Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F15522226
D10318.id24839.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
3 KB
Referenced Files
None
Subscribers
None
D10318.id24839.diff
View Options
diff --git a/src/aphront/configuration/AphrontApplicationConfiguration.php b/src/aphront/configuration/AphrontApplicationConfiguration.php
--- a/src/aphront/configuration/AphrontApplicationConfiguration.php
+++ b/src/aphront/configuration/AphrontApplicationConfiguration.php
@@ -14,7 +14,7 @@
abstract public function getURIMap();
abstract public function buildRequest();
abstract public function build404Controller();
- abstract public function buildRedirectController($uri);
+ abstract public function buildExternalRedirectController($uri);
final public function setRequest(AphrontRequest $request) {
$this->request = $request;
@@ -96,7 +96,10 @@
$https_uri = $request->getRequestURI();
$https_uri->setDomain($request->getHost());
$https_uri->setProtocol('https');
- return $this->buildRedirectController($https_uri);
+
+ // In this scenario, we'll be redirecting to HTTPS using an absolute
+ // URI, so we need to permit an external redirect.
+ return $this->buildExternalRedirectController($https_uri);
}
}
@@ -188,7 +191,10 @@
if ($controller && !$request->isHTTPPost()) {
$slash_uri = $request->getRequestURI()->setPath($path.'/');
- return $this->buildRedirectController($slash_uri);
+
+ // The request URI uses the current domain and port, so it's
+ // safe to mark this redirect as external.
+ return $this->buildExternalRedirectController($slash_uri);
}
}
return $this->build404Controller();
diff --git a/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php b/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
--- a/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
+++ b/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
@@ -300,11 +300,12 @@
return array(new Phabricator404Controller($this->getRequest()), array());
}
- public function buildRedirectController($uri) {
+ public function buildExternalRedirectController($uri) {
return array(
new PhabricatorRedirectController($this->getRequest()),
array(
'uri' => $uri,
+ 'external' => true,
));
}
diff --git a/src/applications/base/controller/PhabricatorRedirectController.php b/src/applications/base/controller/PhabricatorRedirectController.php
--- a/src/applications/base/controller/PhabricatorRedirectController.php
+++ b/src/applications/base/controller/PhabricatorRedirectController.php
@@ -3,6 +3,7 @@
final class PhabricatorRedirectController extends PhabricatorController {
private $uri;
+ private $allowExternal;
public function shouldRequireLogin() {
return false;
@@ -14,10 +15,13 @@
public function willProcessRequest(array $data) {
$this->uri = $data['uri'];
+ $this->allowExternal = idx($data, 'external', false);
}
public function processRequest() {
- return id(new AphrontRedirectResponse())->setURI($this->uri);
+ return id(new AphrontRedirectResponse())
+ ->setURI($this->uri)
+ ->setIsExternal($this->allowExternal);
}
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Mon, Apr 21, 6:49 PM (2 d, 7 h ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
7712138
Default Alt Text
D10318.id24839.diff (3 KB)
Attached To
Mode
D10318: Fix `security.require-https` by marking redirect as external
Attached
Detach File
Event Timeline
Log In to Comment