Correctly add the preview script

core-bundle/src/Controller/BackendPreviewController.php

@@ -51,8 +51,8 @@ public function __invoke(Request $request): Response
     {
         // Skip the redirect if there is no preview script, otherwise we will
         // end up in an endless loop (see #1511)
-        if ($this->previewScript && $request->getScriptName() !== $this->previewScript) {
-            return new RedirectResponse($this->previewScript.$request->getRequestUri());
+        if ($this->previewScript && substr($request->getScriptName(), \strlen($request->getBasePath())) !== $this->previewScript) {
+            return new RedirectResponse($request->getBasePath().$this->previewScript.$request->getPathInfo());
         }
 
         if (!$this->authorizationChecker->isGranted('ROLE_USER')) {

core-bundle/tests/Controller/BackendPreviewControllerTest.php

@@ -18,7 +18,6 @@
 use Contao\CoreBundle\Tests\TestCase;
 use PHPUnit\Framework\MockObject\MockObject;
 use Symfony\Component\EventDispatcher\EventDispatcher;
-use Symfony\Component\HttpFoundation\InputBag;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
@@ -29,7 +28,7 @@ class BackendPreviewControllerTest extends TestCase
     public function testRedirectsToPreviewEntrypoint(): void
     {
         $controller = new BackendPreviewController(
-            'preview.php',
+            '/preview.php',
             $this->createMock(FrontendPreviewAuthenticator::class),
             new EventDispatcher(),
             $this->mockAuthorizationChecker()
@@ -39,19 +38,43 @@ public function testRedirectsToPreviewEntrypoint(): void
         $response = $controller(new Request());
 
         $this->assertInstanceOf(RedirectResponse::class, $response);
-        $this->assertSame('preview.php', $response->getTargetUrl());
+        $this->assertSame('/preview.php/', $response->getTargetUrl());
+    }
+
+    public function testAddsThePreviewEntrypointAtTheCorrectPosition(): void
+    {
+        $controller = new BackendPreviewController(
+            '/preview.php',
+            $this->createMock(FrontendPreviewAuthenticator::class),
+            new EventDispatcher(),
+            $this->mockAuthorizationChecker()
+        );
+
+        $request = Request::create('https://localhost/managed-edition/public/contao/preview');
+        $request->server->set('SCRIPT_NAME', '/managed-edition/public/index.php');
+        $request->server->set('SCRIPT_FILENAME', '/managed-edition/public/index.php');
+
+        /** @var RedirectResponse $response */
+        $response = $controller($request);
+
+        $this->assertInstanceOf(RedirectResponse::class, $response);
+        $this->assertSame('/managed-edition/public/preview.php/contao/preview', $response->getTargetUrl());
     }
 
     public function testDeniesAccessIfNotGranted(): void
     {
         $controller = new BackendPreviewController(
-            'preview.php',
+            '/preview.php',
             $this->createMock(FrontendPreviewAuthenticator::class),
             new EventDispatcher(),
             $this->mockAuthorizationChecker(false)
         );
 
-        $response = $controller($this->mockRequest());
+        $request = Request::create('https://localhost/preview.php/en/');
+        $request->server->set('SCRIPT_NAME', '/preview.php');
+        $request->server->set('SCRIPT_FILENAME', '/preview.php');
+
+        $response = $controller($request);
 
         $this->assertSame($response->getStatusCode(), Response::HTTP_FORBIDDEN);
     }
@@ -65,11 +88,13 @@ public function testAuthenticatesWhenUserParameterGiven(): void
             ->willReturn(true)
         ;
 
-        $request = $this->mockRequest();
+        $request = Request::create('https://localhost/managed-edition/preview.php/en/');
+        $request->server->set('SCRIPT_NAME', '/managed-edition/preview.php');
+        $request->server->set('SCRIPT_FILENAME', '/managed-edition/preview.php');
         $request->query->set('user', '9');
 
         $controller = new BackendPreviewController(
-            'preview.php',
+            '/preview.php',
             $previewAuthenticator,
             new EventDispatcher(),
             $this->mockAuthorizationChecker()
@@ -90,33 +115,34 @@ public function testDispatchesPreviewUrlConvertEvent(): void
         ;
 
         $controller = new BackendPreviewController(
-            'preview.php',
+            '/preview.php',
             $this->createMock(FrontendPreviewAuthenticator::class),
             $dispatcher,
             $this->mockAuthorizationChecker()
         );
 
+        $request = Request::create('https://localhost/preview.php/en/');
+        $request->server->set('SCRIPT_NAME', '/preview.php');
+        $request->server->set('SCRIPT_FILENAME', '/preview.php');
+
         /** @var RedirectResponse $response */
-        $response = $controller($this->mockRequest());
+        $response = $controller($request);
 
         $this->assertTrue($response->isRedirection());
     }
 
     public function testRedirectsToRootPage(): void
     {
         $controller = new BackendPreviewController(
-            'preview.php',
+            '/preview.php',
             $this->createMock(FrontendPreviewAuthenticator::class),
             new EventDispatcher(),
             $this->mockAuthorizationChecker()
         );
 
-        $request = $this->mockRequest();
-        $request
-            ->expects($this->once())
-            ->method('getBaseUrl')
-            ->willReturn('/preview.php')
-        ;
+        $request = Request::create('https://localhost/preview.php/en/');
+        $request->server->set('SCRIPT_NAME', '/preview.php');
+        $request->server->set('SCRIPT_FILENAME', '/preview.php');
 
         /** @var RedirectResponse $response */
         $response = $controller($request);
@@ -125,22 +151,6 @@ public function testRedirectsToRootPage(): void
         $this->assertSame('/preview.php/', $response->getTargetUrl());
     }
 
-    /**
-     * @return Request&MockObject
-     */
-    private function mockRequest(): Request
-    {
-        $request = $this->createMock(Request::class);
-        $request->query = new InputBag();
-
-        $request
-            ->method('getScriptName')
-            ->willReturn('preview.php')
-        ;
-
-        return $request;
-    }
-
     /**
      * @return AuthorizationCheckerInterface&MockObject
      */