[1.13.2] CSL does not handle 302 redirect well while fetching png
k-jiang opened this issue ยท 7 comments
Tested with Minecraft 1.13.2
CSL version 1.13.2-14.10-SNAPSHOT-55
with Optifine 1.13.2 HD E4 Ultra
java: 1.8.0_131
API: Legacy
The legacy url is supposed to be redirect to another url while request.
This problem only occured with Windows. Linux (Ubuntu 16.04) is fine.
CustonSkinLoader.log:
[2018-12-02 21:16:38] [kjiang INFO] Loading kjiang's profile.
[2018-12-02 21:16:38] [kjiang INFO] 1/3 Try to load profile from 'EverMC'.
[2018-12-02 21:16:38] [kjiang DEBUG] Try to request 'https://evermc.com/MinecraftSkins/kjiang.png'.
[2018-12-02 21:16:40] [kjiang DEBUG] Successfully request (Response Code: 302 , Content Length: -1)
[2018-12-02 21:16:40] [kjiang DEBUG] Saved to cache (Length: 540 , Path: 'C:\Users\Administrator\AppData\Roaming\.minecraft\CustomSkinLoader\caches\8cc70f2c46780de350207c14fa14a5642b02161e' , Expire: 1543803493)
For some reason, what actually be cached is a html file (8cc70f2c46780de350207c14fa14a5642b02161e) with a <meta http-equiv=refresh"> tag
p.s. in Linux, everything works fine, log shows [2018-12-02 17:46:32] [kjiang's skull DEBUG] Successfully request (Response Code: 200 , Content Length: -1) instead of Response Code: 302
https://github.com/xfl03/MCCustomSkinLoader/blob/csl-14/Common/source/customskinloader/utils/HttpRequestUtil.java#L110
I have make it redirect automaticly.
And you can speak Chinese in this repo.
I tried this on my Windows 10 computer:
[main DEBUG] Try to request 'https://evermc.com/MinecraftSkins/kjiang.png'.
[main DEBUG] Successfully request (Response Code: 200 , Content Length: 3372)
[main DEBUG] Saved to cache (Length: 3372 , Path: 'PRIVATE\caches\8cc70f2c46780de350207c14fa14a5642b02161e' , Expire: 1543828297)
It seems that the issue is due to JRE supports with SNI certificates. For some reason JRE 1.8u131 throws exception when connecting to sites with sni certificates. In our case the website uses SSL with SNI. When CSL tries to connect to the url:
[2018-12-03 12:52:45] [kjiang DEBUG] Try to request 'https://evermc.com/MinecraftSkins/kjiang.png'.
[2018-12-03 12:52:46] [kjiang DEBUG] Failed to request (Exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure)
After upgrade JRE to 1.8u191, everything seems fine:
[2018-12-03 14:01:23] [kjiang DEBUG] Try to request 'https://evermc.com/MinecraftSkins/kjiang.png'.
[2018-12-03 14:01:29] [kjiang DEBUG] Successfully request (Response Code: 200 , Content Length: -1)
[2018-12-03 14:01:29] [kjiang DEBUG] Saved to cache (Length: 3372 , Path: 'C:\Users\Administrator\AppData\Roaming\.minecraft\CustomSkinLoader\caches\8cc70f2c46780de350207c14fa14a5642b02161e' , Expire: 1543863782)
Note that in Windows, Minecraft Launcher comes with its own jre (1.8.0u51) which also has the same issue with SNI. Players have to manually install jre8u191 and change the Minecraft Launcher's setting:
The Java SNI issue has been mentioned by others as well. Not sure if there are any workarounds instead of switching jre:
akka/akka#19287 (comment)
https://bugs.java.com/bugdatabase/view_bug.do?bug_id=JDK-8144566
This bug is not due to CustomSkinLoader.
To ignore SSL Cert, you can turn it off in config.
The ignoreHttpsCertificate option is already true, but it does nothing.
The problem is, this bug happened during SSL connection initiation, not the certification after the connection been established. The only fix I could think about is to either upgrade jre to 8u141 or higher, or avoid any sites that uses SNI which means Cloudflare will be out of the picture.
http://stackoverflow.com/questions/30817934/extended-server-name-sni-extension-not-sent-with-jdk1-8-0-but-send-with-jdk1-7
There are some workarounds that have been addressed by others. But they are either somehow too complicate or introduced a bit of overhead. It is up to you if you want to implement the fix. For me, I think I will just simply upgrade the JRE.
I think the best way to solve the problem is to ask Mojang to upgrade the JRE bundled in Minecraft Launcher. But if they are not going to do so, I recommend CSL implement a workaround.