While trying to design a C++ module for dealing with OAuth, I noticed that I would get many dead-ends because WebInputStream is setup with more defaults than meets the eye.
My networking knowledge is subpar to say the least, but I found a solution that lets my OAuth code work with different servers (e.g.: SoundCloud, GitHub).
Windows' HttpOpenRequest() is setup to allow handling of redirects by default, likewise SSL certificates. JUCE's code doesn't allow the users to deal with any of this, so I figure modifying the flags for creating an HINTERNET in the back-end is the best way since it lets the servers ignore SSL certs and avoid doing redirects.
A couple sources:
http://stackoverflow.com/questions/14071099/openssl-wininet-client
http://www.vbforums.com/showthread.php?659350-RESOLVED-HttpSendRequest-redirects-GetFinalURL
Somewhere in juce_win32_Network.cpp:
void openHTTPConnection (URL_COMPONENTS& uc, URL::OpenStreamProgressCallback* progressCallback, void* progressCallbackContext) { const TCHAR* mimeTypes[] = { _T("*/*"), nullptr }; DWORD flags = INTERNET_FLAG_RELOAD | INTERNET_FLAG_NO_CACHE_WRITE | INTERNET_FLAG_NO_COOKIES | INTERNET_FLAG_NO_AUTO_REDIRECT | SECURITY_SET_MASK; if (address.startsWithIgnoreCase ("https:")) flags |= INTERNET_FLAG_SECURE; // (this flag only seems necessary if the OS is running IE6 - // IE7 seems to automatically work out when it's https) request = HttpOpenRequest (connection, isPost ? _T("POST") : _T("GET"), uc.lpszUrlPath, 0, 0, mimeTypes, flags, 0); if (request != 0) { DWORD dwFlags; DWORD dwBuffLen = sizeof (DWORD); InternetQueryOption (request, INTERNET_OPTION_SECURITY_FLAGS, (LPVOID) &dwFlags, &dwBuffLen); dwFlags |= SECURITY_FLAG_IGNORE_UNKNOWN_CA | SECURITY_SET_MASK; InternetSetOption (request, INTERNET_OPTION_SECURITY_FLAGS, &dwFlags, sizeof (dwFlags));