cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefano Mazzocchi <stef...@apache.org>
Subject Re: [Bug?] absolute redirection in flow appears not to be proxy safe
Date Sun, 04 Jan 2004 17:25:17 GMT

On 4 Jan 2004, at 17:03, Sylvain Wallez wrote:

> Stefano Mazzocchi wrote:
>
>>
>> On 4 Jan 2004, at 10:10, Sylvain Wallez wrote:
>
>
> <snip/>
>
>>> The explanation is in the servlet spec for 
>>> HttpServletResponse.sendRedirect: "If the location is relative with 
>>> a leading '/' the container interprets it as relative to the servlet 
>>> container root."
>>>
>>> Absolute paths don't redirect to the _webapp_ root, but the _servlet 
>>> container_ root. This means that redirectTo("/index") produces a 
>>> "http://localhost:8000/index" and not a 
>>> "http://localhost:8000/B/index".
>>>
>>> Since the redirect location doesn't start with the ProxyPassReverse 
>>> URL prefix, the httpd server sends that location verbatim to the 
>>> browser.
>>>
>>> Et voilĂ : redirecting to the webapp root cannot be done with an 
>>> absolute path.
>>
>>
>> This does not explain why redirect('/') worked before when /A was 
>> mount to / instead of /A. Or I'm missing something.
>
>
> I assume your original httpd.conf was something like:
>  ProxyPass /myApp http://localhost:8000/
>  ProxyPassReverse /myApp http://localhost:8000/
>
> When redirecting to "/index", the "Location" header is set by Jetty to 
> "http://locahost:8000/index". As it starts with 
> "http://localhost:8000/", mod_proxy translates it to 
> "http://www.my.com/myApp/index" and everything is fine.
>
> Now lets mount two apps on Jetty. I assume the httpd.conf looks like:
>  ProxyPass /appA http://localhost:8000/A
>  ProxyPassReverse /appA http://localhost:8000/A
>  ProxyPass /appB http://localhost:8000/B
>  ProxyPassReverse /appB http://localhost:8000/B
>
> Calling "http://www.my.com/appB" calls in turn 
> "http://localhost:8000/B". When the processing of this request does a 
> redirect to "/index", the "Location" header is still 
> "http://localhost:8000/index", as per the servlet specification I 
> quoted. This header doesn't match the ProxyPassReverse directive, and 
> thus mod_proxy leaves it unchanged.
>
> The case of A is different in that the relative redirect goes back to 
> the root of the _webapp_, whether it is mounted at the root of the 
> servlet engine or not. This means that the "Location" header set by 
> Jetty will be "http://localhost:8000/A/index". This header matches the 
> ProxyPassReverse directive and therefore mod_proxy translates it to 
> "http://www.my.com/appA/index".
>
> When A was mounted on "/" there was no difference between redirecting 
> to the servlet container root and redirecting to the webapp root.
>
> Hope it's clearer.

It is!

Thanks a lot!

--
Stefano.


Mime
View raw message