Contrib.social

Can't access whitelisted paths for inactive domains

Open on Drupal.org β†’
Created on 12 October 2020, over 4 years ago
Updated 11 June 2025, 2 days ago

Problem/Motivation

I'm running into a strange issue where I can't access the /user/login page on an inactive domain even though /user/login is whitelisted at /admin/config/domain/settings. I always get redirected to the default domain's login page.

I dug into the code a little bit and set a breakpoint in Drupal\domain\Access\DomainAccessCheck::checkPath().

public function checkPath($path) {
  $allowed_paths = $this->configFactory->get('domain.settings')->get('login_paths');
  return !$this->pathMatcher->matchPath($path, $allowed_paths); // BREAKPOINT HERE
}

Interestingly, I found that $path, which is the result of Symfony\Component\Routing\Route::getPath(), seems to always return a path without the preceding "/", e.g it returns user/login rather than /user/login. I thought I might've misconfigured, but I checked domain's default configuration, and it sets the user login and password reset paths with the preceding slash, i.e. I'm using the default configuration.

No problem, though, it's simple enough to fix, so I updated my configuration to use user/login without the preceding slash. Surprisingly, this still doesn't work! However, now, instead of being redirected to the default domain's login page, I see "You're not authorized...", i.e. a 403, and I remain at the url for my inactive domain's user login page. Bizarre!

Out of curiosity, I tried whitelisting /user/login and user/login and, amazingly, I can access the /user/login form fine and login with no problems. It seems that I can only access any of these paths after whitelisting it with and without the preceding slash.

Steps to reproduce

  1. Create a default domain
  2. Create another domain, e.g. other.example.com, but set it as inactive
  3. Attempt to access other.exmaple/com/user/login

I'm using Domain 8.x-1.0-beta2 with Drupal 8.9.x.

Proposed Resolution

No clue.

πŸ› Bug report
Status

Active

Version

2.0

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States sonfd Portland, ME

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment 2 days ago β†’
    πŸ‡¬πŸ‡§United Kingdom ded

    I have run into the same issue with 2.0.0-beta2. I changed the whitelisted paths to not start with a slash so 

    user/login
user/password

    and then they were accessible.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024