Added a response stream to 301 redirect messages so that filters like WebSense will let them through.

2 files changed, 17 insertions, 2 deletions

diff --git a/src/DotNetOpenAuth.Test/Messaging/ChannelTests.cs b/src/DotNetOpenAuth.Test/Messaging/ChannelTests.cs
index 5d31d40..acb200f 100644
--- a/src/DotNetOpenAuth.Test/Messaging/ChannelTests.cs
+++ b/src/DotNetOpenAuth.Test/Messaging/ChannelTests.cs
@@ -77,6 +77,8 @@ namespace DotNetOpenAuth.Test.Messaging {
 
 			OutgoingWebResponse response = this.Channel.PrepareResponse(message);
 			Assert.AreEqual(HttpStatusCode.Redirect, response.Status);
+			Assert.AreEqual("text/html; charset=utf-8", response.Headers[HttpResponseHeader.ContentType]);
+			Assert.IsTrue(response.Body != null && response.Body.Length > 0); // a non-empty body helps get passed filters like WebSense
 			StringAssert.StartsWith("http://provider/path", response.Headers[HttpResponseHeader.Location]);
 			foreach (var pair in expected) {
 				string key = MessagingUtilities.EscapeUriDataStringRfc3986(pair.Key);
diff --git a/src/DotNetOpenAuth/Messaging/Channel.cs b/src/DotNetOpenAuth/Messaging/Channel.cs
index aac0dd9..84dbe3c 100644
--- a/src/DotNetOpenAuth/Messaging/Channel.cs
+++ b/src/DotNetOpenAuth/Messaging/Channel.cs
@@ -55,6 +55,14 @@ namespace DotNetOpenAuth.Messaging {
 		private const int IndirectMessageGetToPostThreshold = 2 * 1024; // 2KB, recommended by OpenID group
 
 		/// <summary>
+		/// The HTML that should be returned to the user agent as part of a 301 Redirect.
+		/// </summary>
+		/// <value>A string that should be used as the first argument to String.Format, where the {0} should be replaced with the URL to redirect to.</value>
+		private const string RedirectResponseBodyFormat = @"<html><head><title>Object moved</title></head><body>
+<h2>Object moved to <a href=""{0}"">here</a>.</h2>
+</body></html>";
+
+		/// <summary>
 		/// A list of binding elements in the order they must be applied to outgoing messages.
 		/// </summary>
 		[DebuggerBrowsable(DebuggerBrowsableState.Never)]
@@ -260,10 +268,12 @@ namespace DotNetOpenAuth.Messaging {
 			this.ProcessOutgoingMessage(message);
 			Logger.Channel.DebugFormat("Sending message: {0}", message.GetType().Name);
 
+			OutgoingWebResponse result;
 			switch (message.Transport) {
 				case MessageTransport.Direct:
 					// This is a response to a direct message.
-					return this.PrepareDirectResponse(message);
+					result = this.PrepareDirectResponse(message);
+					break;
 				case MessageTransport.Indirect:
 					var directedMessage = message as IDirectedProtocolMessage;
 					ErrorUtilities.VerifyArgumentNamed(
@@ -741,15 +751,18 @@ namespace DotNetOpenAuth.Messaging {
 			Contract.Requires<ArgumentNullException>(fields != null);
 			Contract.Ensures(Contract.Result<OutgoingWebResponse>() != null);
 
+			// As part of this redirect, we include an HTML body in order to get passed some proxy filters
+			// such as WebSense.
 			WebHeaderCollection headers = new WebHeaderCollection();
 			UriBuilder builder = new UriBuilder(message.Recipient);
 			MessagingUtilities.AppendQueryArgs(builder, fields);
 			headers.Add(HttpResponseHeader.Location, builder.Uri.AbsoluteUri);
+			headers.Add(HttpResponseHeader.ContentType, "text/html; charset=utf-8");
 			Logger.Http.DebugFormat("Redirecting to {0}", builder.Uri.AbsoluteUri);
 			OutgoingWebResponse response = new OutgoingWebResponse {
 				Status = HttpStatusCode.Redirect,
 				Headers = headers,
-				Body = null,
+				Body = string.Format(CultureInfo.InvariantCulture, RedirectResponseBodyFormat, builder.Uri.AbsoluteUri),
 				OriginalMessage = message
 			};