curl --post302 flag behaviour using httpx?

[glav-git]

A little context first. So, I am trying to write some kind of CLI for Fastpanel that will "login" using url, username and password, and then be able to perform api requests to its backend.

Fastpanel can be deployed with actual domain name and url can look "normal": https://example.com, but some deployments may just use public IP address and I want my CLI support them as well. So the issue I encountered is that when I'm making POST request to http://ip_address:8888/login I guess due to some nginx config server responds with 302 Redirect to https://ip_address:8888/login, and in this case standard httpx behavior after 302 Redirect response is to change request method to a new location from POST to GET. As I said, this is standard behavior for 302, but it also breaks login, since request body will not be sent in GET request.

Searching on how I can avoid changing the request method I found that curl had an option --post302 that does exactly what I need in this case:

When you send a POST request, and the server responds with one of the codes 301, 302, or 303, Curl will make the subsequent request using the GET method. For other 300x status codes, Curl will resend the subsequent request using the same unmodified HTTP method. This behavior can be changed using one of the --post301, --post302, or --post303 flags.

So yeah, is there a way to achieve similar behavior with httpx?

P.S. I do understand that sending unencrypted credentials over http is not very good idea. Also, I do understand that this is not "standard behavior." And still I am writing CLI that suppose "just work" if it can and print a warning, but not print the error message for user like "go and make your service standard compliant and safe to use, and only then come back" ahah. I mean, it's kinda reasonable at least for testing reasons when you don't really want to buy a domain name and configure SSL just to test a couple of things.

[glav-git]

Also, I already implemented a workaround of some kind, detecting that I was given IP address and forcing verify=False with https url scheme for this kind of urls, so no redirection will occur in the first place:

def __init__(self, url: str ...):
    _url = httpx.URL(url)
    # avoid https 302 redirect issue on POST requests and SSL verification failed
    if is_ip_v4(_url.host):
        self.client = httpx.Client(
            base_url=_url.copy_with(scheme="https"), verify=False
        )
    else:
        self.client = httpx.Client(base_url=url)

But the question still more about --post302 flag, since I think it can still be useful in cases when you can't really "predict" this kind of redirects.