Defect #41930: Cannot redirect to back_url including port after login - Redmine

Actions

Copy link

Defect #41930

open

Cannot redirect to back_url including port after login

Added by Kenta Kumojima 17 days ago.

Status:

New

Priority:

Normal

Assignee:

Category:

Accounts / authentication

Target version:

Start date:

Due date:

% Done:

Estimated time:

Resolution:

Affected version:

Description

If URI contains a port, I cannot redirect to back_url after login.

If back_uri contains port, ApplicationController#validate_back_url raises Addressable::URI::InvalidURIError and returns false.
So, hidden field of back_url is not rendered at '/login'.
The validation method should remove the port before the host.

       [:scheme, :host, :port].each do |component|                                                                                                                                                       
         if uri.send(component).present? && uri.send(component) != request.send(component)
           return false
         end

         uri.send(:"#{component}=", nil) # => raises InvalidURIError
       end

Files

fix_redirect_to_back_url_with_port.patch (2.14 KB) fix_redirect_to_back_url_with_port.patch

Kenta Kumojima, 2024-12-03 16:29

No data to display

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Redmine

Custom queries

Defect #41930

Cannot redirect to back_url including port after login