are redirected to resolves to the same IP address and port, you can just send another HTTP get/post/whatever on the same connection you have already established.

Otherwise you have to do a completely new TCP connection.

And without your code, it's impossible to state exactly what you need to do.

Andrew Henle
  • 32,625
  • 3
  • 24
  • 56
  • 4
    *"you can just send another HTTP get/post/whatever on the same connection you have already established."* - this is only true if HTTP keep alive is supported by both the client and server implementations. This includes that the client is able to detect close by the server (because of timeout) when sending a new request and implementing redoing the request if idempotent etc - which greatly increases the complexity. – Steffen Ullrich Dec 30 '17 at 12:08
  • Thank you, I think this is already the perfect answer. The code is a bit long but its based on Berkeley sockets API and openssl. However just one more question so its not possible to simply switch port after establishing connection. So e.g. when i get redirected to same host but different port to just change port ? –  Dec 30 '17 at 12:19
  • @SteffenUllrich But "Ooops. The server dropped the connection so I have to reconnect" is going to have to be handled anyway. – Andrew Henle Dec 30 '17 at 12:24
  • 1
    @OZ17 *its not possible to simply switch port after establishing connection* No, that's not possible. A TCP connection is to a specific port, and only that port (barring some non-standard extensions that you'd never be able to rely on). See https://stackoverflow.com/questions/3638953/do-tcp-connections-get-moved-to-another-port-after-they-are-opened – Andrew Henle Dec 30 '17 at 12:26
  • 2
    @AndrewHenle: Not every close by the server should result in reconnect by the client. A close of the connection by the server __during__ the HTTP response is an error and should be treated as such, i.e. report error to user of HTTP client. A close of the connection __after__ the HTTP response was sent is not an error. With HTTP keep-alive such close might happen while the client is sending the next request. In this case the client needs to transparently redo this request (after reconnecting) but only if the request is idempotent (i.e. GET but not POST). – Steffen Ullrich Dec 30 '17 at 12:47
  • 1
    "*If the host you are redirected to resolves to the same IP address and port, you can just send another HTTP get/post/whatever on the same connection you have already established.*" - this is only true if both requests are HTTP, or both are HTTPS, and even then only if HTTP keepalive is used. If HTTP redirects to HTTPS or vice versa (which is impossible to redirect to the same port), or HTTP keepalive is not used, a new TCP connection is *required*. – Remy Lebeau Dec 31 '17 at 04:12