[
https://issues.apache.org/jira/browse/TAP5-613?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Howard M. Lewis Ship closed TAP5-613.
-------------------------------------
Resolution: Fixed
Fix Version/s: 5.1.0.4
> Returning a Link to a secure page from an ajax event handler method causes
> the redirect to be invalid if the event is sent from an insecure page
> ------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: TAP5-613
> URL: https://issues.apache.org/jira/browse/TAP5-613
> Project: Tapestry 5
> Issue Type: Bug
> Components: tapestry-core
> Affects Versions: 5.0.18
> Reporter: Olaf Tomczak
> Assignee: Howard M. Lewis Ship
> Fix For: 5.1.0.4
>
>
> I think there's something wrong with the way tapestry handles redirects from
> Ajax requests. I'm having the following problem: I have a page, say:
> http://localhost/mytapestryapp/resetpassword
> with a form that sends an ajax submit request and the request handler returns
> a Link which leads to my login page annotated with @Secure. The link factory
> therefore creates an absolute link like this:
> https://localhost/mytapestryapp/login/confirmpasswordreset
> Unfortunately javascript code in tapestry.js uses location.pathname (which
> afaik changes only the context path of the location) to set the redirect
> address. The result is that I'm being redirected to the following page:
> http://localhost/https://localhost/mytapestryapp/login/confirmpasswordreset
> It works this way on IE and mozilla-based browsers - checked it on Firefox
> 3.0.7, Epiphany 2.24.3, IE 6.0. It does however work correctly on Opera 9.6
> probably because of the differences in how location.pathname is handled.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
