Changelog Development Documentation Download libcurl Mailing Lists News
cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Curl reports: "Maximum (50) redirects followed"

From: Michael Wood <esiotrot_at_gmail.com>
Date: Mon, 4 Mar 2013 16:40:38 +0200

On 4 March 2013 14:30, Daniel Stenberg <daniel_at_haxx.se> wrote:
> On Wed, 27 Feb 2013, Alex Vinnik wrote:
>
> Please don't top-post.
>
>
>> Got some input from chromium community...
>>
>>
>> https://groups.google.com/a/chromium.org/forum/?fromgroups=#!topic/chromium-discuss/Aa_gQn40-zE/overview
>>
>> Looks like a bug to me as well. -Alex
>
>
> Can you please clarify and spell out here on this list for all readers
> exactly how this bug works out? It seemed to involve "../" sections or
> whatever in the URL?

As far as I understand it, he tries to fetch a URL and the server returns:

Location: /promos../../p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374

Chrome converts that to:

/p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374

and fetches the resulting URL:

http://www.expedia.ca/p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374

Whereas curl does not convert "/blah/../" to "/" and the server keeps
trying to redirect back to the same broken URL and curl keeps trying
to fetch it:

$ curl -L -v "http://www.expedia.ca/pubspec/scripts/eap.asp?PRID=4&GOTO=PROMOS&Page=../../p/promos/winter-vacation-deals?langid=4105&AID=11259876&PID=3211374&affcid=network.cj.3211374.11259876."
2>&1 | grep -E "Location|GET"
> GET /pubspec/scripts/eap.asp?PRID=4&GOTO=PROMOS&Page=../../p/promos/winter-vacation-deals?langid=4105&AID=11259876&PID=3211374&affcid=network.cj.3211374.11259876. HTTP/1.1
< Location: /promos../../p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374
> GET /promos../../p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374 HTTP/1.1
< Location: /promos../../p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374
> GET /promos../../p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374 HTTP/1.1
< Location: /promos../../p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374
> GET /promos../../p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374 HTTP/1.1
< Location: /promos../../p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374
> GET /promos../../p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374 HTTP/1.1
< Location: /promos../../p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374
> GET /promos../../p/promos/winter-vacation-deals?langid=4105&affcid=network.cj.3211374.11259876.&affcid=cj3211374 HTTP/1.1
^C

As mentioned on the Chromium-discuss list it seems that Chrome is
following this:

http://tools.ietf.org/html/rfc3986#section-5.2.4 

-- 
Michael Wood <esiotrot_at_gmail.com>
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2013-03-04