Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scheme-independent connection and redirection #268

Closed
wants to merge 3 commits into from
Closed

Scheme-independent connection and redirection #268

wants to merge 3 commits into from

Conversation

ewestbrook
Copy link
Contributor

@ewestbrook ewestbrook commented Feb 23, 2019
edited

Automatically handles upgrade redirects from HTTP to HTTPS using LuaSec, and allows both HTTP and HTTPS requests to be made using the single http.request() function. Requires only the tcp() function to be exposed by ssl.https. Also provides a path for support of other schemes in the future. See also brunoos/luasec#132.

@ewestbrook ewestbrook mentioned this pull request Feb 23, 2019
Merged
@diegonehab
Copy link
Contributor

Oops. I just merged your older pull request for omitting the port number in the Host: header and now there is a conflict here. Can you resubmit?

I never played with tls on Lua. How do we know if the host has a valid certificate? Is this all automatic?

@ewestbrook
Copy link
Contributor Author

Thanks! It was expected, as I wasn't sure which would go first. Resolving now.

@ewestbrook
socket.http.request(): simultaneous support for http and https URL sc…
e587800 
…hemes, with caller-adjustable scheme-to-transport mappings (default "socket.http" and "ssl.https")
@ewestbrook
Copy link
Contributor Author

Resolved, tested, and ready.

I never played with tls on Lua. How do we know if the host has a valid certificate? Is this all automatic?

It is. That's all done by LuaSec.

Before this patch, you had to make a different call separately yourself if it was HTTPS (require'ssl.https'.request()), or else construct and pass a create() function with LuaSec and pass it to LuaSocket -- again, you had to do that separately yourself for the case of HTTPS.

This patch just makes it transparent and easy. Same call, same arguments, regardless of scheme.

$ lua <<<"print(require'socket.http'.request'http://westbrook.com/')"
        200     table: 0x55f49d96dcc0   HTTP/1.1 200 OK

$ lua <<<"print(require'socket.http'.request'https://westbrook.com/')"
        200     table: 0x563792096e00   HTTP/1.1 200 OK

My favorite part is that if you make an HTTP request and get redirected to an HTTPS URL, it just works. (The example HTTP request above got a 307 back and did exactly that, in fact.)

Important: Please note that it does require the one line change in LuaSec PR 132 to expose the tcp() method there. Hopefully that'll get merged on that side soon.

@diegonehab
Copy link
Contributor

Still says it has a conflict here. :(

@ewestbrook ewestbrook closed this Feb 25, 2019
@ewestbrook
Copy link
Contributor Author

That was weird. My local repo said it had already been merged, and this page said there was a conflict, and then it seemed to have sorted itself out. Thanks.

@ewestbrook ewestbrook deleted the prc-multischeme branch February 28, 2019 19:23
This was referenced Mar 11, 2019
Open
Open
Open
Open
@Frenzie Frenzie mentioned this pull request Apr 17, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ewestbrook @diegonehab