Closed
Bug 523495
Opened 15 years ago
Closed 15 years ago
Infinite redirect loop when viewing an attachment
Categories
(Bugzilla :: Bugzilla-General, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 3.6
People
(Reporter: mkanat, Assigned: mkanat)
References
Details
(Keywords: regression)
Attachments
(1 file, 1 obsolete file)
(deleted),
patch
|
LpSolit
:
review+
|
Details | Diff | Splinter Review |
When viewing an attachment with ssl_redirect turned on, I get an infinite redirect loop.
Comment 1•15 years ago
|
||
So this is a regression due to bug 514913 as it was working fine before.
Depends on: 514913
Keywords: regression
Assignee | ||
Comment 2•15 years ago
|
||
Here we go, this fixes it. I tested it with and without an attachment_base, and with the attachment_base having both http and https.
I also took the opportunity to do some refactoring--we now only redirect to urlbase/sslbase on every page load away from attachment_base if the url matches attachment_base--this once again gets us closer to allowing people to use arbitrary URLs for their Bugzillas (often requested on the support list).
Assignee | ||
Updated•15 years ago
|
Severity: major → critical
Updated•15 years ago
|
Attachment #407447 -
Flags: review?(LpSolit) → review-
Comment 3•15 years ago
|
||
Comment on attachment 407447 [details] [diff] [review]
v1
>Index: attachment.cgi
>- $attachbase =~ s/%bugid%/$bug_id/;
The comment associated with it must move too.
>- if ($cgi->self_url !~ /^\Q$attachbase\E/) {
>+ if (!$cgi->url_is_attachment_base) {
At this point, we know the bug ID and so we compare $cgi->self_url with the attachment base updated with this ID in place of %bugid%. In your code, you only compare it to \d+, which would reintroduce XSS again.
>+ # We couldn't call Bugzilla->login earlier as we first had to
>+ # make sure we were not going to request credentials on the
>+ # alternate host.
I'm not a fan of this kind of "cleanup". Shortening comment lines because you like tiny ones hides which bug really implemented them in Bonsai, forcing us to do extra work to find the original patch. There is no reason to alter these comments. Please revert that.
>- print $cgi->redirect(-location => $attachbase . $path);
>+ print $cgi->redirect(-location => $base . $path);
Here too, unless you have a very good reason to, please don't change the variable name. This again makes it harder to track real code changes.
>Index: Bugzilla/CGI.pm
>+ if ($self->url_is_attachment_base and $script ne 'attachment.cgi') {
It would be slightly cheaper to first compare $script to 'attachment.cgi' and then call ->url_is_... if necessary.
>+sub url_is_attachment_base {
>+ my ($self, $id) = @_;
You never pass any argument to this method.
>+ if ($id) {
So either this IF block goes away, or you have to use it somewhere (attachment.cgi?action=view comes to mind).
>+ $regex = quotemeta($attach_base);
>+ $regex =~ s/\\\%bugid\\\%/\\d+/;
>+ }
>+ $regex = "^$regex";
I don't see how this syntax is more readable/cleaner than the one I used, using \Q \E. I don't like all these escaping characters (it's prone to errors).
Assignee | ||
Comment 4•15 years ago
|
||
(In reply to comment #3)
> >+ # We couldn't call Bugzilla->login earlier as we first had to
> >+ # make sure we were not going to request credentials on the
> >+ # alternate host.
>
> I'm not a fan of this kind of "cleanup". Shortening comment lines because you
> like tiny ones hides which bug really implemented them in Bonsai, forcing us to
> do extra work to find the original patch. There is no reason to alter these
> comments. Please revert that.
The comment was longer than 80 characters. :-) I made it be only 80 characters.
> >+sub url_is_attachment_base {
> >+ my ($self, $id) = @_;
>
> You never pass any argument to this method.
Ah, yeah, that's left over from the fact that I originally *was* checking the $bug_id in this method, which I'll put back. :-)
> I don't see how this syntax is more readable/cleaner than the one I used, using
> \Q \E. I don't like all these escaping characters (it's prone to errors).
It's not an issue of readability, it's that if I need to insert a valid regex metacharacter in there, that's the *only* way it works. (I'd tell you to try it yourself, but believe me, it was a huge waste of time to figure it out.)
Assignee | ||
Comment 5•15 years ago
|
||
Okay, I've addressed all the comments I didn't respond to.
Attachment #407447 -
Attachment is obsolete: true
Attachment #408109 -
Flags: review?(LpSolit)
Assignee | ||
Updated•15 years ago
|
Attachment #408109 -
Attachment description: v1 → v2
Comment 6•15 years ago
|
||
Comment on attachment 408109 [details] [diff] [review]
v2
>Index: Bugzilla/CGI.pm
>+ return 0 if !use_attachbase() or !i_am_cgi();
Nit: I think || would be clearer. Here, I tend to read this as:
(return 0 if !use_attachbase()) or !i_am_cgi();
Also, having POD for this method would be useful. Seems to work fine. r=LpSolit
Attachment #408109 -
Flags: review?(LpSolit) → review+
Updated•15 years ago
|
Flags: approval+
Assignee | ||
Comment 7•15 years ago
|
||
Checking in Bugzilla.pm;
/cvsroot/mozilla/webtools/bugzilla/Bugzilla.pm,v <-- Bugzilla.pm
new revision: 1.79; previous revision: 1.78
done
Checking in attachment.cgi;
/cvsroot/mozilla/webtools/bugzilla/attachment.cgi,v <-- attachment.cgi
new revision: 1.163; previous revision: 1.162
done
Checking in Bugzilla/CGI.pm;
/cvsroot/mozilla/webtools/bugzilla/Bugzilla/CGI.pm,v <-- CGI.pm
new revision: 1.50; previous revision: 1.49
done
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•