revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-13 02:12:41 +01:00
Code Issues Releases Wiki Activity

Make test for setting "next" cookie more general

Browse source 
Summary:
Ref T6870. Since it does not make sense to redirect the user to the login form after they log in, we try not to set the login form as the `next` cookie.

However, the current check is hard-coded to `/auth/start/`, and the form can also be served at `/login/`. This has no real effect on normal users, but did make debugging T6870 confusing.

Instead of using a hard-coded path check, test if the controller was delegated to. If it was, store the URI. If it's handling the request without delegation, don't.

Test Plan:
  - Visited login form at `/login/` and `/auth/start/`, saw it not set a next URI.
  - Visited login form at `/settings/` (while logged out), saw it set a next URI.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley, lpriestley

Maniphest Tasks: T6870

Differential Revision: https://secure.phabricator.com/D11292
This commit is contained in:
epriestley 2015-01-09 06:42:03 -08:00
parent 420f955c2a
commit e0aa33c46b
1 changed files with 13 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
src/applications/auth/controller/PhabricatorAuthStartController.php
View file

@ -77,17 +77,23 @@ final class PhabricatorAuthStartController
} }
$next_uri = $request->getStr('next'); $next_uri = $request->getStr('next');
if (!$next_uri) { if (!strlen($next_uri)) {
$next_uri_path = $this->getRequest()->getPath(); if ($this->getDelegatingController()) {
if ($next_uri_path == '/auth/start/') { // Only set a next URI from the request path if this controller was
$next_uri = '/'; // delegated to, which happens when a user tries to view a page which
} else { // requires them to login.
$next_uri = $this->getRequest()->getRequestURI();
// If this controller handled the request directly, we're on the main
// login page, and never want to redirect the user back here after they
// login.
$next_uri = (string)$this->getRequest()->getRequestURI();
} }
} }
if (!$request->isFormPost()) { if (!$request->isFormPost()) {
PhabricatorCookies::setNextURICookie($request, $next_uri); if (strlen($next_uri)) {
PhabricatorCookies::setNextURICookie($request, $next_uri);
}
PhabricatorCookies::setClientIDCookie($request); PhabricatorCookies::setClientIDCookie($request);
} }