[TAP5-613] Returning a Link to a secure page from an ajax event handler method causes the redirect to be invalid if the event is sent from an insecure page - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 5.0.18
Fix Version/s: 5.1.0.4
Component/s: tapestry-core
Labels:
None

Description

I think there's something wrong with the way tapestry handles redirects from Ajax requests. I'm having the following problem: I have a page, say:

http://localhost/mytapestryapp/resetpassword

with a form that sends an ajax submit request and the request handler returns a Link which leads to my login page annotated with @Secure. The link factory therefore creates an absolute link like this:

https://localhost/mytapestryapp/login/confirmpasswordreset

Unfortunately javascript code in tapestry.js uses location.pathname (which afaik changes only the context path of the location) to set the redirect address. The result is that I'm being redirected to the following page:

http://localhost/https://localhost/mytapestryapp/login/confirmpasswordreset

It works this way on IE and mozilla-based browsers - checked it on Firefox 3.0.7, Epiphany 2.24.3, IE 6.0. It does however work correctly on Opera 9.6 probably because of the differences in how location.pathname is handled.

Attachments

Activity

People

Assignee:: Howard Lewis Ship

Reporter:: Olaf Tomczak

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 31/Mar/09 11:18

Updated:: 14/Apr/09 22:21

Resolved:: 14/Apr/09 22:21