ZF-2821: Zend_Controller_Action_Helper_Redirector makes redirection using relative HTTP path

Issue Type: Improvement Created: 2008-03-07T04:07:39.000+0000 Last Updated: 2012-05-29T15:30:41.000+0000 Status: Closed Fix version(s): Reporter: Piotr Czachur (zimnyx) Assignee: Adam Lundrigan (adamlundrigan) Tags: - Zend_Controller

Related issues: - ZF-2822



Redirector helper makes relative redirect by default, despite the fact the HTTP specs forbid relative URLs in HTTP redirects. Redirects should be always to ubsolute URLs.


Posted by Wil Sinclair (wil) on 2008-03-25T20:41:12.000+0000

Please categorize/fix as needed.

Posted by Matthew Weier O'Phinney (matthew) on 2008-04-22T10:17:42.000+0000

Scheduling for next minor release.

Posted by Michal Minicki (martel) on 2008-06-04T04:03:25.000+0000

I can give a shot at it if you like, Matthew.

I have moved url view helper logic to router, so setGotoRoute should also be changed at the same time.

Posted by Matthew Weier O'Phinney (matthew) on 2008-11-24T13:10:30.000+0000

The problem with fixing this issue is due to determining the server protocol, name, and port. The information in the $_SERVER superglobal is somewhat unreliable due to the fact that some keys vary from server to server, others are open to header injection, and others may be incorrect due to proxying. Additionally, if you are pregenerating content, having the various URL helpers set the fully qualified URL could have a negative impact as the incorrect protocol, server, and/or port could be selected during generation.

At best, this would have to be an opt-in behavior.

While I realize that the HTTP spec requires fully qualified URLs, I do not know of any clients that are unable to follow them; can the reporter please provide some background on a real-world technical need for this request?

Posted by Matthew Weier O'Phinney (matthew) on 2008-11-24T13:11:15.000+0000

Updated priorities; unsure how necessary this "fix" is.

Posted by Adam Lundrigan (adamlundrigan) on 2012-05-29T15:30:41.000+0000

No response from original author for 3+ years

Have you found an issue?

See the Overview section for more details.


© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.