client only.Expand description
Client-side follow-redirects middleware for trillium-client.
This module is gated behind the client feature flag. It provides FollowRedirects, a
ClientHandler that automatically follows HTTP redirects (301, 302, 303, 307, 308) up to
a configurable limit, with sensible defaults around security-sensitive cases.
§Behavior
On a redirect response, FollowRedirects resolves the Location header against the
current request URL, applies the policy below, and re-issues the request through the same
client, so the connector and connection pool are reused.
§Method handling
The redirect status determines whether the method changes and whether the request body is replayed:
| Status | Method change | Body |
|---|---|---|
| 301 Moved Permanently | POST → GET, otherwise unchanged | dropped if method changed |
| 302 Found | POST → GET, otherwise unchanged | dropped if method changed |
| 303 See Other | always GET | always dropped |
| 307 Temporary Redirect | unchanged | replayed if static, dropped if streaming |
| 308 Permanent Redirect | unchanged | replayed if static, dropped if streaming |
§Body replay
Static bodies (constructed via Body::new_static or any of the From conversions for
Vec<u8>, &'static [u8], String, &'static str, etc.) are cloned and replayed on
redirect.
Streaming bodies (constructed via Body::new_streaming) are one-shot. Once consumed by
the original request they cannot be replayed, and the redirected request is sent without
a body.
§Cross-origin header filtering
When the redirect target’s origin (scheme + host + port) differs from the original, the following headers are dropped from the redirected request to avoid credential leakage:
AuthorizationCookieProxy-Authorization
§Defaults
- Max redirects: 10. Override with
FollowRedirects::with_max_redirects. - HTTPS → HTTP downgrade: blocked. Allow with
FollowRedirects::with_allow_downgrade. - Cross-origin redirects: allowed. Restrict with
FollowRedirects::with_allowed_origins.
§Example
use trillium_client::Client;
use trillium_redirect::client::FollowRedirects;
use trillium_testing::client_config;
let client =
Client::new(client_config()).with_handler(FollowRedirects::new().with_max_redirects(5));Structs§
- Follow
Redirects - A
ClientHandlerthat automatically follows HTTP redirects.
Enums§
- Redirect
Error - Errors produced by
FollowRedirectswhen a redirect cannot be followed.