Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix fetchHttpClient issue with redirects #21051

Merged
merged 3 commits into from
Mar 28, 2022

Conversation

xirzec
Copy link
Member

@xirzec xirzec commented Mar 25, 2022

Browsers expect to handle redirects automatically when using fetch, much like XMLHttpRequest's default behavior.

The fact that fetch() lets you set a "manual" mode, isn't intended for common use, but rather for a specific Service Worker scenario. The response sent back is heavily redacted and contains neither the true status or any HTTP headers from the response.

Some more context: https://stackoverflow.com/questions/42716082/fetch-api-whats-the-use-of-redirect-manual/42717388

Since this is blocking redirect scenarios, I think we should release another hotfix after @sarangan12 validates it against our AutoRest collateral.

Browsers expect to handle redirects automatically when using fetch, much like XMLHttpRequest's default behavior.

The fact that fetch() lets you set a "manual" mode, isn't intended for common use, but rather for a specific Service Worker scenario. The response sent back is heavily redacted and contains neither the true status or any HTTP headers from the response.
@xirzec xirzec added Client This issue points to a problem in the data-plane of the library. Azure.Core labels Mar 25, 2022
@xirzec xirzec requested review from sarangan12 and joheredi March 25, 2022 19:04
@xirzec xirzec requested a review from jeremymeng as a code owner March 25, 2022 19:04
@xirzec xirzec self-assigned this Mar 25, 2022
@xirzec xirzec requested a review from deyaaeldeen as a code owner March 25, 2022 19:04
@@ -75,7 +75,6 @@ async function makeRequest(request: PipelineRequest): Promise<PipelineResponse>
headers: headers,
signal: abortController.signal,
credentials: request.withCredentials ? "include" : "same-origin",
redirect: "manual",
Copy link
Member

@joheredi joheredi Mar 25, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Allowing Fetch to automatically handle redirects means that our redirectPolicy will never kick in for browsers right?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If that's the behavior we want, I think it would be worth adding a comment in the redirect policy mentioning this, it would save future us a headache trying to debug redirects and realize later that Fetch is handling it for us

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, the policy won't kick in, but it won't kick in now since we get back status: 0 and no headers. I'll add a comment here too.

Copy link
Member

@deyaaeldeen deyaaeldeen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Interesting, thanks for linking to the context!

Copy link
Member

@sarangan12 sarangan12 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Jeff!!!

Copy link
Member

@jeremymeng jeremymeng left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This makes sense.

@xirzec xirzec merged commit ff6f0ac into Azure:main Mar 28, 2022
@xirzec xirzec deleted the noManualRedirectInBrowser branch March 28, 2022 17:47
azure-sdk pushed a commit to azure-sdk/azure-sdk-for-js that referenced this pull request Oct 10, 2022
revert remaining readonly on collection (Azure#21051)
azure-sdk pushed a commit to azure-sdk/azure-sdk-for-js that referenced this pull request Oct 14, 2022
[2022-04-01-preview] Add New Api-version for Microsoft.ApiManagement (Azure#20399)

* Adds base for updating Microsoft.ApiManagement from version preview/2021-12-01-preview to version 2022-04-01-preview

* Updates readme

* Updates API version in new specs and examples

* APIM Auth Servers (Azure#19234)

* APIM Auth Servers

* adding x-ms-identifiers

* removing some weird, invisible special char

* formatting

* oAuth2AuthenticationSettings moved to AuthSettings

* Formatting

Co-authored-by: Milan Zolota <[email protected]>

* API Management Authorization Endpoints (Azure#19615)

* Add blockchain to latest profile

* Add additional types

* add authorizations definitions

* authorizations operations

* add examples

* update readme

* fix examples

* fix linter delete errors

* address CI validation errors

* prettier fix

* update to 2022-04

* fix readme

* Update specification/apimanagement/resource-manager/Microsoft.ApiManagement/preview/2022-04-01-preview/apimauthorizationproviders.json

Co-authored-by: Sean Kim <[email protected]>

* update versions

* Apply suggestions from code review

Co-authored-by: Mark Cowlishaw <[email protected]>
Co-authored-by: Annaji Sharma Ganti <[email protected]>
Co-authored-by: Annaji Sharma Ganti <[email protected]>

* Move Long running Create Operation from Location based to Azure-AsyncOperation Header (Azure#19733)

* azure-asyncOperation

* prettier

* fix(apim): Add missing 'metrics' property to diagnostics contract in 2022-04-01-preview (Azure#20317)

* apim /PUT apis import add translateRequiredQueryParameters (Azure#20333)

* [2022-04-01-preview] Replace resource with proxyresource and TrackedResource (Azure#20461)

* replace resource with proxyresource

* revert to proxyresource

* Add type object to authorization definitions (Azure#20631)

Authorization definitions were missing "type": "object", and this change adds that key/value pair

* Add type object to policy fragment definition (Azure#20585)

* APIM Open ID Connect providers (Azure#20622)

* APIM Open ID Connect providers

* added new proeprties for update

* prettier

* [APIM] Add Nat Gateway (Azure#19990)

* Update apimdeployment.json

* Create ApiManagementCreateServiceWithNatGatewayEnabled.json

* fix typo in file

* Change Nat Gateway property to enum

* modify type of natgateway state

* update property name

* add example reference

* small fix in example

* rename to  outboundPublicIPAddresses

Co-authored-by: Samir Solanki <[email protected]>

* [2022-04-01-preview] MIgrate2Stv2 API (Azure#20504)

* migrate2stv2

* updated to post

* 202 and location

* add body to 202

* remove body from 202

Co-authored-by: Vatsa Patel <[email protected]>
Co-authored-by: Samir Solanki <[email protected]>
Co-authored-by: [email protected] <[email protected]>

* Address Authorizations MissingTypeObject errors (Azure#20919)

* Add forgotten If-Match header (Azure#20920)

* Add forgotten If-Match header

`If-Match` header for the `DeleteAuthorizationAccessPolicy.json file` was forgotten. This change adds the wildcard character for the `If-Match` header for that file.

* Update ApiManagementDeleteAuthorization.json

* Use common types for specs and count as readonly (Azure#21023)

* common types

* count readonly

* Sasolank/more review comments (Azure#21025)

* XML

* proxy to gateway

* Update Authorizations Spec (Azure#21027)

* Update definitions.json

Update wording for PostGetLoginLink endpoint description

* Update apimauthorizationproviders.json

Add 201 response to all Authorization PUT requests

* Updated examples and fixed formatting

There was a formatting issue within apimauthorizationproviders.json, and the Authorization examples needed to be updated with the new 201 responses for creating/updating Authorization entities.

* Add long-running-operation key/value

Added x-ms-long-running-operation: true to Authorization PUT requests

* Remove long-running-operations

* readonly revert (Azure#21050)

* Set  SchemaContract.Document as required. (Azure#20110)

* Updated documentation of the SchemaContract. Server use to return code 500 in case SchemaContract.Document is null. That issue was fixed in the APIM and server will return proper response code.

* Fix AzureApiValidation

* update field with properties

* revert remaining readonly on collection (Azure#21051)

* Change to camel casing for "accesspolicies" (Azure#21070)

* Change to camel casing for "accesspolicies"

* More camel casing updates for access policies

* list example fixed (Azure#21089)

* fix definition (Azure#21110)

* upgrade to v3 for common types (Azure#21109)

* upgrade to v3

* Space

* revert to v2 proxyResource

Co-authored-by: Milan Zolota <[email protected]>
Co-authored-by: Milan Zolota <[email protected]>
Co-authored-by: Sean D Kim <[email protected]>
Co-authored-by: Mark Cowlishaw <[email protected]>
Co-authored-by: Annaji Sharma Ganti <[email protected]>
Co-authored-by: Annaji Sharma Ganti <[email protected]>
Co-authored-by: Tom Kerkhove <[email protected]>
Co-authored-by: Korolev Dmitry <[email protected]>
Co-authored-by: Logan Zipkes <[email protected]>
Co-authored-by: Rafał Mielowski <[email protected]>
Co-authored-by: malincrist <[email protected]>
Co-authored-by: GuanchenIntern <[email protected]>
Co-authored-by: VatsaPatel <[email protected]>
Co-authored-by: Vatsa Patel <[email protected]>
Co-authored-by: [email protected] <[email protected]>
Co-authored-by: Maxim Agapov <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Azure.Core Client This issue points to a problem in the data-plane of the library.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants