Contrib.social

Link handling differs from Drupal 8's convention

Open on Drupal.org β†’
Created on 12 December 2017, over 7 years ago
Updated 24 April 2024, 12 months ago

The AutoLoginUrlLogin service assumes that links are still provided following Drupal 7 conventions so that internal links would need to have a / added at the start of the link. It checks for http:// or https:// before editing the destination to insert a / at the start of the link. But if the link provided follows Drupal 8 conventions and starts with a / it adds a second, which then leads to errors as Drupal now detects it as an external redirect and throws and error: Redirects to external URLs are not allowed by default, use \Drupal\Core\Routing\TrustedRedirectResponse for it.. Also if the links starts with // you have the same basic problem (you have to set the link to /www.example.com instead of //www.example.com).

It should be easy to add the / when there isn't one.

✨ Feature request
Status

Active

Version

2.0

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States acrosman South Carolina, US

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment about 2 years ago β†’
    System Message
  • Comment over 1 year ago β†’
    πŸ‡¦πŸ‡ΊAustralia code poet

    Closing. As noted changes already in 2.x

  • Status changed to Closed: outdated over 1 year ago
  • Comment over 1 year ago β†’
    πŸ‡¦πŸ‡ΊAustralia code poet
  • Status changed to Active 12 months ago
  • Comment 12 months ago β†’
    πŸ‡¬πŸ‡§United Kingdom steven jones

    I believe that actually this is still an issue in the module as such.

    The code in the module looks like this at the moment:

    $destination = urldecode($result['destination']);
$destination = (strpos($destination, 'http://') !== FALSE || strpos($destination, 'https://') !== FALSE) ?
   $destination :
   Url::fromUri('internal:/' . $destination, ['absolute' => TRUE])->toString();

return $destination;

    This means that if the $destination parameter has a leading / (which is the Drupal 8 default) then we're going to try and call fromUri on strings like: internal://something#fragment, which essentially resolves to: /#fragment. This ends up in a redirect loop to the auto login URL, and so your visitors get stuck one way or another.

    Since the module is still in alpha, I reckon we should change the API on \Drupal\auto_login_url\AutoLoginUrlCreate::create so that we accept a proper \Drupal\Core\Url object, which we can then do whatever we need to do internally, and save the caller from needing to know what we're going to do.

    At the moment, I'm having to do things like this when creating links:

    
$review_path = Url::fromRoute('entity.commerce_product.canonical', ['commerce_product' => $product->id()], ['fragment' => 'review-form'])
  ->toString();
$login_link = $this->autoLogin->create($order->getCustomerId(), ltrim($review_path, '/'), TRUE);

    Which is pretty ugly!

    It would be much nicer if I could do:

    $review_route = Url::fromRoute('entity.commerce_product.canonical', ['commerce_product' => $product->id()], ['fragment' => 'review-form']);
$login_link = $this->autoLogin->create($order->getCustomerId(), $review_route, TRUE);

    Alternatively, if we don't want to change the API, then one of the solutions as outlined on this ticket already, picking up on a leading / and handling that better would work too.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024