On Mon, Nov 02, 2009 at 05:24:38PM +0100, Matthias Bolte wrote: > 2009/10/29 Matthias Bolte <matthias.bolte@xxxxxxxxxxxxxx>: > > 2009/10/28 Daniel P. Berrange <berrange@xxxxxxxxxx>: > >> On Wed, Oct 28, 2009 at 09:12:06PM +0100, Matthias Bolte wrote: > >>> The default transport for the VI API is HTTPS. If the server redirects > >>> from HTTPS to HTTP the driver would silently follow that redirection. > >>> The user assumes to communicate with the server over a secure transport > >>> but isn't. > >> > >> Good catch, this is definitely something we don't want to happen. > >> > >>> This patch disables automatical redirection following. The driver reports > >>> an error if the server tries to redirect. > >> > >> Is the user likely to hit any redirects in the real world, or is this > >> just an edge case. If they're likely to hit redirects, then we might > >> want to allow a redirect if it points to another paths on the same > >> server as the original URI, and is using HTTPS. > >> > >> Daniel > > > > As far as I can tell it's an edge case. > > > > The available transports can be configured on the ESX server. Default > > is HTTPS-only, but you can configure it to use HTTPS+HTTP or > > HTTP-only. The ESX server redirects you to the other protocol if you > > try to access it via a disabled one. I'm not aware of any other > > situation that results in a redirect. > > > > Matthias > > > > If not doubts are left then I'm going to push this 5 ESX patches. Fine by me ! Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@xxxxxxxxxxxx | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list