fix: specified code may not used in redirect

2025-02-20 11:44:28 +08:00 · 2023-04-20 21:59:55 +09:00 · 2023-04-20 21:59:55 +09:00 · 3b17b34684
commit 3b17b34684
parent bcdb79b38b
3 changed files with 26 additions and 26 deletions
--- a/system/HTTP/ResponseTrait.php
+++ b/system/HTTP/ResponseTrait.php
@ -503,11 +503,6 @@ trait ResponseTrait
     */
    public function redirect(string $uri, string $method = 'auto', ?int $code = null)
    {
-        // Assume 302 status code response; override if needed
-        if (empty($code)) {
-            $code = 302;
-        }
-
        // IIS environment likely? Use 'refresh' for better compatibility
        if (
            $method === 'auto'
@ -515,16 +510,20 @@ trait ResponseTrait
            && strpos($_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS') !== false
        ) {
            $method = 'refresh';
+        } elseif ($method !== 'refresh' && $code === null) {
+            // override status code for HTTP/1.1 & higher
+            if (
+                isset($_SERVER['SERVER_PROTOCOL'], $_SERVER['REQUEST_METHOD'])
+                && $this->getProtocolVersion() >= 1.1
+            ) {
+                $code = ($_SERVER['REQUEST_METHOD'] !== 'GET')
+                    ? 303 // reference: https://en.wikipedia.org/wiki/Post/Redirect/Get
+                    : 307;
+            }
        }

-        // override status code for HTTP/1.1 & higher
-        // reference: http://en.wikipedia.org/wiki/Post/Redirect/Get
-        if (
-            isset($_SERVER['SERVER_PROTOCOL'], $_SERVER['REQUEST_METHOD'])
-            && $this->getProtocolVersion() >= 1.1
-            && $method !== 'refresh'
-        ) {
-            $code = ($_SERVER['REQUEST_METHOD'] !== 'GET') ? 303 : ($code === 302 ? 307 : $code);
+        if ($code === null) {
+            $code = 302;
        }

        switch ($method) {
--- a/tests/system/CodeIgniterTest.php
+++ b/tests/system/CodeIgniterTest.php
@ -457,6 +457,7 @@ final class CodeIgniterTest extends CIUnitTestCase

        // Inject mock router.
        $routes = Services::routes();
+        // addRedirect() sets status code 302 by default.
        $routes->addRedirect('example', 'pages/notset');

        $router = Services::router($routes, Services::incomingrequest());
@ -468,7 +469,7 @@ final class CodeIgniterTest extends CIUnitTestCase

        $response = $this->getPrivateProperty($this->codeigniter, 'response');
        $this->assertSame('http://example.com/pages/notset', $response->header('Location')->getValue());
-        $this->assertSame(307, $response->getStatusCode());
+        $this->assertSame(302, $response->getStatusCode());
    }

    public function testRunRedirectionWithGETAndHTTPCode301()
@ -516,7 +517,7 @@ final class CodeIgniterTest extends CIUnitTestCase
        ob_get_clean();

        $response = $this->getPrivateProperty($this->codeigniter, 'response');
-        $this->assertSame(303, $response->getStatusCode());
+        $this->assertSame(301, $response->getStatusCode());
    }

    public function testStoresPreviousURL()
--- a/tests/system/HTTP/ResponseTest.php
+++ b/tests/system/HTTP/ResponseTest.php
@ -296,22 +296,22 @@ final class ResponseTest extends CIUnitTestCase
        yield from [
            ['Apache/2.4.17', 'HTTP/1.1', 'GET', null, 307],
            ['Apache/2.4.17', 'HTTP/1.1', 'GET', 307, 307],
-            ['Apache/2.4.17', 'HTTP/1.1', 'GET', 302, 307],
+            ['Apache/2.4.17', 'HTTP/1.1', 'GET', 302, 302],
            ['Apache/2.4.17', 'HTTP/1.1', 'POST', null, 303],
-            ['Apache/2.4.17', 'HTTP/1.1', 'POST', 307, 303],
-            ['Apache/2.4.17', 'HTTP/1.1', 'POST', 302, 303],
+            ['Apache/2.4.17', 'HTTP/1.1', 'POST', 307, 307],
+            ['Apache/2.4.17', 'HTTP/1.1', 'POST', 302, 302],
            ['Apache/2.4.17', 'HTTP/1.1', 'HEAD', null, 303],
-            ['Apache/2.4.17', 'HTTP/1.1', 'HEAD', 307, 303],
-            ['Apache/2.4.17', 'HTTP/1.1', 'HEAD', 302, 303],
+            ['Apache/2.4.17', 'HTTP/1.1', 'HEAD', 307, 307],
+            ['Apache/2.4.17', 'HTTP/1.1', 'HEAD', 302, 302],
            ['Apache/2.4.17', 'HTTP/1.1', 'OPTION', null, 303],
-            ['Apache/2.4.17', 'HTTP/1.1', 'OPTION', 307, 303],
-            ['Apache/2.4.17', 'HTTP/1.1', 'OPTION', 302, 303],
+            ['Apache/2.4.17', 'HTTP/1.1', 'OPTION', 307, 307],
+            ['Apache/2.4.17', 'HTTP/1.1', 'OPTION', 302, 302],
            ['Apache/2.4.17', 'HTTP/1.1', 'PUT', null, 303],
-            ['Apache/2.4.17', 'HTTP/1.1', 'PUT', 307, 303],
-            ['Apache/2.4.17', 'HTTP/1.1', 'PUT', 302, 303],
+            ['Apache/2.4.17', 'HTTP/1.1', 'PUT', 307, 307],
+            ['Apache/2.4.17', 'HTTP/1.1', 'PUT', 302, 302],
            ['Apache/2.4.17', 'HTTP/1.1', 'DELETE', null, 303],
-            ['Apache/2.4.17', 'HTTP/1.1', 'DELETE', 307, 303],
-            ['Apache/2.4.17', 'HTTP/1.1', 'DELETE', 302, 303],
+            ['Apache/2.4.17', 'HTTP/1.1', 'DELETE', 307, 307],
+            ['Apache/2.4.17', 'HTTP/1.1', 'DELETE', 302, 302],
        ];
    }