[
https://issues.apache.org/jira/browse/TAP5-1973?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13572351#comment-13572351
]
Alejandro Scandroli commented on TAP5-1973:
-------------------------------------------
This fix has a side effect.
As commented in
http://tapestry.1045711.n5.nabble.com/Tapestry-HTTPS-redirect-to-port-80-td5719759.html
If SymbolConstants.HOSTPORT and SymbolConstants.HOSTPORT_SECURE are not set,
then when redirecting from insecure to secure you end up with and URL like this
one: https://yourhost:80
Here is the test to expose the little bug:
@Test
public void secure_url_without_condifured_hostports()
{
expect(request.getServerPort()).andReturn(80).once();
expect(request.isSecure()).andReturn(false).once();
replay();
BaseURLSource baseURLSource = new BaseURLSourceImpl(request,
"localhost", 0, 0);
assertEquals(baseURLSource.getBaseURL(true), "https://localhost";);
verify();
}
A posible solution would be to only use request.getServerPort() if
request.isSecure() == secure
Can this issue be reopened or should I file a new issue with the proposed
solution?
> :443 added to URLs when using the Link.toAbsoluteURI(true)
> ----------------------------------------------------------
>
> Key: TAP5-1973
> URL: https://issues.apache.org/jira/browse/TAP5-1973
> Project: Tapestry 5
> Issue Type: Bug
> Components: tapestry-core
> Affects Versions: 5.3.4, 5.4
> Reporter: Howard M. Lewis Ship
> Assignee: Howard M. Lewis Ship
> Labels: fixed-in-5.4-js-rewrite
> Fix For: 5.3.5, 5.4
>
>
> An error in the code means that when secure is true and the port is set to
> 443, then ":443" is appended:
> int port = secure ? secureHostPort : hostPort;
> String portSuffix = "";
> if (port <= 0) {
> port = request.getServerPort();
> int schemeDefaultPort = request.isSecure() ? 443 : 80;
> portSuffix = port == schemeDefaultPort ? "" : ":" + port;
> }
> else if (secure && port != 443) portSuffix = ":" + port;
> else if (port != 80) portSuffix = ":" + port;
>
> String hostname = "".equals(this.hostname) ? request.getServerName()
> : this.hostname.startsWith("$") ? System.getenv(this.hostname.substring(1)) :
> this.hostname;
>
> return String.format("%s://%s%s", secure ? "https" : "http",
> hostname, portSuffix);
> secure == true && port != 443 is false, so
> port != 80 is evaluated, it true, so
> ":443" is appended.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
