- Issue created by @codebymikey
- Merge request !35Issue #3420422: Ensure redirects work without leaking metadata β (Open) created by codebymikey
- Status changed to Needs review
about 1 year ago 3:23pm 9 February 2024 Initially thought of adding a wrapper around the code which returns the cacheable responses using a helper function like this:
/** * Returns a trusted response. * * Taking into account any bubbleable metadata generated. * * @param callable $callable * The callable to resolve the relevant response. * * @return \Drupal\Core\Cache\CacheableResponseInterface|mixed * The response. */ protected function wrapResponse(callable $callable) { $render_context = new RenderContext(); $cacheable_metadata = new BubbleableMetadata(); $response = $this->renderer->executeInRenderContext($render_context, $callable); if ($response) { if (!$render_context->isEmpty()) { $metadata = $render_context->pop(); $cacheable_metadata->addCacheableDependency($metadata); } if ($response instanceof CacheableResponseInterface) { $response->addCacheableDependency($cacheable_metadata); } elseif (is_array($response)) { BubbleableMetadata::createFromRenderArray($response) ->merge($cacheable_metadata) ->applyTo($response); } } return $response; }But it's probably not necessary, and makes the code a bit more ugly to maintain, so opted for stopping the specific metadata we're aware of from leaking.
I added a 3420422-on-3295745-redirect-support branch for supporting redirects in a way that's compatible with π Make it possible to use multiple Office 365 connectors (5.x) RTBC , as well as a static patch that's compatible with #18 π Make it possible to use multiple Office 365 connectors (5.x) RTBC (3.0.25)
- First commit to issue fork.
- π³π±Netherlands robertragas
There was a merge conflict with the latest code so I updated the MR and patch.
Regardless of the title description I also believe it would be good to have the exit() calls out of the code.
-
fabianderijk β
committed a779d5b6 on 5.0.x
Issue #3420422 by codebymikey, robertragas, batigolix: "Redirect after...
-
fabianderijk β
committed a779d5b6 on 5.0.x
- Status changed to Fixed
9 months ago 1:49pm 2 July 2024 - π³π±Netherlands fabianderijk Alphen aan den Rijn
I agree with the exits. All seems to work like it should, so I've committed the code. Thanks for the work!
Automatically closed - issue fixed for 2 weeks with no activity.
- πΊπΈUnited States NicholasS
I believe this change as introduced a cache issue, we are getting now this issues error https://www.drupal.org/project/o365/issues/3175599 β "OAuth2 Authorization code was already redeemed" but only for users attempting to login outside our network over Akamai. Akamai does not appear to be caching anything, but were going to try to roll back this versions and see if it fixes things.
- πΊπΈUnited States NicholasS
Ignore #12 for anyone else having a similar issue it turned out to be Akamai configuration issue preventing the origin server from working correctly (header was too large). Sorry for the false alarm.