View Issue Details

IDProjectCategoryView StatusLast Update
0003911mantisbtbugtrackerpublic2008-04-19 04:10
Reportertobig Assigned Togiallu  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Fixed in Version1.2.0a1 
Summary0003911: Mantis violates RFC2616 when redirecting
Description

RFC 2616 requires absolute URIs in the "Location:" header (see section 14.30). Mantis sends headers like "Location: view_all_bug_page.php", which is a clear violation of the RFC. Most browsers understand this syntax but a basic principle in network programming is "Be strict in what you send and tolerant in what you receive.", so it would be nice if you can fix it.

TagsNo tags attached.
Attached Files
redirect.tar.bz2 (1,932 bytes)

Relationships

has duplicate 0008672 closedgiallu HTTP redirects should contain full URL 

Activities

jlatour

jlatour

2004-08-07 09:16

reporter   ~0006756

We could use something like:

<?php
header("Location: http://&quot; . $_SERVER['HTTP_HOST']
. dirname($_SERVER['PHP_SELF'])
. "/" . $relative_url);
?>

(as specified in the PHP manual). Does anyone know if this will work in all situations, and/or if there's a better way?

Probably don't do this for 0.19.0 - sounds like something that can create unexpected problems.

ryandesign

ryandesign

2005-05-11 11:04

reporter   ~0010081

I've written a comprehensive general-purpose function to address this problem, which the Mantis project is welcome to use either as-is or for ideas or whatever. It's attached and should hopefully be self-explanitory, but briefly:

Instead of writing this:

header('Location: view_all_bug_page.php');
exit;

You now write this:

redirect('view_all_bug_page.php');

And it does everything else for you.

ryandesign

ryandesign

2005-08-07 16:48

reporter   ~0011109

New version of redirect libraries attached.

giallu

giallu

2007-12-13 03:27

reporter   ~0016437

Paul, are we able to retrieve somehow the missing attachment?

giallu

giallu

2008-01-10 18:05

reporter   ~0016628

Nevermind... I realized we already moved the redirection code to an api function.

Actually, there are two of them: html_meta_redirect and print_header_redirect :)

giallu

giallu

2008-01-13 17:58

reporter   ~0016660

Fixed, also in trunk

giallu

giallu

2008-01-16 18:23

reporter   ~0016683

I reverted the change in the stable branch, this now fixed in trunk only. sorry for the noise

Related Changesets

MantisBT: master e7c200c2

2008-01-13 17:48

giallu


Details Diff
Fix 3911: Mantis violates RFC2616 when redirecting

git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@4884 <a class="text" href="/?p=mantisbt.git;a=object;h=f5dc347c">f5dc347c</a>-c33d-0410-90a0-b07cc1902cb9
Affected Issues
0003911
mod - core/print_api.php Diff File
mod - config_defaults_inc.php Diff File
mod - core/html_api.php Diff File

MantisBT: master-1.1.x 88f36a1f

2008-01-13 17:54

giallu


Details Diff
Fix 3911: Mantis violates RFC2616 when redirecting

git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/branches/BRANCH_1_1_0@4885 <a class="text" href="/?p=mantisbt.git;a=object;h=f5dc347c">f5dc347c</a>-c33d-0410-90a0-b07cc1902cb9
Affected Issues
0003911
mod - core/print_api.php Diff File
mod - core/html_api.php Diff File
mod - config_defaults_inc.php Diff File

MantisBT: master e1ac36d3

2008-01-16 11:35

jreese


Details Diff
Fix error resulting from Giallu's fix for bug 0003911: chaining print_header_redirect() and helper_mantis_url() is now Bad.

git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@4894 <a class="text" href="/?p=mantisbt.git;a=object;h=f5dc347c">f5dc347c</a>-c33d-0410-90a0-b07cc1902cb9
Affected Issues
0003911
mod - core/access_api.php Diff File