You are here: Foswiki>Tasks Web>Item1527 (26 Jun 2010, ItaloValcy)Edit Attach

Item1527: RedirectPlugin can cause infinite loop

pencil
Priority: Urgent
Current State: Closed
Released In:
Target Release: minor
Applies To: Extension
Component: RedirectPlugin
Branches:
Reported By: WillNorris
Waiting For:
Last Change By: ItaloValcy
RedirectPlugin needs protection from redirect loops. here's the simplest case:

TopicA: REDIRECT{TopicB} TopicB: REDIRECT{TopicA}

this could be solved by either of these solutions
  • have a maximum redirect count
  • detect circular references (that is, if you're been redirected to a topic that you've already "seen")

-- WillNorris - 25 Apr 2009

I've been working in this task and I think that we can solve this by using redirectedfrom parameter to keep a history of topics that we had already seen. Thus, if you're been to a topic that you've already 'seen' we stop the redirection (as proposed by Will).

In order to keep the history of visited topics (using some redirectedfrom URL parameters) we need to deal with multivalued CGI parameters. Currently the plugin does not handly such feature. So I needed to modify the plugin according.

Here's a patch that I made from http://svn.foswiki.org/trunk/RedirectPlugin: 
Index: lib/Foswiki/Plugins/RedirectPlugin.pm
===================================================================
--- lib/Foswiki/Plugins/RedirectPlugin.pm   (revision 7221)
+++ lib/Foswiki/Plugins/RedirectPlugin.pm   (working copy)
@@ -73,8 +73,10 @@
         my $queryString = "";
         my $param;
         foreach my $param ( $query->param ) {
-            $queryString .= "&" if $queryString;
-            $queryString .= "$param=" . $query->param("$param");
+            foreach ( $query->param("$param") ) {
+                $queryString .= "&" if $queryString;
+                $queryString .= "$param=" . $_;
+            }
         }
 
         # do not redirect when param "redirect=no" is passed
@@ -103,6 +105,11 @@
             $topicLocation = "$newWeb.$newTopic";
         }
 
+        return "%BR% %RED% Cannot redirect to current topic %ENDCOLOR%"
+          if ( $topicLocation eq "$web.$topic" );
+        return "%BR% %RED% Cannot redirect to an already visited topic %ENDCOLOR%"
+          if ( $queryString =~ /redirectedfrom=$topicLocation/ );
+
         unless ($dontCheckDestinationExists) { 
        if ( !Foswiki::Func::topicExists( undef, $topicLocation ) ) {
       return

Testing environment :
  • In Sandbox.PageA, use %REDIRECT{PageA}%: should't work.
  • In Sandbox.PageA, use %REDIRECT{PageB}%; in Sandbox.PageB use %REDIRECT{PageC}%; in Sandbox.PageC use %REDIRECT{PageA}%: should't work.
  • In Sandbox.PageA, use %REDIRECT{OtherWeb.TestX}%; in OtherWeb.TestX use %REDIRECT{Sandbox.PageA}%: should't work.
  • Anything else: should work.

However, I've no idea how to handle cases where we redirect to an URL (the plugin does not keep the redirectedfrom parameter).

So, that's it. I prefered don't commit my changes and wait for some feedbacks. After someone review, I can commit my changes (or no... :-)).

Thanks.

-- ItaloValcy - 19 Apr 2010

The bug was solved at 1.1 release of RedirectPlugin. Please check it out.

-- ItaloValcy - 26 Jun 2010

ItemTemplate edit

Summary RedirectPlugin can cause infinite loop
ReportedBy WillNorris
Codebase
SVN Range Foswiki-1.0.0, Thu, 08 Jan 2009, build 1878
AppliesTo Extension
Component RedirectPlugin
Priority Urgent
CurrentState Closed
WaitingFor
Checkins RedirectPlugin:f23aadb831bc
TargetRelease minor
ReleasedIn
Edit  | Attach | Print version | History: r6 < r5 < r4 < r3 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r6 - 26 Jun 2010, ItaloValcy
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy