Return-Path: 
 <dev-return-53625-apmail-cocoon-dev-archive=cocoon.apache.org@cocoon.apache.org>
Delivered-To: apmail-cocoon-dev-archive@www.apache.org
Received: (qmail 96134 invoked from network); 4 Jan 2004 17:23:13 -0000
Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12)
  by minotaur-2.apache.org with SMTP; 4 Jan 2004 17:23:12 -0000
Received: (qmail 89179 invoked by uid 500); 4 Jan 2004 17:23:04 -0000
Delivered-To: apmail-cocoon-dev-archive@cocoon.apache.org
Received: (qmail 88897 invoked by uid 500); 4 Jan 2004 17:23:02 -0000
Mailing-List: contact dev-help@cocoon.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:dev-help@cocoon.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@cocoon.apache.org>
list-post: <mailto:dev@cocoon.apache.org>
Reply-To: dev@cocoon.apache.org
Delivered-To: mailing list dev@cocoon.apache.org
Received: (qmail 88880 invoked from network); 4 Jan 2004 17:22:59 -0000
Received: from unknown (HELO pulse.betaversion.org) (217.158.110.65)
  by daedalus.apache.org with SMTP; 4 Jan 2004 17:22:59 -0000
Received: (qmail 13054 invoked from network); 4 Jan 2004 17:22:58 -0000
Received: from unknown (HELO ?192.168.2.41?) (stefano@80.105.91.155)
  by pulse.betaversion.org with SMTP; 4 Jan 2004 17:22:58 -0000
Mime-Version: 1.0 (Apple Message framework v609)
In-Reply-To: <bt9dhj$c5l$1@sea.gmane.org>
References: <26AA165A-3E17-11D8-A301-000393D2CB02@apache.org>
 <bt8lav$8k2$1@sea.gmane.org>
 <81345532-3EC2-11D8-9DB1-000393D2CB02@apache.org>
 <bt9dhj$c5l$1@sea.gmane.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Message-Id: <F6CC48D5-3EDA-11D8-9DB1-000393D2CB02@apache.org>
Content-Transfer-Encoding: quoted-printable
From: Stefano Mazzocchi <stefano@apache.org>
Subject: Re: [Bug?] absolute redirection in flow appears not to be proxy safe
Date: Sun, 4 Jan 2004 18:25:17 +0100
To: dev@cocoon.apache.org
X-Mailer: Apple Mail (2.609)
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N


On 4 Jan 2004, at 17:03, Sylvain Wallez wrote:

> Stefano Mazzocchi wrote:
>
>>
>> On 4 Jan 2004, at 10:10, Sylvain Wallez wrote:
>
>
> <snip/>
>
>>> The explanation is in the servlet spec for=20
>>> HttpServletResponse.sendRedirect: "If the location is relative with=20=

>>> a leading '/' the container interprets it as relative to the servlet=20=

>>> container root."
>>>
>>> Absolute paths don't redirect to the _webapp_ root, but the _servlet=20=

>>> container_ root. This means that redirectTo("/index") produces a=20
>>> "http://localhost:8000/index" and not a=20
>>> "http://localhost:8000/B/index".
>>>
>>> Since the redirect location doesn't start with the ProxyPassReverse=20=

>>> URL prefix, the httpd server sends that location verbatim to the=20
>>> browser.
>>>
>>> Et voil=E0: redirecting to the webapp root cannot be done with an=20
>>> absolute path.
>>
>>
>> This does not explain why redirect('/') worked before when /A was=20
>> mount to / instead of /A. Or I'm missing something.
>
>
> I assume your original httpd.conf was something like:
>  ProxyPass /myApp http://localhost:8000/
>  ProxyPassReverse /myApp http://localhost:8000/
>
> When redirecting to "/index", the "Location" header is set by Jetty to=20=

> "http://locahost:8000/index". As it starts with=20
> "http://localhost:8000/", mod_proxy translates it to=20
> "http://www.my.com/myApp/index" and everything is fine.
>
> Now lets mount two apps on Jetty. I assume the httpd.conf looks like:
>  ProxyPass /appA http://localhost:8000/A
>  ProxyPassReverse /appA http://localhost:8000/A
>  ProxyPass /appB http://localhost:8000/B
>  ProxyPassReverse /appB http://localhost:8000/B
>
> Calling "http://www.my.com/appB" calls in turn=20
> "http://localhost:8000/B". When the processing of this request does a=20=

> redirect to "/index", the "Location" header is still=20
> "http://localhost:8000/index", as per the servlet specification I=20
> quoted. This header doesn't match the ProxyPassReverse directive, and=20=

> thus mod_proxy leaves it unchanged.
>
> The case of A is different in that the relative redirect goes back to=20=

> the root of the _webapp_, whether it is mounted at the root of the=20
> servlet engine or not. This means that the "Location" header set by=20
> Jetty will be "http://localhost:8000/A/index". This header matches the=20=

> ProxyPassReverse directive and therefore mod_proxy translates it to=20
> "http://www.my.com/appA/index".
>
> When A was mounted on "/" there was no difference between redirecting=20=

> to the servlet container root and redirecting to the webapp root.
>
> Hope it's clearer.

It is!

Thanks a lot!

--
Stefano.