Redirect correctly on RT 4.0.8, 3.8.15, and the 2012-10-25 security p…

…atches The NextPage session stash started storing hashrefs instead of strings. This manifested as redirects to /HASH(0xDEADBEEF) instead of the proper destination. Older and unpatched RTs will continue to work correctly due to the "if ref $next" check.
bestpractical · Oct 26, 2012 · a33d1b6 · a33d1b6
1 parent fe97ee4
commit a33d1b6
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/html/Callbacks/ExternalAuth/autohandler/Session b/html/Callbacks/ExternalAuth/autohandler/Session
@@ -7,6 +7,7 @@ if (   $m->request_comp->path eq '/NoAuth/Login.html'
     && $ARGS{next} )
 {
     my $next = delete $session{'NextPage'}->{ $ARGS{'next'} };
+       $next = $next->{'url'} if ref $next;
     RT::Interface::Web::Redirect( $next || RT->Config->Get('WebURL') );
 }
 </%init>