tapestry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Scandroli (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (TAP5-1973) :443 added to URLs when using the Link.toAbsoluteURI(true)
Date Wed, 06 Feb 2013 11:29:16 GMT

    [ https://issues.apache.org/jira/browse/TAP5-1973?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13572351#comment-13572351
] 

Alejandro Scandroli commented on TAP5-1973:
-------------------------------------------


This fix has a side effect.
As commented in http://tapestry.1045711.n5.nabble.com/Tapestry-HTTPS-redirect-to-port-80-td5719759.html
If SymbolConstants.HOSTPORT and SymbolConstants.HOSTPORT_SECURE are not set, then when redirecting
from insecure to secure you end up with and URL like this one: https://yourhost:80  

Here is the test to expose the little bug:

    @Test
    public void secure_url_without_condifured_hostports()
    {
        expect(request.getServerPort()).andReturn(80).once();
        expect(request.isSecure()).andReturn(false).once();

        replay();

        BaseURLSource baseURLSource = new BaseURLSourceImpl(request, "localhost", 0, 0);

        assertEquals(baseURLSource.getBaseURL(true), "https://localhost");

        verify();
    }


A posible solution would be to only use request.getServerPort() if request.isSecure() == secure

Can this issue be reopened or should I file a new issue with the proposed solution?



                
> :443 added to URLs when using the Link.toAbsoluteURI(true)
> ----------------------------------------------------------
>
>                 Key: TAP5-1973
>                 URL: https://issues.apache.org/jira/browse/TAP5-1973
>             Project: Tapestry 5
>          Issue Type: Bug
>          Components: tapestry-core
>    Affects Versions: 5.3.4, 5.4
>            Reporter: Howard M. Lewis Ship
>            Assignee: Howard M. Lewis Ship
>              Labels: fixed-in-5.4-js-rewrite
>             Fix For: 5.3.5, 5.4
>
>
> An error in the code means that when secure is true and the port is set to 443, then
":443" is appended:
>         int port = secure ? secureHostPort : hostPort;
>         String portSuffix = "";
>         if (port <= 0) { 
>             port = request.getServerPort();
>             int schemeDefaultPort = request.isSecure() ? 443 : 80;
>             portSuffix = port == schemeDefaultPort ? "" : ":" + port;
>         }
>         else if (secure && port != 443) portSuffix = ":" + port;
>         else if (port != 80) portSuffix = ":" + port;
>         
>         String hostname = "".equals(this.hostname) ? request.getServerName() : this.hostname.startsWith("$")
? System.getenv(this.hostname.substring(1)) : this.hostname;
>         
>         return String.format("%s://%s%s", secure ? "https" : "http", hostname, portSuffix);
> secure == true && port != 443 is false, so
> port != 80 is evaluated, it true, so
> ":443" is appended.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message