Home Explore Help
Sign In
githab
/
cakephp
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Fix double base directory in unauthorized redirects.

Turn off base path inclusion when the referrer is generated. In the case
where there is no referrer header, we need to omit the base path as
redirect() will add one in.

Including a base path causes apps in sub-directories to behave
incorrectly.

Refs #7205
Mark Story 10 years ago
parent
564370876d
commit
5a4ab489de
2 changed files with 15 additions and 6 deletions
Split View Show Diff Stats
  1. 1 0
      src/Controller/Component/AuthComponent.php
  2. 14 6
      tests/TestCase/Controller/Component/AuthComponentTest.php

+ 1 - 0
src/Controller/Component/AuthComponent.php
View File 

@@ -405,6 +405,7 @@ class AuthComponent extends Component
 
             if (!empty($this->_config['loginRedirect'])) {
 
                 $default = $this->_config['loginRedirect'];
 
             }
 
+            $default['_base'] = false;
 
             $url = $controller->referer($default, true);
 
         } else {
 
             $url = $this->_config['unauthorizedRedirect'];

+ 14 - 6
tests/TestCase/Controller/Component/AuthComponentTest.php
View File 

@@ -734,24 +734,32 @@ class AuthComponentTest extends TestCase
 
     public function testDefaultToLoginRedirect()
 
     {
 
         $url = '/party/on';
 
-        $this->Auth->request = $Request = new Request($url);
 
-        $Request->env('HTTP_REFERER', false);
 
-        $this->Auth->request->addParams(Router::parse($url));
 
+        $this->Auth->request = $request = new Request($url);
 
+        $request->env('HTTP_REFERER', false);
 
+        $request->addParams(Router::parse($url));
 
+        $request->addPaths([
 
+            'base' => 'dirname',
 
+            'webroot' => '/dirname/',
 
+        ]);
 
+        Router::pushRequest($request);
 
+
 
         $this->Auth->config('authorize', ['Controller']);
 
         $this->Auth->setUser(['username' => 'mariano', 'password' => 'cake']);
 
         $this->Auth->config('loginRedirect', [
 
-            'controller' => 'something', 'action' => 'else'
 
+            'controller' => 'something',
 
+            'action' => 'else'
 
         ]);
 
 
         $response = new Response();
 
         $Controller = $this->getMock(
 
             'Cake\Controller\Controller',
 
             ['on', 'redirect'],
 
-            [$Request, $response]
 
+            [$request, $response]
 
         );
 
         $event = new Event('Controller.startup', $Controller);
 
 
-        $expected = Router::url($this->Auth->config('loginRedirect'));
 
+        // Should not contain basedir when redirect is called.
 
+        $expected = '/something/else';
 
         $Controller->expects($this->once())
 
             ->method('redirect')
 
             ->with($this->equalTo($expected));