SUMMARY While downloading entries "insecure redirect" error is thrown STEPS TO REPRODUCE 1. Click "download" for an entry 2. wait for error OBSERVED RESULT An error occurs and no download is performed. EXPECTED RESULT No error and download done. ADDITIONAL INFORMATION This seems a change on the podcast server, still it make the application not usable anymore. The incriminated podcast subscription feed is: https://www.europe1.fr/rss/podcasts/hondelatte-raconte.xml
Just checked the download links: the URL in the RSS file is an "https" link, but when you try to open it, it redirects to an "http" link. So the error thrown is correctly pointing out an insecure redirect from https to http. This is very bad practice from the podcast author, and I would be surprised if all other podcast apps would just accept this. In principle, the podcast author should fix this. Did that podcast work fine before? If so, it could be that their CDN provider has messed up. Anyway, let me think about how this can be fixed.
This podcast was working fine in Kasts for long until 2 weeks ago. I tested in some other podcast apps, like AntennaPod on Android and it works fine.
(In reply to Filipe Azevedo from comment #2) > This podcast was working fine in Kasts for long until 2 weeks ago. > I tested in some other podcast apps, like AntennaPod on Android and it works > fine. Ok, thanks for the feedback. That would make sense. As mentioned, the core problem lies at the podcast author's CDN, which is applying extremely bad practice by applying that redirect. Kasts can easily be changed to accept those, but then it would invalidate the security of all other proper https podcast feeds and downloads... Let me think about this one.
Yeah, I do truely understand Kasts is not the problem here. Maybe we can introduce some per subscription feed hints like 'Accept InsecureRedirect', and you can pass that to the downloader request. Looks like QNetworkReply has QNetworkRequest::FollowRedirectsAttribute attribute that can be used for that.
Yes, probably something like that, where a dialog pops up asking to allow the redirect, Or, slightly easier, always allow it but show a warning when it happens.
A quick note to let you know that I've still been working on this in the background. However, that feed that you mentioned is a particular tenacious one. I've tried tens of different approaches and I can't seem to get through all the redirects (there's about 4 of them). I'll continue to look for a solution.
Is this not yet fixed already ? Looks like downloads work again by now since some weeks. Maybe the CDN do no longer make redirects by now ?
Just let me know if i can help you - I can test / update any PR you have.
You are right, it works now! I'm pretty sure they solved the crazy redirects in the meantime. My last attempt was only a few weeks ago and then it was still broken. Anyway, that's good to hear because I was getting kind of desparate. :) I do have an oldish MR somewhere that should cover already most of the changes needed for "normal" insecure redirects. At least, the backend stuff is mainly done. It still needs the UI changes: a dialog box asking to allow an insecure redirect for that particular feed. I guess I'll pick that up sometime soon.
Maybe there should be an option in the settings dialog to allow insecure media file downloads by default and to show a warning popup with the option to allow the insecure download for the current file (and a tip to contact the podcast provider to fix the issue, maybe with an clickable link to the the podcast homepage).
*** Bug 481436 has been marked as a duplicate of this bug. ***