Make test for setting "next" cookie more general
Summary: Ref T6870. Since it does not make sense to redirect the user to the login form after they log in, we try not to set the login form as the `next` cookie. However, the current check is hard-coded to `/auth/start/`, and the form can also be served at `/login/`. This has no real effect on normal users, but did make debugging T6870 confusing. Instead of using a hard-coded path check, test if the controller was delegated to. If it was, store the URI. If it's handling the request without delegation, don't. Test Plan: - Visited login form at `/login/` and `/auth/start/`, saw it not set a next URI. - Visited login form at `/settings/` (while logged out), saw it set a next URI. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley, lpriestley Maniphest Tasks: T6870 Differential Revision: https://secure.phabricator.com/D11292
This commit is contained in:
@@ -77,17 +77,23 @@ final class PhabricatorAuthStartController
|
||||
}
|
||||
|
||||
$next_uri = $request->getStr('next');
|
||||
if (!$next_uri) {
|
||||
$next_uri_path = $this->getRequest()->getPath();
|
||||
if ($next_uri_path == '/auth/start/') {
|
||||
$next_uri = '/';
|
||||
} else {
|
||||
$next_uri = $this->getRequest()->getRequestURI();
|
||||
if (!strlen($next_uri)) {
|
||||
if ($this->getDelegatingController()) {
|
||||
// Only set a next URI from the request path if this controller was
|
||||
// delegated to, which happens when a user tries to view a page which
|
||||
// requires them to login.
|
||||
|
||||
// If this controller handled the request directly, we're on the main
|
||||
// login page, and never want to redirect the user back here after they
|
||||
// login.
|
||||
$next_uri = (string)$this->getRequest()->getRequestURI();
|
||||
}
|
||||
}
|
||||
|
||||
if (!$request->isFormPost()) {
|
||||
PhabricatorCookies::setNextURICookie($request, $next_uri);
|
||||
if (strlen($next_uri)) {
|
||||
PhabricatorCookies::setNextURICookie($request, $next_uri);
|
||||
}
|
||||
PhabricatorCookies::setClientIDCookie($request);
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user