You are here: Foswiki>Tasks Web>Item14396 (01 Jun 2017, GeorgeClark)Edit Attach

Item14396: Redirect issue after login on Lighttpd

pencil
Priority: Normal
Current State: Closed
Released In: 2.1.4
Target Release: patch
Applies To: Engine
Component: LoginManager
Branches: Release02x01 master Item14288
Reported By: GeorgeClark
Waiting For:
Last Change By: GeorgeClark
A login issue was reported on Support.Question1873. The questioner eventually isolated the issue to a problem in the redirect after login.

Found it! See https://tools.ietf.org/html/rfc3875#section-6.2.2

The TemplateLogin->login method redirects to what by CGI specs is called local-Location. According to RFC 3875, in this case The script MUST NOT return any other header fields or a message-body, and the server MUST generate the response that it would have produced in response to a request containing the URL
scheme "://" server-name ":" server-port local-pathquery

In other words, setting a cookie without giving full redirect URL is violation of CGI protocol. If I add $query->url(base => 1, full => 1) to $origurl in the TemplateLogin->login, everything works as expected.

-- AlexanderSmishlajev - 09 May 2017

I'm not sure how to apply the suggested change to Foswiki::LoginManager::TemplateLogin. I've been unable to recreate the issue.

-- GeorgeClark - 09 May 2017

 
Topic revision: r5 - 01 Jun 2017, GeorgeClark - This page was cached on 19 Nov 2017 - 12:36.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License