Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

infinite redirect under certain circumstances #1210

Closed
fritzmg opened this issue Nov 30, 2017 · 1 comment
Closed

infinite redirect under certain circumstances #1210

fritzmg opened this issue Nov 30, 2017 · 1 comment
Assignees
@leofeyer
Labels
bug
Milestone
4.4

Comments

@fritzmg
Copy link
Contributor

fritzmg commented Nov 30, 2017
edited

This code

// Redirect to the website root or language root (e.g. en/)
if (\Environment::get('relativeRequest') == '')
{
    if (\Config::get('addLanguageToUrl') && !\Config::get('doNotRedirectEmpty'))
    {
        $arrParams = array('_locale' => $objRootPage->language);

        $strUrl = \System::getContainer()->get('router')->generate('contao_index', $arrParams);
        $strUrl = substr($strUrl, strlen(\Environment::get('path')) + 1);

        static::redirect($strUrl, 301);
    }
    elseif (($objPage = \PageModel::findFirstPublishedByPid($objRootPage->id)) !== null)
    {
        // Redirect if the page is not the language fall back or the alias is not "index" or "/" (see #8498 and #8560)
        if (!$objRootPage->fallback || !in_array($objPage->alias, array('index', '/')))
        {
            static::redirect($objPage->getFrontendUrl(), 302);
        }
    }
}

from Frontend.php#L343-L363 causes an infinite redirect under the following setup for example:

Reproduction

  1. Create the following website structure: screenshot-2017-11-30 site structure - contao open source cms
    • Set a page layout for each website root.
    • The English website root has the language en set and is not the fallback.
    • The German website root has the language de set and it is the fallback.
    • The English Home page has the Alias index, the German Home page has the Alias home.
  2. Set contao.prepend_locale to false.
  3. Set the primary language of your browser to en.

Open the website (without a request parameter) in the frontend. Contao will redirect you infinite times.

Cause

Since addLanguageToUrl is false, we will arrive at this bit of code:

elseif (($objPage = \PageModel::findFirstPublishedByPid($objRootPage->id)) !== null)
{
    // Redirect if the page is not the language fall back or the alias is not "index" or "/" (see #8498 and #8560)
    if (!$objRootPage->fallback || !in_array($objPage->alias, array('index', '/')))
    {
        static::redirect($objPage->getFrontendUrl(), 302);
    }
}

Since the Accept-Language is en the root page found from

$objRootPage = \PageModel::findFirstPublishedRootByHostAndLanguage($host, $accept_language);

will be the english one and the first published page within that website root is the English Home page with the alias index. However, since that website root is not defined as the fallback language, Contao will redirect to the first published page within the website root. And since that page has the alias index, the redirect will be an empty request and the whole thing starts over again.
@leofeyer leofeyer added the bug label Dec 7, 2017
@leofeyer leofeyer added this to the 4.4.9 milestone Dec 7, 2017
@leofeyer leofeyer self-assigned this Dec 14, 2017
leofeyer added a commit that referenced this issue Dec 14, 2017
@leofeyer
Prevent infinite redirects if the „add language to URL“ option is not…
8bdd923 
… set (see #1210).
@leofeyer
Copy link
Member

Fixed in 8bdd923.

@leofeyer leofeyer modified the milestones: 4.4.9, 4.4 May 14, 2019
leofeyer pushed a commit that referenced this issue Jan 17, 2020
@richardhj @leofeyer
Show preview toolbar on error pages (see #1210)
e48ce15 
Description
-----------

The preview toolbar is not present on any error page.

So in case you have a restricted webpage and the first page is a login form with HTTP code 401, not having the preview toolbar is an issue.

The preview toolbar should explicitly be available on pages with error code
- 401
- 403
- 404

I decided to allow any HTTP codes expect 300-399 (redirects) and 500-599 (server errors).

Commits
-------

61aaf093 Show preview toolbar on error pages
leofeyer pushed a commit that referenced this issue Jan 18, 2020
@richardhj @leofeyer
Change the allowed status codes for preview bar injection (see #1213)
b5590b2 
Description
-----------

Please refer to #1210

Commits
-------

44d0b0e7 Change allowed status codes for preview bar injection
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@leofeyer leofeyer

Labels
bug
Projects
None yet
Milestone
4.4
Development

No branches or pull requests
2 participants
@leofeyer @fritzmg