TPAC: Odd Login to 404 behavior

Bug #1077203 reported by Dan Wells
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Evergreen
Fix Released
Medium
Unassigned
2.5
Fix Released
Medium
Unassigned

Bug Description

As it stands, in a default install, if you browse to

http://yourserver.com/eg/opac

you are redirected to a login page, and if you login, you then get to the 404 page. This behavior is caused by the fact that *any*
URLs which do not match a few select cases are assumed to be "secure" resources, when in fact they might not even exist.

This branch catches any attempt to browse this 'base' and simply redirects to the "home" page instead.

http://git.evergreen-ils.org/?p=working/Evergreen.git;a=shortlog;h=refs/heads/user/dbwells/tpac_base_redirect

While addresses the most obvious and likely 404 of this type, we might consider catching some other cases (e.g. eg/opac/record/).
In addition (or as an alternative), we could also create a function call which simply checks the validity of a URL before we ask the
user to login to see it.

I am tagging this as a pullrequest, as I think this small change makes the biggest difference, but I'd also like for this bug to have some conversation about how we want to deal with this behavior at the larger scale.

Thanks,
Dan

Tags: pullrequest
Revision history for this message
Michael Peters (mrpeters) wrote :

Confirmed the behavior. Not able to test the patch at this time, however.

Changed in evergreen:
status: New → Confirmed
Revision history for this message
Ben Shum (bshum) wrote :

Patch works, though I'm not entirely sure yet my feelings about the issue. In our consortium, we've used apache redirects to point people to the right place as long as their hostnames are correct.

I think checking for the validity of the URL prior to asking the user to login sounds reasonable though as a potential bigger fix idea.

Leaving this alone for the time being till we get more input for Dan.

Changed in evergreen:
importance: Undecided → Wishlist
importance: Wishlist → Undecided
Ben Shum (bshum)
Changed in evergreen:
milestone: 2.4.0-alpha1 → 2.4.0-beta
Ben Shum (bshum)
Changed in evergreen:
milestone: 2.4.0-beta → 2.4.0-rc
importance: Undecided → Medium
assignee: nobody → Dan Wells (dbw2)
Ben Shum (bshum)
Changed in evergreen:
milestone: 2.4.0-rc → none
Ben Shum (bshum)
no longer affects: evergreen/2.2
Dan Wells (dbw2)
no longer affects: evergreen/2.3
Changed in evergreen:
assignee: Dan Wells (dbw2) → nobody
milestone: none → 2.6.0-beta1
Revision history for this message
Bill Erickson (berick) wrote :

Leaving the bigger question alone for now, I think Dan's commit is sensible. Tested and merged to 2.4+. Thanks, Dan.

Changed in evergreen:
assignee: nobody → Bill Erickson (erickson-esilibrary)
status: Confirmed → Fix Committed
assignee: Bill Erickson (erickson-esilibrary) → nobody
Changed in evergreen:
status: Fix Committed → Fix Released
no longer affects: evergreen/2.4
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.