Opened 17 years ago

Closed 17 years ago

Last modified 17 years ago

#9199 closed (fixed)

Common middleware PREPEND_WWW broken

Reported by: Gonzalo Saavedra Owned by: nobody
Component: Core (Other) Version: dev
Severity: Keywords:
Cc: Gonzalo Saavedra Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

I think theres a bug in CommonMiddleware's PREPEND_WWW and it's not working as expected.

I think the bug was introduced after [8456], it will prepend 'www.' only if request.path_info doesn't have a trailing slash. I have reproduced this running under the dev web server and apache. Patch attached.

Attachments (3)

patch.diff (501 bytes ) - added by Gonzalo Saavedra 17 years ago.
patch2.diff (2.9 KB ) - added by Gonzalo Saavedra 17 years ago.
patch2_tests_added.diff (4.4 KB ) - added by Gonzalo Saavedra 17 years ago.
Added tests to patch2.diff

Download all attachments as: .zip

Change History (11)

by Gonzalo Saavedra, 17 years ago

Attachment: patch.diff added

comment:1 by Roman Barczyński, 17 years ago

works for me

comment:2 by Chris Beaven, 17 years ago

Needs tests: set
Triage Stage: UnreviewedAccepted

Patch looks good - it does look like that was a bad change in r8456

This would be a good ticket to add tests for PREPEND_WWW.

comment:3 by Malcolm Tredinnick, 17 years ago

Needs tests: unset
Patch needs improvement: set

No, this patch is bad. The problem report looks valid enough, but it doesn't seem to be caused by this line (or, if it is, it needs to be fixed differently). Any calls to Django's URL resolver must use request.path_info and new_url[1] is the same as request.path, which will include the SCRIPT_NAME prefix. Django's URL resolver doesn't care (and shouldn't know) about the script name prefix -- it won't work if you pass in something with such a script name. That's exactly why r8456 was introduced (as discussed in the ticket the changeset refers to; all the history is available).

This stuff is almost impossible to test in the automated test suite as a practical matter, since it requires control over domain names and installation paths, so I'm not too worried about manual testing for this stuff. But the patch still has to be correct.

comment:4 by Chris Beaven, 17 years ago

Oops, I brushed over the details and put my foot in it. Malcolm's right that this isn't the correct fix - but the issue is definitely around this line.

The whole logic being used here is a bit messed up. That resolve depends on needing a slash to be entered - it could just be a www change which is needed.

comment:5 by Gonzalo Saavedra, 17 years ago

Cc: Gonzalo Saavedra added
Needs tests: set
Patch needs improvement: unset

Thank you Malcom, now the problem it's much clear.

I think we should just move the last resolve. Chris is right and It only makes sense to try that resolve if we are adding a trailing slash. I'm attaching a new patch.

by Gonzalo Saavedra, 17 years ago

Attachment: patch2.diff added

by Gonzalo Saavedra, 17 years ago

Attachment: patch2_tests_added.diff added

Added tests to patch2.diff

comment:6 by Gonzalo Saavedra, 17 years ago

Needs tests: unset

Added some simple test cases.

comment:7 by Malcolm Tredinnick, 17 years ago

Resolution: fixed
Status: newclosed

Fixed in r9184.

comment:8 by Malcolm Tredinnick, 17 years ago

(In [9185]) [1.0.X] Fixed #9199 -- We were erroneously only prepending "www" to the domain
if we also needed to append a slash (when PREPEND_WWW=True).

Based on a patch and tests from gonz. Thanks.

Backport of r9184 from trunk.

Note: See TracTickets for help on using tickets.
Back to Top