Returning a Link to a secure page from an ajax event handler method causes the
redirect to be invalid if the event is sent from an insecure page
------------------------------------------------------------------------------------------------------------------------------------------------
Key: TAP5-613
URL: https://issues.apache.org/jira/browse/TAP5-613
Project: Tapestry 5
Issue Type: Bug
Components: tapestry-core
Affects Versions: 5.0.18
Reporter: Olaf Tomczak
I think there's something wrong with the way tapestry handles redirects from
Ajax requests. I'm having the following problem: I have a page, say:
http://localhost/mytapestryapp/resetpassword
with a form that sends an ajax submit request and the request handler returns a
Link which leads to my login page annotated with @Secure. The link factory
therefore creates an absolute link like this:
https://localhost/mytapestryapp/login/confirmpasswordreset
Unfortunately javascript code in tapestry.js uses location.pathname (which
afaik changes only the context path of the location) to set the redirect
address. The result is that I'm being redirected to the following page:
http://localhost/https://localhost/mytapestryapp/login/confirmpasswordreset
It works this way on IE and mozilla-based browsers - checked it on Firefox
3.0.7, Epiphany 2.24.3, IE 6.0. It does however work correctly on Opera 9.6
probably because of the differences in how location.pathname is handled.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
