MCPcopy Index your code
hub / github.com/nodejs/node / httpRedirectFetch

Function httpRedirectFetch

deps/undici/undici.js:13979–14037  ·  view source on GitHub ↗
(fetchParams, response)

Source from the content-addressed store, hash-verified

13977 }
13978 __name(httpFetch, "httpFetch");
13979 function httpRedirectFetch(fetchParams, response) {
13980 const request = fetchParams.request;
13981 const actualResponse = response.internalResponse ? response.internalResponse : response;
13982 let locationURL;
13983 try {
13984 locationURL = responseLocationURL(
13985 actualResponse,
13986 requestCurrentURL(request).hash
13987 );
13988 if (locationURL == null) {
13989 return response;
13990 }
13991 } catch (err) {
13992 return Promise.resolve(makeNetworkError(err));
13993 }
13994 if (!urlIsHttpHttpsScheme(locationURL)) {
13995 return Promise.resolve(makeNetworkError("URL scheme must be a HTTP(S) scheme"));
13996 }
13997 if (request.redirectCount === 20) {
13998 return Promise.resolve(makeNetworkError("redirect count exceeded"));
13999 }
14000 request.redirectCount += 1;
14001 if (request.mode === "cors" && (locationURL.username || locationURL.password) && !sameOrigin(request, locationURL)) {
14002 return Promise.resolve(makeNetworkError('cross origin not allowed for request mode "cors"'));
14003 }
14004 if (request.responseTainting === "cors" && (locationURL.username || locationURL.password)) {
14005 return Promise.resolve(makeNetworkError(
14006 'URL cannot contain credentials for request mode "cors"'
14007 ));
14008 }
14009 if (actualResponse.status !== 303 && request.body != null && request.body.source == null) {
14010 return Promise.resolve(makeNetworkError());
14011 }
14012 if ([301, 302].includes(actualResponse.status) && request.method === "POST" || actualResponse.status === 303 && !GET_OR_HEAD.includes(request.method)) {
14013 request.method = "GET";
14014 request.body = null;
14015 for (const headerName of requestBodyHeader) {
14016 request.headersList.delete(headerName);
14017 }
14018 }
14019 if (!sameOrigin(requestCurrentURL(request), locationURL)) {
14020 request.headersList.delete("authorization", true);
14021 request.headersList.delete("proxy-authorization", true);
14022 request.headersList.delete("cookie", true);
14023 request.headersList.delete("host", true);
14024 }
14025 if (request.body != null) {
14026 assert(request.body.source != null);
14027 request.body = safelyExtractBody(request.body.source)[0];
14028 }
14029 const timingInfo = fetchParams.timingInfo;
14030 timingInfo.redirectEndTime = timingInfo.postRedirectStartTime = coarsenedSharedCurrentTime(fetchParams.crossOriginIsolatedCapability);
14031 if (timingInfo.redirectStartTime === 0) {
14032 timingInfo.redirectStartTime = timingInfo.startTime;
14033 }
14034 request.urlList.push(locationURL);
14035 setRequestReferrerPolicyOnRedirect(request, actualResponse);
14036 return mainFetch(fetchParams, true);

Callers 1

httpFetchFunction · 0.70

Calls 14

includesMethod · 0.80
responseLocationURLFunction · 0.70
requestCurrentURLFunction · 0.70
makeNetworkErrorFunction · 0.70
urlIsHttpHttpsSchemeFunction · 0.70
sameOriginFunction · 0.70
safelyExtractBodyFunction · 0.70
mainFetchFunction · 0.70
deleteMethod · 0.65
assertFunction · 0.50

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…