Please fix 301 redirects in API - server changes causing issues since 22 June

Bug #1700142 reported by pgg on 2017-06-23
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ratings and Reviews server
High
Colin Watson

Bug Description

Hello,

As of ~ 21 hours ago I have been seeing many hundreds of error reports concerning fetching reviews from the rnr-server API. The earliest instance appears to be Thursday, June 22, 2017 22:45 UTC.

A typical request has been http://reviews.ubuntu.com/reviews/api/1.0/reviews/filter/en/any/any/any/gimp/page/1/newest/ - this normally gives a json response. Unfortunately since yesterday evening this now redirects to a html page, rather than the desired json api.

It would appear that the intention of recent server changes was to redirect http calls to https calls. Unfortunately
http://reviews.ubuntu.com/reviews/api/1.0/reviews/filter/en/any/any/any/gimp/page/1/newest/ gives a 301 redirect to https://reviews.ubuntu.com/ which gives a 301 redirect to https://reviews.ubuntu.com/reviews/ which is an html page instead of a json api.

I can only assume that the intention was that e.g. http://reviews.ubuntu.com/reviews/api/1.0/reviews/filter/en/any/any/any/gimp/page/1/newest/ is meant to 301 redirect to https://reviews.ubuntu.com/reviews/api/1.0/reviews/filter/en/any/any/any/gimp/page/1/newest/ .

Would you be able to fix this?

I will issue an update to my application to call the https url directly (and be a bit more robust with unexpected responses), but reality is that it is going to take months before the update trickles out to most users. Until they install the update everyone will be hit with error messages popping up which is not ideal, so fixing the server redirects would be of great help.

Thanks.

TEST CASE (which doesn't redirect properly):

$ curl -Lv http://reviews.ubuntu.com/reviews/api/1.0/reviews/filter/en/any/any/any/gimp/page/1/newest/
* Trying 162.213.33.12...
* TCP_NODELAY set
* Connected to reviews.ubuntu.com (162.213.33.12) port 80 (#0)
> GET /reviews/api/1.0/reviews/filter/en/any/any/any/gimp/page/1/newest/ HTTP/1.1
> Host: reviews.ubuntu.com
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Date: Fri, 23 Jun 2017 17:02:55 GMT
< Server: Apache/2.4.7 (Ubuntu)
< Location: https://reviews.ubuntu.com/
< Content-Length: 318
< Content-Type: text/html; charset=iso-8859-1
<
* Ignoring the response-body
* Curl_http_done: called premature == 0
* Connection #0 to host reviews.ubuntu.com left intact
* Issue another request to this URL: 'https://reviews.ubuntu.com/'
* Trying 162.213.33.12...
* TCP_NODELAY set
* Connected to reviews.ubuntu.com (162.213.33.12) port 443 (#1)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=GB; ST=London; L=London; O=Canonical Group Ltd; OU=IS; CN=reviews.ubuntu.com
* start date: Jun 15 00:00:00 2017 GMT
* expire date: Jun 20 12:00:00 2018 GMT
* subjectAltName: host "reviews.ubuntu.com" matched cert's "reviews.ubuntu.com"
* issuer: C=US; O=DigiCert Inc; CN=DigiCert SHA2 Secure Server CA
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: reviews.ubuntu.com
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 301 MOVED PERMANENTLY
< Date: Fri, 23 Jun 2017 17:02:55 GMT
< Server: gunicorn/19.3.0
< Content-Length: 0
< Content-Type: text/html; charset=utf-8
< Location: https://reviews.ubuntu.com/reviews/
< X-Bzr-Revision-Number: 322
< Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
<
* Curl_http_done: called premature == 0
* Connection #1 to host reviews.ubuntu.com left intact
* Issue another request to this URL: 'https://reviews.ubuntu.com/reviews/'
* Found bundle for host reviews.ubuntu.com: 0x55c319d16140 [can pipeline]
* Re-using existing connection! (#1) with host reviews.ubuntu.com
* Connected to reviews.ubuntu.com (162.213.33.12) port 443 (#1)
> GET /reviews/ HTTP/1.1
> Host: reviews.ubuntu.com
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Fri, 23 Jun 2017 17:02:55 GMT
< Server: gunicorn/19.3.0
< Content-Length: 9429
< Expires: Fri, 23 Jun 2017 17:06:14 GMT
< Last-Modified: Fri, 23 Jun 2017 17:01:14 GMT
< Cache-Control: max-age=300
< Content-Type: text/html; charset=utf-8
< X-Bzr-Revision-Number: 322
< Vary: Accept-Encoding
< Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
<
<!DOCTYPE (... HTML PAGE...)</html>
* Curl_http_done: called premature == 0
* Connection #1 to host reviews.ubuntu.com left intact

Colin Watson (cjwatson) on 2017-06-24
Changed in rnr-server:
status: New → In Progress
importance: Undecided → High
assignee: nobody → Colin Watson (cjwatson)
Colin Watson (cjwatson) wrote :
Changed in rnr-server:
status: In Progress → Fix Released
pgg (pgg) wrote :

Thanks Colin :)

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers