Commit 99066fb2 authored by Vincent Pelletier's avatar Vincent Pelletier

all: Ignore language when checking if URL is prefixed by WebSite's url

Otherwise
  https://example.com/foo
would match
  https://example.com/
but not the language-selector
  https://example.com/en/
parent b70c1c62
Pipeline #36953 failed with stage
in 0 seconds
...@@ -7,7 +7,7 @@ ...@@ -7,7 +7,7 @@
came_from python: request.get('came_from') or request.get('field_came_from'); came_from python: request.get('came_from') or request.get('field_came_from');
isAnon here/portal_membership/isAnonymousUser | nothing; isAnon here/portal_membership/isAnonymousUser | nothing;
url_topmost_document python: here.Base_getURLTopmostDocumentValue(); url_topmost_document python: here.Base_getURLTopmostDocumentValue();
came_from_valid python: not came_from or url_topmost_document.isURLAncestorOf(came_from);"> came_from_valid python: not came_from or url_topmost_document.getOriginalDocument().isURLAncestorOf(came_from);">
<tal:block tal:condition="isAnon"> <tal:block tal:condition="isAnon">
<tal:block tal:define="dummy python: response.expireCookie('__ac', path='/'); <tal:block tal:define="dummy python: response.expireCookie('__ac', path='/');
url python: '%s/login_form?portal_status_message=%s' % (here.absolute_url(), here.Base_translateString('Login and/or password is incorrect.')); url python: '%s/login_form?portal_status_message=%s' % (here.absolute_url(), here.Base_translateString('Login and/or password is incorrect.'));
......
topmost_url_document = context.Base_getURLTopmostDocumentValue() topmost_url_document = context.Base_getURLTopmostDocumentValue()
if not topmost_url_document.isURLAncestorOf(cancel_url): if not topmost_url_document.getOriginalDocument().isURLAncestorOf(cancel_url):
return context.ERP5Site_redirect(topmost_url_document.absolute_url(), return context.ERP5Site_redirect(topmost_url_document.absolute_url(),
keep_items={'portal_status_message': 'Redirection to an external site prevented.'}, keep_items={'portal_status_message': 'Redirection to an external site prevented.'},
**kw) **kw)
......
...@@ -40,7 +40,7 @@ if REQUEST.get('is_user_account_password_expired_expire_date'): ...@@ -40,7 +40,7 @@ if REQUEST.get('is_user_account_password_expired_expire_date'):
hour_minute=1)})}) hour_minute=1)})})
topmost_url_document = context.Base_getURLTopmostDocumentValue() topmost_url_document = context.Base_getURLTopmostDocumentValue()
if not topmost_url_document.isURLAncestorOf(url): if not topmost_url_document.getOriginalDocument().isURLAncestorOf(url):
return topmost_url_document.Base_redirect( return topmost_url_document.Base_redirect(
keep_items={ keep_items={
'portal_status_message': translateString('Redirection to an external site prevented.'), 'portal_status_message': translateString('Redirection to an external site prevented.'),
......
  • I think we have failures like https://erp5js.nexedi.net/#/test_result_module/20240923-13084D824/315 because getOriginalDocument is not defined on ERP5Site, so when logged_in is called on the context of portal object, this fails.

    With 5820860d test would pass, but I'm not sure if it's the best fix.

  • Oh, nice catch, thanks.

    IMHO the best fix is to get ERP5Site to inherit from Base (and possibly more, so it becomes a more normal document - like being able to call activate on it). I expect bootstrap to be possible given how portal_types is a portal-typed document itself, for example. But in the meantime I think your proposed commit should be the best. Could you push it to master please ?

  • Thanks, yes also I have the same feeling that ERP5Site should inherit from Base. Every time we changed class hierarchy it was more complex than what I expected, so for now pushing this fix is enough but it's something we should try one day.

Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment