You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've searched existing issues and found nothing related to my issue.
Describe the bug
I have a service which automatically redirects and HTTP requests to corresponding HTTPS URLs with a 307 response. When sending an HTTP request to such a service from Bruno, it automatically repeats the request to the HTTPS URL from the redirect response. However, the timeline view doesn't indicate this and makes it appear as if the final HTTPS response came from the original HTTP endpoint.
This gets even more confusing if such endpoints require a valid Authorization header. In this case, Bruno only sends the Authorization header to the HTTP endpoint, which results in a 307 response, but omits it from the second request to the HTTPS redirect URL, which therefore results in a 401 response.
The actual network communication is (including only relevant headers:
GET http://localhost:5194/weatherforecast/
Authorization: Bearer ...
HTTP/1.1 307
Location: https://localhost:7071/weatherforecast/
GET https://localhost:7071/weatherforecast/
HTTP/1.1 401
www-authenticate: Bearer
The timeline view in Bruno gives no indication of the redirect:
a .NET 8 project implementing the described redirect behavior
a Bruno collection folder with the problematic HTTP request
To reproduce the behavior, you can run the project with the following command (assuming you have .NET 8 SDK installed):
cd WebApiOAuth
dotnet run -lp https
Once it's running, you can send the "Get via HTTP" request from Bruno to see the described behavior. The running .NET application will log requests and response to the console.
The text was updated successfully, but these errors were encountered:
I have checked the following:
Describe the bug
I have a service which automatically redirects and HTTP requests to corresponding HTTPS URLs with a 307 response. When sending an HTTP request to such a service from Bruno, it automatically repeats the request to the HTTPS URL from the redirect response. However, the timeline view doesn't indicate this and makes it appear as if the final HTTPS response came from the original HTTP endpoint.
This gets even more confusing if such endpoints require a valid
Authorization
header. In this case, Bruno only sends theAuthorization
header to the HTTP endpoint, which results in a 307 response, but omits it from the second request to the HTTPS redirect URL, which therefore results in a 401 response.The actual network communication is (including only relevant headers:
The timeline view in Bruno gives no indication of the redirect:
Postmen behaves differently:
Authorization
header in the second request which therefore succeedsI think that Bruno should at least show details about both requests that were made.
.bru file to reproduce the bug
Screenshots/Live demo link
I have a GitHub repository containing (among other files):
To reproduce the behavior, you can run the project with the following command (assuming you have .NET 8 SDK installed):
cd WebApiOAuth dotnet run -lp https
Once it's running, you can send the "Get via HTTP" request from Bruno to see the described behavior. The running .NET application will log requests and response to the console.
The text was updated successfully, but these errors were encountered: