Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Redirect after authentication doesn't always work correctly #2603

Open
pcolmer opened this issue Feb 14, 2020 · 2 comments · May be fixed by #2604
Open

Redirect after authentication doesn't always work correctly #2603

pcolmer opened this issue Feb 14, 2020 · 2 comments · May be fixed by #2604
Labels
bug

Comments

@pcolmer
Copy link

@pcolmer pcolmer commented Feb 14, 2020

Describe the bug
When running yourls in a Docker container, the redirect that takes place after authentication doesn't always work. Sometimes (and I haven't been able to pin this down precisely), the redirect is to http://localhost/admin instead of the correct site URL.

As far as I can tell, this is the only place where the yourls code references $_SERVER[SERVER_NAME] rather than YOURLS_SITE. Making that code change fixes the problem.

To Reproduce

  1. Configure docker-yourls to run with YOURLS_SITE set to "http://wibble:8002" and port mapping of 8002:80.

  2. Configure Apache to listen on port 8000 and reverse-proxy to http://localhost:8002. This is deliberate because:

    a) we need Apache to be proxying here and

    b) we need Apache to listen on a non-standard port to cause the reply redirection to show as incorrect.

  3. Navigate to http://localhost:8000/admin/. Enter valid credentials.

Expected behavior
What should happen is that yourls should return a redirection header of http://wibble:8002/admin/.

Actual behavior
The redirection header is to http://localhost/admin/ instead. Note that there is no port number.

Versions
1.7.6 running inside the yourls Docker container. No extensions or plugins.

@LeoColomb

This comment has been minimized.

Copy link
Member

@LeoColomb LeoColomb commented Feb 18, 2020

Thanks for this report @pcolmer.
Very nice description, appreciated.

where the yourls code references $_SERVER[SERVER_NAME] rather than YOURLS_SITE.

Indeed, but current situation solves many issues regarding domain management.
It's not ideal at all, but by using $_SERVER[SERVER_NAME] YOURLS is able to switch between different domain smothly.

@ozh Thoughts?

@pcolmer

This comment has been minimized.

Copy link
Author

@pcolmer pcolmer commented Feb 19, 2020

There is an alternative approach at #2545 but, for some reason, testing resulted in the browser loading a blank page until I re-requested the admin page. Reverting the change back to the one I'm suggesting didn't have that problem.

I can provide more insight/clarity around why using YOURLS_SITE can work if you want me to expand on that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

2 participants
You can’t perform that action at this time.