Fix redirect with parameters

Netdata was missing query string when there was redirect, this PR fixes this.

1 files changed, 34 insertions, 32 deletions

diff --git a/web/server/web_client.c b/web/server/web_client.c
index 9792de68ab..e60d0a94e2 100644
--- a/web/server/web_client.c
+++ b/web/server/web_client.c
@@ -1084,6 +1084,10 @@ static inline HTTP_VALIDATION http_request_validate(struct web_client *w) {
                     if ((w->ssl.conn) && ((w->ssl.flags & NETDATA_SSL_NO_HANDSHAKE) && (web_client_is_using_ssl_force(w) || web_client_is_using_ssl_default(w)) && (w->mode != WEB_CLIENT_MODE_STREAM))  ) {
                         w->header_parse_tries = 0;
                         w->header_parse_last_size = 0;
+                        // The client will be redirected for Netdata and we are preserving the original request.
+                        *ue = '\0';
+                        strncpyz(w->last_url, encoded_url, NETDATA_WEB_REQUEST_URL_SIZE);
+                        *ue = ' ';
                         web_client_disable_wait_receive(w);
                         return HTTP_VALIDATION_REDIRECT;
                     }
@@ -1158,39 +1162,30 @@ void web_client_build_http_header(struct web_client *w) {
         strftime(edate, sizeof(edate), "%a, %d %b %Y %H:%M:%S %Z", tm);
     }
 
-    char headerbegin[8328];
     if (w->response.code == HTTP_RESP_MOVED_PERM) {
-        memcpy(headerbegin,"\r\nLocation: https://",20);
-        size_t headerlength = strlen(w->server_host);
-        memcpy(&headerbegin[20],w->server_host,headerlength);
-        headerlength += 20;
-        size_t tmp = strlen(w->last_url);
-        memcpy(&headerbegin[headerlength],w->last_url,tmp);
-        headerlength += tmp;
-        memcpy(&headerbegin[headerlength],"\r\n",2);
-        headerlength += 2;
-        headerbegin[headerlength] = 0x00;
+        buffer_sprintf(w->response.header_output,
+                       "HTTP/1.1 %d %s\r\n"
+                       "Location: https://%s%s\r\n",
+                       w->response.code, code_msg,
+                       w->server_host,
+                       w->last_url);
     }else {
-        memcpy(headerbegin,"\r\n",2);
-        headerbegin[2]=0x00;
-    }
-
-    buffer_sprintf(w->response.header_output,
-            "HTTP/1.1 %d %s\r\n"
-                    "Connection: %s\r\n"
-                    "Server: NetData Embedded HTTP Server %s\r\n"
-                    "Access-Control-Allow-Origin: %s\r\n"
-                    "Access-Control-Allow-Credentials: true\r\n"
-                    "Content-Type: %s\r\n"
-                    "Date: %s%s"
-                   , w->response.code, code_msg
-                   , web_client_has_keepalive(w)?"keep-alive":"close"
-                   , VERSION
-                   , w->origin
-                   , content_type_string
-                   , date
-                   , headerbegin
-    );
+        buffer_sprintf(w->response.header_output,
+                       "HTTP/1.1 %d %s\r\n"
+                       "Connection: %s\r\n"
+                       "Server: NetData Embedded HTTP Server %s\r\n"
+                       "Access-Control-Allow-Origin: %s\r\n"
+                       "Access-Control-Allow-Credentials: true\r\n"
+                       "Content-Type: %s\r\n"
+                       "Date: %s\r\n",
+                       w->response.code,
+                       code_msg,
+                       web_client_has_keepalive(w)?"keep-alive":"close",
+                       VERSION,
+                       w->origin,
+                       content_type_string,
+                       date);
+    }
 
     if(unlikely(web_x_frame_options))
         buffer_sprintf(w->response.header_output, "X-Frame-Options: %s\r\n", web_x_frame_options);
@@ -1583,7 +1578,14 @@ void web_client_process_request(struct web_client *w) {
         {
             buffer_flush(w->response.data);
             w->response.data->contenttype = CT_TEXT_HTML;
-            buffer_strcat(w->response.data, "<!DOCTYPE html><!-- SPDX-License-Identifier: GPL-3.0-or-later --><html><body onload=\"window.location.href ='https://'+ window.location.hostname + ':' + window.location.port +  window.location.pathname\">Redirecting to safety connection, case your browser does not support redirection, please click <a onclick=\"window.location.href ='https://'+ window.location.hostname + ':' + window.location.port +  window.location.pathname\">here</a>.</body></html>");
+            buffer_strcat(w->response.data,
+                          "<!DOCTYPE html><!-- SPDX-License-Identifier: GPL-3.0-or-later --><html>"
+                          "<body onload=\"window.location.href ='https://'+ window.location.hostname +"
+                          " ':' + window.location.port + window.location.pathname + window.location.search\">"
+                          "Redirecting to safety connection, case your browser does not support redirection, please"
+                          " click <a onclick=\"window.location.href ='https://'+ window.location.hostname + ':' "
+                          " + window.location.port + window.location.pathname + window.location.search\">here</a>."
+                          "</body></html>");
             w->response.code = HTTP_RESP_MOVED_PERM;
             break;
         }