From 7fe12cb09ad57909da78ecb5fe8ff1d33fb2b48d Mon Sep 17 00:00:00 2001
From: Martin Hutchinson <mhutchinson@gmail.com>
Date: Wed, 10 Apr 2024 15:03:20 +0100
Subject: [PATCH] Safeguard against redirects on POST request

A redirect on a POST request will make the http client perform a GET request to the signposted URL. This will (probably) return a 200, which the code will then interpret as a successful POST. This check ensures that the method the response relates to is the same as the one we invoked.
---
 binary_transparency/firmware/internal/client/client.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/binary_transparency/firmware/internal/client/client.go b/binary_transparency/firmware/internal/client/client.go
index f904cbb25..40964b90e 100644
--- a/binary_transparency/firmware/internal/client/client.go
+++ b/binary_transparency/firmware/internal/client/client.go
@@ -96,6 +96,9 @@ func (c SubmitClient) PublishFirmware(manifest, image []byte) error {
 	if err != nil {
 		return fmt.Errorf("failed to publish to log endpoint (%s): %w", u, err)
 	}
+	if resp.Request.Method != "POST" {
+		return fmt.Errorf("POST request to %q was converted to %s request to %q", u.String(), resp.Request.Method, resp.Request.URL)
+	}
 	if r.StatusCode != http.StatusOK {
 		return errFromResponse("failed to submit to log", r)
 	}