AUTH-2763 don't redirect from curl command

2026-06-08 03:55:11 +08:00 · 2020-06-11 12:02:34 -05:00
parent c716dd273c
commit ae8d784e36
5 changed files with 23 additions and 9 deletions
--- a/cmd/cloudflared/transfer/transfer.go
+++ b/cmd/cloudflared/transfer/transfer.go
@@ -28,12 +28,12 @@ const (
 // The "dance" we refer to is building a HTTP request, opening that in a browser waiting for
 // the user to complete an action, while it long polls in the background waiting for an
 // action to be completed to download the resource.
-func Run(transferURL *url.URL, resourceName, key, value, path string, shouldEncrypt bool, logger logger.Service) ([]byte, error) {
+func Run(transferURL *url.URL, resourceName, key, value, path string, shouldEncrypt bool, shouldRedirect bool, logger logger.Service) ([]byte, error) {
 	encrypterClient, err := encrypter.New("cloudflared_priv.pem", "cloudflared_pub.pem")
 	if err != nil {
 		return nil, err
 	}
-	requestURL, err := buildRequestURL(transferURL, key, value+encrypterClient.PublicKey(), shouldEncrypt)
+	requestURL, err := buildRequestURL(transferURL, key, value+encrypterClient.PublicKey(), shouldEncrypt, shouldRedirect)
 	if err != nil {
 		return nil, err
 	}
@@ -82,7 +82,7 @@ func Run(transferURL *url.URL, resourceName, key, value, path string, shouldEncr
 // BuildRequestURL creates a request suitable for a resource transfer.
 // it will return a constructed url based off the base url and query key/value provided.
 // cli will build a url for cli transfer request.
-func buildRequestURL(baseURL *url.URL, key, value string, cli bool) (string, error) {
+func buildRequestURL(baseURL *url.URL, key, value string, cli, shouldRedirect bool) (string, error) {
 	q := baseURL.Query()
 	q.Set(key, value)
 	baseURL.RawQuery = q.Encode()
@@ -90,8 +90,10 @@ func buildRequestURL(baseURL *url.URL, key, value string, cli bool) (string, err
 		return baseURL.String(), nil
 	}

-	q.Set("redirect_url", baseURL.String()) // we add the token as a query param on both the redirect_url
-	baseURL.RawQuery = q.Encode()           // and this actual baseURL.
+	if shouldRedirect {
+		q.Set("redirect_url", baseURL.String()) // we add the token as a query param on both the redirect_url and the main url
+	}
+	baseURL.RawQuery = q.Encode() // and this actual baseURL.
 	baseURL.Path = "cdn-cgi/access/cli"
 	return baseURL.String(), nil
 }