Possible bug with Redirect::intended() method

[dvlpp]

I'm using version 4.0.x-dev 5076824 of the Laravel Framework.

For some reason I can't understand, when I'm using the Redirect::intended() method after login I'm always sent to the fournisseurs/ax_getListProduits URL of my routes file, whatever is my real intended URL, with 2 exceptions:

• if I remove this the post fournisseurs/ax_getListProduits route, everything OK
• if I add a echo Session::get('url.intended'); call before the login page display, the correct intended URL is displayed, and it works (if I don't and add this code after Auth::attempt, I'm sent to fournisseurs/ax_getListProduits.

Below are my routes file, and my login controller code:

routes.php

Route::group(array('before' => 'auth'), function() {
  Route::get('/', array("as"=>"home", function() {
  return Redirect::to("fournisseurs");
  }));
  Route::resource('usergroups', 'UsergroupsController');
  Route::get('fournisseurs/ax_produits', 'FournisseursController@ax_produits');
  Route::post('fournisseurs/ax_getProduit', 'FournisseursController@ax_getProduit');
  Route::post('fournisseurs/ax_updProduit', 'FournisseursController@ax_updProduit');
  Route::post('fournisseurs/ax_getListProduits', 'FournisseursController@ax_getListProduits');
  Route::resource('fournisseurs', 'FournisseursController');

  Route::resource('adresses', 'AdressesController', array('only' => array('store', 'destroy', 'edit', 'update')));
  Route::get('/adresses/create/{frs_id}', array('as'=>'adresses.create', 'uses'=>'AdressesController@create'));

  Route::resource('contacts', 'ContactsController', array('only' => array('store', 'destroy', 'edit', 'update')));
  Route::get('/contacts/create/{frs_id}', array('as'=>'contacts.create', 'uses'=>'ContactsController@create'));
});

Route::get('login', array('as' => 'login', 'uses' => 'SessionsController@create'));
Route::get('logout', array('as' => 'logout', 'uses' => 'SessionsController@destroy'));
Route::resource('sessions', 'SessionsController', array('only' => array('create', 'store', 'destroy')));

Login controller:

class SessionsController extends BaseController {
    public function create()
    {
// if I uncomment the following line, everything is OK
//  echo Session::get('url.intended');
        return View::make('sessions.create');
    }

    public function store()
    {
        $input = Input::all();

        $attempt = Auth::attempt(array(
            "nom" => $input["nom"],
            "password" => $input["password"]
        ));

        if($attempt) return Redirect::intended("/");

        return Redirect::back()->with("flash_error", "Nom ou mot de passe invalide")->withInput();
    }

    public function destroy()
    {
        Auth::logout();
        return Redirect::home();
    }

}

[taylorotwell]

What do you filters look like?

[dvlpp]

I don't have any user defined filter (only using the Laravel "auth" one). The routes file I posted is complete, except for a Validator extension and a Form macro.

[taylorotwell]

Hmm, well I'm not sure what to do then. There is nothing really actionable here for me to look at. Maybe try asking on the forums or StackOverflow, or try recreating an example in a fresh installation that reproduces the bug.

[lisa-fehr]

I think this is still an issue. If I alter the vendor file I can get it to ignore sending people back to an ajax called url. But I haven't found another solution to this problem yet.

File: /vendor/laravel/framework/src/Illuminate/Routing/Redirector.php
79:     public function guest($path, $status = 302, $headers = array(), $secure = null)
80:     {
81:         if (!\Request::ajax()) // do not return to a url requested via ajax
82:         {
83:             $this->session->put('url.intended', $this->generator->full());
84:         }
85:         return $this->to($path, $status, $headers, $secure);
86:     }