Riccardo Murri wrote: > Package: ikiwiki > Version: 3.20100815.7 > > When clicking the "Submit" or "Preview" button on the IkiWiki online > edit form, I > get an HTTP 500 response; the Apache logs on the server show: > > [client XXX] malformed header from script. Bad > header=according%20to%20the%20availab: ikiwiki.cgi > > Capturing the output from `ikiwiki.cgi`, I see that just these two > lines are sent: > > Status: 302 Found > Location: > https://ocikbapps.uzh.ch/gc3wiki/ikiwiki.auth.cgi?_submitted=1;do=edit;..;_submit=Preview;attachment= > > (This HTTP 302 content is then sent as body of the HTTP 500 reponse.)
It seems that the important peice of your configuration that you left out is that you are using the httpauth plugin, so if you're not logged in you get this 302 redirect. Normally there would be no redirect, avoiding the problem. (Also, since version 3.20100831, the redirect is not done if the user is already logged in, so it would be noticed less frequently, if it occurs at all. Your snippet above shows it doing the redirect when previewing a page, while typically you'd already be logged in at this point; unless perhaps anonok is enabled.) > The same issue (with a CGI-side fix) is discussed here: > https://bugzilla.mozilla.org/show_bug.cgi?id=513989 I guess the fix is to store a postsignin cookie containing the original query string, and redirect to a postsignin url. I've attached a blind attempt at a patch doing this. As I don't use httpauth it would be painful for me to test it -- can you? The patch will cleanly apply to version 3.20100815.7. You could even patch /usr/share/perl5/IkiWiki/Plugins/httpauth.pm directly. -- see shy jo
From 266bcb5bd2dd9157dac1fc313c9174f40fd5ae48 Mon Sep 17 00:00:00 2001 From: Joey Hess <[email protected]> Date: Wed, 24 Aug 2011 17:03:52 -0400 Subject: [PATCH] avoid too large redirect by storing query string This should avoid bug #638009 when redirecting to the cgiauthurl to log in when editing a large page. Apache does not like a redirect that is very large, so store the original query string as a postsignin action. --- IkiWiki/Plugin/httpauth.pm | 8 ++++++-- 1 files changed, 6 insertions(+), 2 deletions(-) diff --git a/IkiWiki/Plugin/httpauth.pm b/IkiWiki/Plugin/httpauth.pm index cb48844..033746e 100644 --- a/IkiWiki/Plugin/httpauth.pm +++ b/IkiWiki/Plugin/httpauth.pm @@ -91,8 +91,12 @@ sub canedit ($$$) { defined $config{cgiauthurl} && pagespec_match($page, $config{httpauth_pagespec})) { return sub { - # bounce thru cgiauthurl and back to edit action - redir_cgiauthurl($cgi, $cgi->query_string()); + # store current query as a postsignin action + # (to avoid too big a redirect when editing a page), + # and bounce thru cgiauthurl and back to it. + $session->param(postsignin => $cgi->query_string()); + cgi_savesession($session); + redir_cgiauthurl($cgi, do => "postsignin"); }; } else { -- 1.7.5.4
signature.asc
Description: Digital signature
