Im trying to develop a very basic webserver for self-learning with some basic functionalities.
i encountered a problem where im sending from the browser a POST request with the nessesery data:
POST /login/login_page.html HTTP/1.1
Host: 192.168.1.2:8888
Connection: keep-alive
Content-Length: 39
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: http://192.168.1.2:8888
Referer: http://192.168.1.2:8888/login/login_page.html
Accept-Encoding: gzip, deflate
Accept-Language: he-IL,he;q=0.9,en-US;q=0.8,en;q=0.7
Cookie: session=9NspKVEk13P+Nyjdzscv0A==
username=abc&password=123&action=signin
then i expect the server to respond with a 302 status code and send the location of the redirection, seem fine:
HTTP/1.1 302 Found
Content-Type: text/html
Server: MyCustomPythonServer/1.0
Strict-Transport-Security: max-age=10
Set-Cookie: session=aHj3PHTo+Npx8BuOnSyIqQ==; HttpOnly; Secure; SameSite=None
Location: http://192.168.1.2:8888/posts.html
As expected the browser recives the respones and sends a request for the wanted location:
GET /posts.html HTTP/1.1
Host: 192.168.1.2:8888
Connection: keep-alive
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*
Referer: http://192.168.1.2:8888/login/login_page.html
Accept-Encoding: gzip, deflate
Accept-Language: he-IL,he;q=0.9,en-US;q=0.8,en;q=0.7
The server recives it and handeling is as needed and responding with 200 and the page that needed to be loaded in the browser (i didnt add the entire body, instead i added 2 lines from it):
HTTP/1.1 200 OK
Content-Type: text/html
Server: MyCustomPythonServer/1.0
Strict-Transport-Security: max-age=10
<!DOCTYPE html>
<html lang="en">
This is my ajax code that sohuld handle the redirection:
$.ajax({
type: "POST",
url: url,
data: form.serialize(),
success: function (response, status, xhr) {
// Check for a 302 redirect
if (xhr.status === 302) {
let redirectUrl = xhr.getResponseHeader('Location');
if (redirectUrl) {
window.location.href = redirectUrl;
}
}
else {
$("#message").html("<p style='color: green;'>Form submitted successfully!</p>");
}
},
statusCode: {
401: function () {
$("#message").html("<p style='color: red;'>Unauthorized.<br>Please check your credentials.</p>");
},
409: function () {
$("#message").html("<p style='color: orange;'>Username already exists.<br>Please choose a different username.</p>");
},
500: function () {
$("#message").html("<p style='color: orange;'>Internal server error.</p>");
}
},
error: function () {
$("#message").html("<p style='color: red;'>An unknown error occurred.</p>");
}
});
In case of a success signup it prints as expected -> ‘Form submitted successfully!’
In case of a failed signup (conflict) it prints as expected -> ‘Username already exists.’ with a 409 statuscode
in case of a success signin it prints -> ‘Form submitted successfully!’ and not to the redirection (in the else statement)
in case of a failed signin it prints -> ‘Unauthorized.’ with a 401 statuscode
im lost, i dont know where to dive to understand the issue in my case.
thanks for any help and for reading.