Return-Path: 
 <dev-return-53623-apmail-cocoon-dev-archive=cocoon.apache.org@cocoon.apache.org>
Delivered-To: apmail-cocoon-dev-archive@www.apache.org
Received: (qmail 76481 invoked from network); 4 Jan 2004 16:04:16 -0000
Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12)
  by minotaur-2.apache.org with SMTP; 4 Jan 2004 16:04:16 -0000
Received: (qmail 19315 invoked by uid 500); 4 Jan 2004 16:04:04 -0000
Delivered-To: apmail-cocoon-dev-archive@cocoon.apache.org
Received: (qmail 19257 invoked by uid 500); 4 Jan 2004 16:04:04 -0000
Mailing-List: contact dev-help@cocoon.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:dev-help@cocoon.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@cocoon.apache.org>
list-post: <mailto:dev@cocoon.apache.org>
Reply-To: dev@cocoon.apache.org
Delivered-To: mailing list dev@cocoon.apache.org
Received: (qmail 19173 invoked from network); 4 Jan 2004 16:04:03 -0000
Received: from unknown (HELO main.gmane.org) (80.91.224.249)
  by daedalus.apache.org with SMTP; 4 Jan 2004 16:04:03 -0000
Received: from list by main.gmane.org with local (Exim 3.35 #1 (Debian))
	id 1AdAjV-0006Fw-00
	for <dev@cocoon.apache.org>; Sun, 04 Jan 2004 17:04:05 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: dev@cocoon.apache.org
Received: from sea.gmane.org ([80.91.224.252])
	by main.gmane.org with esmtp (Exim 3.35 #1 (Debian))
	id 1AdAjU-0006Fo-00
	for <gmane-text-xml-cocoon-devel@m.gmane.org>;
 Sun, 04 Jan 2004 17:04:04 +0100
Received: from news by sea.gmane.org with local (Exim 3.35 #1 (Debian))
	id 1AdAjU-0003FB-00
	for <gmane-text-xml-cocoon-devel@m.gmane.org>;
 Sun, 04 Jan 2004 17:04:04 +0100
From: Sylvain Wallez <sylvain@apache.org>
Subject: Re: [Bug?] absolute redirection in flow appears not to be proxy safe
Date: Sun, 04 Jan 2004 17:03:59 +0100
Lines: 71
Message-ID: <bt9dhj$c5l$1@sea.gmane.org>
References: <26AA165A-3E17-11D8-A301-000393D2CB02@apache.org>
 <bt8lav$8k2$1@sea.gmane.org>
 <81345532-3EC2-11D8-9DB1-000393D2CB02@apache.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
X-Complaints-To: usenet@sea.gmane.org
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
 rv:1.5) Gecko/20031007
X-Accept-Language: fr, en, en-us
In-Reply-To: <81345532-3EC2-11D8-9DB1-000393D2CB02@apache.org>
Sender: news <news@sea.gmane.org>
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

Stefano Mazzocchi wrote:

>
> On 4 Jan 2004, at 10:10, Sylvain Wallez wrote:


<snip/>

>> The explanation is in the servlet spec for 
>> HttpServletResponse.sendRedirect: "If the location is relative with a 
>> leading '/' the container interprets it as relative to the servlet 
>> container root."
>>
>> Absolute paths don't redirect to the _webapp_ root, but the _servlet 
>> container_ root. This means that redirectTo("/index") produces a 
>> "http://localhost:8000/index" and not a "http://localhost:8000/B/index".
>>
>> Since the redirect location doesn't start with the ProxyPassReverse 
>> URL prefix, the httpd server sends that location verbatim to the 
>> browser.
>>
>> Et voil�: redirecting to the webapp root cannot be done with an 
>> absolute path.
>
>
> This does not explain why redirect('/') worked before when /A was 
> mount to / instead of /A. Or I'm missing something.


I assume your original httpd.conf was something like:
  ProxyPass /myApp http://localhost:8000/
  ProxyPassReverse /myApp http://localhost:8000/

When redirecting to "/index", the "Location" header is set by Jetty to 
"http://locahost:8000/index". As it starts with 
"http://localhost:8000/", mod_proxy translates it to 
"http://www.my.com/myApp/index" and everything is fine.

Now lets mount two apps on Jetty. I assume the httpd.conf looks like:
  ProxyPass /appA http://localhost:8000/A
  ProxyPassReverse /appA http://localhost:8000/A
  ProxyPass /appB http://localhost:8000/B
  ProxyPassReverse /appB http://localhost:8000/B

Calling "http://www.my.com/appB" calls in turn 
"http://localhost:8000/B". When the processing of this request does a 
redirect to "/index", the "Location" header is still 
"http://localhost:8000/index", as per the servlet specification I 
quoted. This header doesn't match the ProxyPassReverse directive, and 
thus mod_proxy leaves it unchanged.

The case of A is different in that the relative redirect goes back to 
the root of the _webapp_, whether it is mounted at the root of the 
servlet engine or not. This means that the "Location" header set by 
Jetty will be "http://localhost:8000/A/index". This header matches the 
ProxyPassReverse directive and therefore mod_proxy translates it to 
"http://www.my.com/appA/index".

When A was mounted on "/" there was no difference between redirecting to 
the servlet container root and redirecting to the webapp root.

Hope it's clearer.

Sylvain

-- 
Sylvain Wallez                                  Anyware Technologies
http://www.apache.org/~sylvain           http://www.anyware-tech.com
{ XML, Java, Cocoon, OpenSource }*{ Training, Consulting, Projects }
Orixo, the opensource XML business alliance  -  http://www.orixo.com