Trac login forgets referrer when switching from http: to https:
|Reported by:||Dirk Stöcker||Owned by:||Christian Boos|
My site is designed so that the login request sends it to https. Afterwards trac stays at https, which is desired. Now the problem is, that it looses the referrer on doing so. Looking at trac/web/auth.py the check always assumes that the function _redirect_back needs to take into account, that the http/https prefix may differ.
I use "use_base_url_for_redirect=false" BTW.
236 def _redirect_back(self, req): 237 """Redirect the user back to the URL she came from.""" 238 referer = self._referer(req) 239 if referer and referer.startswith(('http://', 'https://')) \ 240 and not (referer == req.base_url or \ 241 referer.startswith(req.base_url.rstrip('/') + '/')): 242 # only redirect to referer if it is from the same site 243 referer = None 244 if referer and referer.rstrip('/') == req.base_url.rstrip('/') \ 245 + req.path_info.rstrip('/'): 246 # Avoid redirect loops 247 referer = None 248 req.redirect(referer or req.abs_href())
Switching to https: first and doing login afterwards works as expected.