Bugzilla – Bug 18151
Podcast XML listing failure using HTTPS protocol
Last modified: 2017-05-12 12:09:21 UTC
Created attachment 7758 [details] Proposed patch The Naked Scientists (https://www.thenakedscientists.com) is a popular provider of science related podcasts. They appear to have upgraded their website recently, one consequence being that podcast listings are now provided using the HTTPS protocol. Unfortunately LMS’ attempts to retrieve the podcast listings now fail. Experimentation shows that their server appears to respond incorrectly to the “Host” HTTP(S) header that LMS is providing, being: Host: www.thenakedscientists.com:443 It does respond appropriately if presented with: Host: www.thenakedscientists.com The particular URL I use is https://www.thenakedscientists.com/naked_scientists_podcast.xml The server’s failure is that it keeps providing “301” redirection responses when the Host header incorporates the port number, 443. Regardless of the rights & wrongs of this (I feel that their server is wrong), I propose that LMS suppress the port number from the host string when using the default port (443) for an HTTPS connection. This is the approach adopted by both the curl and wget command line tools. (See below). At present LMS always suppresses port number 80 regardless if the connection is http or https. This isn’t exactly right, either ! Refer Slim/Networking/Async/HTTP.pm add_headers{}. https://github.com/Logitech/slimserver/blob/public/7.9/Slim/Networking/Async/HTTP.pm#L179 The attached patch achieves the proposed behaviour very simply. (Tested on LMS 7.8.1). * Curl - Suppression of port 443 See function “Curl_http” in lib/http.c: https://github.com/curl/curl/blob/master/lib/http.c#L1992 /* if(HTTPS on port 443) OR (HTTP on port 80) then don't include the port number in the host string */ * Wget - Suppression of port 443 See function “initialize_request” in src/http.c: http://git.savannah.gnu.org/cgit/wget.git/tree/src/http.c#n1916 /* Generate the Host header, HOST:PORT. Take into account that: - Broken server-side software often doesn't recognize the PORT argument, so we must generate "Host: www.server.com" instead of "Host: www.server.com:80" (and likewise for https port). * RFCs Some commentary may also be found here: https://tools.ietf.org/html/rfc2616#section-14.23 https://tools.ietf.org/html/rfc2818#section-2.3
Could you please double check the bahaviour with latest LMS 7.9.1? 7.9.1 has additional fixes related to how we deal with https streams.
(In reply to comment #1) > Could you please double check the bahaviour with latest LMS 7.9.1? 7.9.1 has > additional fixes related to how we deal with https streams. That will take a while, as I have no easy way to test 7.9.1 at present. However I have checked on GitHub. The relevant piece of code in 7.9, Slim::Networking::Async::HTTP function "add_headers" has not changed. So I would anticipate the same behaviour in 7.9. This doesn't quite fulfill your request, but it's the best I can do for now !
Commit 1021146a41db9b5ff50072e51a9a178049bba5bf - thanks Martin!