Home > Mobile >  Redirecting to permanently moved page with response code 302
Redirecting to permanently moved page with response code 302

Time:02-24

I am sending this request from my C code:

char * request = "GET / HTTP/1.1\r\n" \
"Host: www.some.com\r\n" \
"Connection: keep-alive\r\n" \
"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36\r\n" \
"Accept: text/html,application/xhtml xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\n\r\n";

But I get this response after sending the above request:

HTTP/1.1 302 Found
Location: https://www.some.com/?gws_rd=ssl
Cache-Control: private
Content-Type: text/html; charset=UTF-8
BFCache-Opt-In: unload
Date: Thu, 24 Feb 2022 06:17:10 GMT
Server: gws
Content-Length: 231
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Set-Cookie: 1P_JAR=2022-02-24-06; expires=Sat, 26-Mar-2022 06:17:10 GMT; path=/; domain=.some.com; Secure; SameSite=none

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="https://www.some.com/?gws_rd=ssl">here</A>.
</BODY></HTML>

This is the message <A HREF="https://www.some.com/?gws_rd=ssl">here</A>. so If I follow https://www.some.com/?gws_rd=ssl I dont get any data, its like request is being sent but data is not received. I sending this request to https://www.some.com/?gws_rd=ssl

  char *x="GET / https://www.some.com/?gws_rd=ssl\r\n\r\n";

why is that. Whats wrong with my http/https.

I am using openSSL.

So after sending initial request the server moved the resource to new url. Now when I following the new url nothing happens no data response

Code:

/* filename nossl.c */
#include "stdio.h"
#include "string.h"

#include "openssl/ssl.h"
#include "openssl/bio.h"
#include "openssl/err.h"

int main()
{
    BIO * bio;
    char resp[1024];
    int  ret;

    //char * request = "GET /cas/login?service=https://web.corp.ema-tech.com:8888/ HTTP/1.1\x0D\x0AHost: web.corp.ema-tech.com\x0D\x0A\x43onnection: Close\x0D\x0A\x0D\x0A";
    char * request = "GET / HTTP/1.1\r\n" \
"Host: www.yoursite.com\r\n" \
"Connection: keep-alive\r\n" \
"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36\r\n" \
"Accept: text/html,application/xhtml xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\n\r\n";
char *x="GET / https://www.yoursite.com/?gws_rd=ssl\r\n\r\n";
    /* Set up the library */
    ERR_load_BIO_strings();
    SSL_load_error_strings();
    OpenSSL_add_all_algorithms();

    /* Create and setup the connection */
    //bio = BIO_new_connect("web.corp.ema-tech.com:8888");
    printf("___________________________ \n");
    bio = BIO_new_connect("www.yoursite.com:80");

    if(bio == NULL) {
    printf("====___________________________-\n");
        printf("BIO is null\n");

    }

    if(BIO_do_connect(bio) <= 0) {
     printf("     ___________________________@\n");

        BIO_free_all(bio);

    }
printf("___________________________@^\n");

    /* Send the request */
    BIO_write(bio, request, strlen(request));
printf("___________________________0\n");
    /* Read in the response */
    for(;;) {
        ret = BIO_read(bio, resp, 1023);
        printf("----%d\n",ret);
        if(ret <= 0) break;
        resp[ret] = 0;
        printf("%s\n", resp);
    }
    BIO_write(bio,x,sizeof("GET / https://www.yoursite.com/?gws_rd=ssl\r\n\r\n"));
    for(;;) {
            ret = BIO_read(bio, resp, 1023);
            printf("----%d\n",ret);
            if(ret <= 0) break;
            resp[ret] = 0;
            printf("%s\n", resp);
        }
    /* Close the connection and free the context */
    BIO_free_all(bio);

    return 0;
}

CodePudding user response:

If your first request was HTTP (not HTTPS) then the server is mainly telling you to use HTTPS instead of HTTP. Your request would be

char * request = "GET /?gws_rd=ssl HTTP/1.1\r\n" \ 
                 "Host: www.some.com\r\n" ...

The /?gws_rd=ssl is the local resource name (/) and a query string (?gws_rd=ssl) from https://www.some.com/?gws_rd=ssl, while the host name www.some.com goes to the "Host:" header. Some servers will only allow to connect if you are using the server name TLS extension (OpenSSL: "SSL_set_tlsext_host_name") and supply the host name as well.

You could also think about using an C existing library for a HTTPS client, for example:

Both are open source and MIT licensed.

  • Related