View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0008672 | mantisbt | printing | public | 2007-12-13 01:59 | 2008-01-19 04:25 |
| Reporter | nijel | Assigned To | giallu | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | duplicate | ||
| Product Version | 1.0.8 | ||||
| Summary | 0008672: HTTP redirects should contain full URL | ||||
| Description | HTTP Location header should contain absolute URL (see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30), but Mantis fills in only last part of it. This makes troubles in combination with some webservers and browsers. Attached patch fixes this issue. | ||||
| Tags | No tags attached. | ||||
| Attached Files | mantis-redirect.patch (1,061 bytes)
--- core/print_api.php.orig 2007-12-13 07:51:40.000000000 +0100
+++ core/print_api.php 2007-12-13 07:53:54.000000000 +0100
@@ -27,12 +27,14 @@
# If we have handled any errors on this page and the 'stop_on_errors' config
# option is turned on, return false and don't redirect.
function print_header_redirect( $p_url, $p_die = true, $p_sanitize = false ) {
+ global $g_path;
+
$t_use_iis = config_get( 'use_iis');
if ( ON == config_get( 'stop_on_errors' ) && error_handled() ) {
return false;
}
-
+
# validate the url as part of this site before continuing
if ( $p_sanitize ) {
$t_url = string_sanitize_url( $p_url );
@@ -40,6 +42,11 @@
$t_url = $p_url;
}
+ # URL should be absolute
+ if (stristr($t_url, 'http://') === FALSE && stristr($t_url, 'https://') === FALSE ) {
+ $t_url = $g_path . $t_url;
+ }
+
# don't send more headers if they have already been sent (guideweb)
if ( ! headers_sent() ) {
header( 'Content-Type: text/html; charset=' . lang_get( 'charset' ) );
| ||||
