Data attached to POST request is gone during redirection to GET with CURL

Question

I wrote followed command to send POST with JSON data to server. The server must redirect my request and send GET with the same data:

curl  -L -i -XPOST \
     -d 'id=105' \
     -d 'json={"orderBy":0,"maxResults":50}'  http://mysite.com/ctlClient/

I get response:

HTTP/1.1 302 Found
Date: Thu, 04 Jul 2013 13:12:08 GMT
Server: Apache
X-Powered-By: PHP/5.3.19
Set-Cookie: PHPSESSID=1hn0g8d7gtfl4nghjvab63btmk2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: http://mysite.com/fwf/online/
Content-Length: 0
Connection: close
Content-Type: text/html

HTTP/1.1 200 OK
Date: Thu, 04 Jul 2013 13:12:08 GMT
Server: Apache
X-Powered-By: PHP/5.3.19
Set-Cookie: PHPSESSID=16akc7kdcoet71ipjflk9o9cnm5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html

From access-log I see:

 "POST /ctlClient/ HTTP/1.1" 302 - "-" "Apache-HttpClient/4.1 (java 1.5)"
 "GET /fwf/online/ HTTP/1.1" 200 1 "-" "Apache-HttpClient/4.1 (java 1.5)"

So far so good,

The problem is that GET doesn't receives my data added to post. Sounds like during redirect my data dismissed somehow. From Android client it works, therefore its not Server side problem.

What I need to do to pass POST data to GET request?

Thank you very much,

[EDIT]

@nif offerd to upgrade CURL, i did , to 7.28.0.

Still get the same problem

[INFO]

1st time i go to http://mysite.com/ctlClient/index.php where:

 case 105: // id=105
        session_unset();
        session_start();
        foreach($_POST as $key => $value){$_SESSION[$key] = $value;}
        ctlGotoSameDomain("/fwf/online/"); // <- aka redirect
        return true;

after redirect i go to /fwf/online/index.php and there my request is empty:

public function __construct() {
        $this->json = isset($_SESSION['json']) ? $_SESSION['json'] : null;
        msqLogFile("fwf/post", Array('post' => 'Request: '.$this->json));

    }

http://mysite.com/ctlClient/index.php get 2 parameters properly: id and json

http://stackoverflow.com/questions/1309456/redirect-to-new-page-w-post-data-php-zend — Zang MingJie, Jul 04 '13 at 13:23

score 8 · Answer 1 · edited Jun 20 '20 at 09:12

8

From curl's manpage:

When curl follows a redirect and the request is not a plain GET (for example POST or PUT), it will do the following request with a GET if the HTTP response was 301, 302, or 303. If the response code was any other 3xx code, curl will re-send the following request using the same unmodified method.

Edit

I did some research and found out, that it might be a problem with your curl version. Newer version will honour the -XPOST option and will POST to the redirected location as well. But older versions had an own option for this, i.e. --post301 and --post302. According to their manpage:

--post301 Tells curl to respect RFC 2616/10.3.2 and not convert POST requests into GET requests when following a 301 redirection. The non-RFC behaviour is ubiquitous in web browsers, so curl does the conversion by default to maintain consistency. However, a server may require a POST to remain a POST after such a redirection. This option is meaningful only when using -L, --location (Added in 7.17.1)

--post302 Tells curl to respect RFC 2616/10.3.2 and not convert POST requests into GET requests when following a 302 redirection. The non-RFC behaviour is ubiquitous in web browsers, so curl does the conversion by default to maintain consistency. However, a server may require a POST to remain a POST after such a redirection. This option is meaningful only when using -L, --location (Added in 7.19.1)

References:

edited Jun 20 '20 at 09:12

Community

1
1

answered Jul 04 '13 at 13:47

nif

3,342
20
18

Strange. From Android it work's. Redirects with 302 and pass data – Maxim Shoustin Jul 04 '13 at 14:35
That's truly strange. In the first reference I posted, it is mentioned that setting `-XPOST` will work around this issue. But it seems that this doesn't always work, as the OP used the flag but the method changed. Maybe it works for some curl versions only. – nif Jul 04 '13 at 14:43
I have `curl 7.15.5 (x86_64-redhat-linux-gnu)` – Maxim Shoustin Jul 04 '13 at 16:54
@MaximShoustin: After taking a quick look at the source code of 7.15.5, I can't see a way to override the behaviour. You should upgrade to a newer version. – nif Jul 04 '13 at 17:17
:( ver 7.28.0 doesn't work also, after POST, GET redirect is empty – Maxim Shoustin Jul 04 '13 at 18:48
2

7.28.0 should have the `--post301` and `--post302` options. Have you tried them? – nif Jul 04 '13 at 19:13
Yes, means do not switch to GET after redirect, but after switch i NEED `GET` – Maxim Shoustin Jul 04 '13 at 19:17
see my additional info, the request is empty. I put 1st time data to session, but after redirect it empty – Maxim Shoustin Jul 04 '13 at 19:22

score 1 · Answer 2 · answered Jul 05 '13 at 06:59

I need to add -b to my script to enable the cookies. CURL by default doesn't use them and this issue caused to session ID change. Therefore no data transferred.

curl -b -L -i -X POST \
 -d 'id=105' \
 -d 'json={"orderBy":0,"maxResults":50}'  http://mysite.com/ctlClient/

Now its working

Data attached to POST request is gone during redirection to GET with CURL

2 Answers2