Android Question okhttputils with cloudflare force https

Discussion in 'Android Questions' started by tufanv, Nov 10, 2018.

  1. tufanv

    tufanv Expert Licensed User

    Hello,

    I am sending a request to http://xxx.com/a.php?token=xxxx

    It was working perfect but when I changed the option in cloudflare panel to force https , this request should return everything without problem but it doesn't . It is not delivering the query string with the request so token is not authorized as it is empty. When I send the same request via webview there is no problem , data returns. I asked a friend to try this request with eclipse ( he is traditional programmer that uses eclipse) and he said when he sends the request as http , it returns the data without problem.

    Is there a problem with this ? ( this is same for ios )
     
  2. Erel

    Erel Administrator Staff Member Licensed User

    Moved to the questions forum.

    You should provide a bit more information.

    The client does send the query parameters. You need to find out why they are lost in the redirection.
     
  3. tufanv

    tufanv Expert Licensed User

    That is a more complex thing to do, I couldnt find much info about it , only found one topic at cloudflare , they proposed him to use custome page rules instead of force https , I tried it but no luck. but I just wonder , why it makes different with a code written in eclipse, when my friend makes the request or webview in b4a makes the request to http ( while redirect to https is on ) there is no problem , but request sent with httputils , I am having the problem. Is our httputils is somehow different =?
     
  4. Erel

    Erel Administrator Staff Member Licensed User

    I don't understand which code are you comparing? Is it based on OkHttp?

    Why aren't you sending the request to https directly?
     
  5. tufanv

    tufanv Expert Licensed User

    I dont know what he is using.

    My 7 apps are currently sending request to http, if i update all apps and switch cloudflare to force https, everything is fine but apps that are not updated will get an error i mentioned above. I am trying to solve that.
     
  6. Erel

    Erel Administrator Staff Member Licensed User

    OkHttp follows redirections automatically. Can you post a link that is not followed properly?
     
  7. tufanv

    tufanv Expert Licensed User

    I have sent the test url via pm because it contains sensitive token. I hope it is ok.
     
  8. Erel

    Erel Administrator Staff Member Licensed User

    The issue discussed here is related to the request being a POST request. POST requests are by definition not idempotent (each request changes something). This means that the payload is not redirected as it can lead to unexpected side effects.

    It might work if you set the status code to 307 instead of 301.
    Read more: http://www.alanflavell.org.uk/www/post-redirect.html
     
  9. tufanv

    tufanv Expert Licensed User

    Oh, It is an interesting finding. I will change if it is possible with cloudflare and get back to you with results. Thanks very much.
     
  10. tufanv

    tufanv Expert Licensed User

    unfortunately cloudflare only allows 301 or 302 redirect so I am not able to achieve this. Only way remaining is to change the code in all apps from http to https.
     
  11. Erel

    Erel Administrator Staff Member Licensed User

    Can't you redirect from your PHP script?
     
  12. tufanv

    tufanv Expert Licensed User

    Never thought of that. I will check now.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice