Scripting | Disable follow redirects / change Connection

[nitroglyzerin]

Is your feature request related to a problem? Please describe.

Scripting logins or complex HTTP sequences is problematic with sendHttpRequest due to:

1. Connection: close Header: This header seems to be added by default and cannot be overridden to keep-alive, which can affect session handling on some servers.
2. Forced Automatic Redirects: sendHttpRequest automatically follows HTTP redirects (e.g., 302). This prevents the script from:
   • Accessing the headers of the intermediate redirect response (like Location and crucially Set-Cookie which often establishes the authenticated session).
   • Manually controlling the headers of the request to the redirected Location. If the automatically followed GET request has unsuitable headers (e.g., a non-browser User-Agent), the server might reject the (now authenticated) session, breaking the login flow.

Describe the solution you'd like

Enhance sendHttpRequest with options for:

1. followRedirects: false (boolean, defaults to true): If false, the function should return the 301/302/etc. response itself, allowing the script to inspect its headers (especially Location, Set-Cookie) and then manually make a new, fully controlled request to the target URL using the new session information.
2. Connection Header Control: Allow a Connection header specified in the headers option (e.g., Connection: keep-alive) to override the client's default behavior.

Describe alternatives you've considered

• Forcing JSON responses (via Accept/X-Requested-With headers) to avoid server-side 302 redirects: This is server-dependent and not always honored.
• Relying on current automatic redirect handling: Fails if the automatically generated request to the redirect target is not accepted by the server (due to its headers or session handling), even if the initial response setting up the session was successful.
• Raw TCP (sendTCPPacket): Not viable for HTTPS due to lack of SSL/TLS handling.

Additional context

A common failure scenario:

1. POST to /login_check.php (with correct credentials).
2. Server responds 302 Found, Location: /dashboard.php, and Set-Cookie: PHPSESSID=authenticated_id.
3. sendHttpRequest automatically follows the redirect. The script cannot access the authenticated_id from the 302's Set-Cookie header to ensure it's used correctly for the next manual request or to verify the session.
4. If the automatic GET to /dashboard.php (made by sendHttpRequest itself) has headers the server dislikes (e.g., a default app User-Agent), /dashboard.php may reject the session, leading to a failed login from the script's perspective.

The ability to capture the 302 response (especially Set-Cookie) and then manually issue the subsequent GET with full header control is essential for robustly scripting these login flows. The default Connection: close might also contribute to issues with some server-side session mechanisms.

[Waboodoo]

Thanks for the detailed feature request. I will look into this when I have the time.
The sendHttpRequest function is still fairly new and limitted, and is not meant as a full replacement for a regular HTTP Shortcut. For now, as a workaround, I suggest you create an HTTP Shortcut and trigger that via the executeShortcut() function, as for regular HTTP Shortcuts it is already possible to change the "follow redirects" and "keep connection open" behavior.

[Waboodoo]

As of version 3.30.0, the sendHttpRequest function now supports the "followRedirects" option. It is true by default.
It is now also possible to override the default "Connection" header by supplying your own. So your code could look something like this:

const result = sendHttpRequest(
  "https://example.com",
  {
    followRedirects: false,
    headers: {
      "Connection": "keep-alive",
    },
  },
);

[nitroglyzerin]

Wow thanks, that should solve my use case.

It didn't work before because executing shortcuts is an sync task and u have requests that need to be fullfilled to change a server sided flag so that one request can deliver a different outcome in after another request was completed.

Thank you for the quick and great work. Love the App.
The Swiss Army Knive of http on android❤️

Keep up the great work!