koobas.hobune.stream
WWW does not show Location in header response (302/Redirect)
There are some nice guides out there on how to manually handle redirects (HTTP code 302) using the Unity WWW class. See:
http://answers.unity3d.com/questions/143863/doesnt-www-like-http-302-redirect.html
http://forum.unity3d.com/threads/issues-with-wwwform-necessary-data-rewind-wasnt-possible.64152/
There's one thing though... when scanning the response headers for a 'Location' header it doesn't show?
Using Fiddler (or WireShark) I can see that the response does indeed have this header: 
..so using this piece of code in Unity I'm expecting to have it listed: 
But that is not the case. Here's the Unity console log (five headers found):
STATUS HTTP/1.1 302 Found
X-POWERED-BY Someone
CACHE-CONTROL private, no-cache, no-store, must-revalidate
EXPIRES -1
PRAGMA no-cache
Anyone have an idea?
Seems like someone else has encountered this wall as well: http://answers.unity3d.com/questions/974722/what-is-a-good-cross-platform-alternative-to-www.html
Attempted adding a custom header like 'redirectURL' on server response that would reach the scan before getting cut off by WWW-bug. It is successful but problem is that I'm dependent on setting a cookie and the SET-COO$$anonymous$$IE header is cut off like all the other headers following 'Location'. So now I'm in the works of creating a custom-header for that data as well (getting said data from server pre-response is proving a challenge though).
Used reflection on the www object and then calling the protected property 'responseHeadersString' and it makes it clear that the headers are missing on the C# layer (as detailed in the question-link within my first comment). Reflection-tip was found here: https://feedback.unity3d.com/suggestions/wwwresponseheaders-dont-follo
Well the final solution was to 'hack' the server-side code.
I am now reshuffling my HTTP headers so 'set-cookie' comes before 'Location' (which is where the rest of the HTTP header fields gets cut off due to the underlying Unity WWW bug).
I am also adding a custom header called 'redirectURL' that has the same value as 'Location' would have.
Within Unity scripts I'm handling the redirect and cookie management manually.
EDIT: Actually since you can't set headers with a Unity WWW GET-request (sigh) meaning I can't add cookie I ended up adding another custom header. Server now also sends 'sessionID' which I can pass back from Unity as a URL query parameter.
2ND EDIT: Deployed on Android (outside of the Editor) the behavior changes drastically. Likely it's using a different library than CURL. But to summarize: It redirects but it doesn't apply cookie or give control before re-directing (so you can't pass sessionID etc). The solution altogether is to have an alternative login function server-side purely for Unity that doesn't even attempt to redirect. Handle every step of the way manually.
@Wollan How did you figure out which header was causing the error? Im getting the same bug you are but idk where to start. You had more than Location taken off your response. How did you know what order to put them in?
In the original Question you can see a screenshot from fiddler showing the full response as it exits server-side. If you compare it to the Unity log detailed just below that image you will see the contents cuts off right before the 'Location' header is supposed to show. I just ended up making sure to put in all the important stuff before that 'Location' header hit (I also tried deleting the 'Location' header but there was complications with the lib I was using server-side).
A snippet from my server-side code:
//first I apply my custom headers which will come first in the response (above 'Location')
response.set('sessionID', session.id); //initial request from android had login details, my server-side code generates a valid session object.
response.set('redirectURL', '/myserverapuiurl/user'); //I manually redirect to this url within Android after with the sessionID in hand.
response.send('Logged in'); //this is actually where the full response is both built and sent within my server code
Hmm weird. Here are my responses in my unity app.
content-type: [application/json; charset=utf8, cache-control: "max-age: 0, must-revalidate]
And here are the response header keys in Charlesproxy. Doesn't seem to be an order thing for me HTTP/1.1 200 O$$anonymous$$\n
X-Frame-Options: ALLOWALL
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: null
Access-Control-Request-$$anonymous$$ethod: *
Content-Type: application/json; charset=utf-8
Test-Header3: YES
Access-Control-Allow-$$anonymous$$ethods: GET, HEAD, POST, PUT, PATCH, $$anonymous$$ETE, OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-token: dH3fzaZCaiYbwz26Td5CtA
token-type: Bearer
client: FUzJ1Auzpl8maxfePxIa5Q
expiry: 1487715230
ETag: W/"90b9df6359868e46dffd9fb5e01922f9"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 42722eba-09f1-401e-9b79-7e34380cb596
X-Runtime: 0.331878
Access-Control-$$anonymous$$ax-Age: 1728000
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Proxy-Connection: $$anonymous$$eep-alive
Are you quite confident in your case it had directly to do with order?
Is there an issue tracker for that "underlying Unity WWW bug" you mentioned?
I have searched and the closest I could find was this:
Which is flagged as "Not reproducible".
I do need to read the Location for deep linking purposes, but I am unable to get it from the HTTP response. It is just not there.
