[
https://issues.apache.org/jira/browse/WICKET-2154?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ittay Dror updated WICKET-2154:
-------------------------------
Component/s: wicket
Description:
The description of Request#getURL() is:
/**
* Retrieves the relative URL of this request for local use. This is
relative to the context
* root.
*
* @return The relative request URL for local use
*/
But ServletWebRequest#getURL uses HttpServletRequest#getServletPath which
returns the path to the context of the servlet (so if the servlet is under
'foo' (so http://localhost:8080/foo activates it)), so the path is not relative
for local use.
In my specific case, this fails to redirect properly after login:
When using authentication, PageMap#setUpRedirect is used to store the
intercepted URL and PageMpa#continueToOriginalDestination is used to redirect
to it after a successful login.
The issue is that setUpRedirect uses cycle.getRequest().getURL() so part of the
url contains the context path. Then continueToOriginalDestination uses
RedirectRequestTarget which uses 'response.redirect(RequestCycle.get()
.getRequest()
.getRelativePathPrefixToContextRoot() +
redirectUrl.substring(1)'
so the call response.redirect is made with a relative path form, which contains
the context. the web server adds the context path again before sending to the
client to make the path absolute, which results in an illegal path.
was:
When using authentication, PageMap#setUpRedirect is used to store the
intercepted URL and PageMpa#continueToOriginalDestination is used to redirect
to it after a successful login.
The issue is that setUpRedirect uses cycle.getRequest().getURL() which for
ServletWebRequest uses HttpServletRequest#getServletPath which returns also the
context path of the servlet (so if the servlet is under 'foo' (so
http://localhost:8080/foo activates it)), then redirect uses
RedirectRequestTarget which uses 'response.redirect(RequestCycle.get()
.getRequest()
.getRelativePathPrefixToContextRoot() +
redirectUrl.substring(1)'
since RequestCycle.get().getRequest().getRelativePathPrefixToContextRoot() also
uses getServletPath(), we get the context path twice (so the final redirect is
foo/foo)
Summary: ServletWebRequest#getURL does not return relative URLs (was:
redirect after login uses context root)
> ServletWebRequest#getURL does not return relative URLs
> ------------------------------------------------------
>
> Key: WICKET-2154
> URL: https://issues.apache.org/jira/browse/WICKET-2154
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Affects Versions: 1.3.4
> Reporter: Ittay Dror
> Fix For: 1.3.6
>
>
> The description of Request#getURL() is:
> /**
> * Retrieves the relative URL of this request for local use. This is
> relative to the context
> * root.
> *
> * @return The relative request URL for local use
> */
> But ServletWebRequest#getURL uses HttpServletRequest#getServletPath which
> returns the path to the context of the servlet (so if the servlet is under
> 'foo' (so http://localhost:8080/foo activates it)), so the path is not
> relative for local use.
> In my specific case, this fails to redirect properly after login:
> When using authentication, PageMap#setUpRedirect is used to store the
> intercepted URL and PageMpa#continueToOriginalDestination is used to redirect
> to it after a successful login.
> The issue is that setUpRedirect uses cycle.getRequest().getURL() so part of
> the url contains the context path. Then continueToOriginalDestination uses
> RedirectRequestTarget which uses 'response.redirect(RequestCycle.get()
> .getRequest()
> .getRelativePathPrefixToContextRoot() +
> redirectUrl.substring(1)'
> so the call response.redirect is made with a relative path form, which
> contains the context. the web server adds the context path again before
> sending to the client to make the path absolute, which results in an illegal
> path.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
