Forum OpenACS Q&A: Re: Naviserver upgrade issue on RHEL 7.9
Posted by
Gustaf Neumann
on 07/03/25 10:41 AM
Glad that the clean install helped for the original problem!
Concerning the redirects: Maybe the following can shed light on this.
Add the following code to the end of packages/acs-tcl/tcl/utilities-procs.tcl, effectively redefining ad_returnredirect to be verbose.
d_proc -public ad_returnredirect {
{-message {}}
{-html:boolean}
{-allow_complete_url:boolean}
target_url
} {
Write the HTTP response required to get the browser to redirect to
a different page, to the current connection. This does not cause
execution of the current page, including serving an ADP file, to
stop. If you want to stop execution of the page, you should call
ad_script_abort immediately following this call.
<p>
This proc is a replacement for ns_returnredirect, but improved in
two important respects:
<ul>
<li>
When the supplied target_url isn't complete, (e.g. /foo/bar.tcl or
foo.tcl) the prepended location part is constructed by looking at
the HTTP 1.1 Host header.
</li>
<li>
If a URL relative to the current directory is supplied
(e.g. foo.tcl) it prepends location and directory.
</li>
</ul>
@param message A message to display to the user. See
util_user_message.
@param html Set this flag if your message contains HTML. If
specified, you're responsible for proper quoting of
everything in your message. Otherwise, we quote it for
you.
@param allow_complete_url By default we disallow redirecting to
URLs outside the current host. This is
based on the currently set host header
or the hostname in the config file if
there is no host header. Set
allow_complete_url if you are
redirecting to a known safe external web
site. This prevents redirecting to a
site by URL query hacking.
@see util_user_message
@see ad_script_abort
} {
ad_log warning "ad_returnredirect allow_complete_url $allow_complete_url target_url <$target_url>"
if {$message ne ""} {
#
# Leave a hint, that we do not want to be consumed on the
# current page.
#
set ::__skip_util_get_user_messages 1
util_user_message -message $message -html=$html_p
}
if { [util_complete_url_p $target_url] } {
ns_log notice "ad_returnredirect is complete <$target_url>"
# http://myserver.com/foo/bar.tcl style - just pass to ns_returnredirect
# check if the hostname matches the current host
if {[util::external_url_p $target_url] && !$allow_complete_url_p} {
error "Redirection to external hosts is not allowed."
}
set url $target_url
} elseif { [util_absolute_path_p $target_url] } {
#
# The URL is an absolute path such as: /foo/bar.tcl
#
set url [expr {[::acs::icanuse "relative redirects"] ? "" : [util_current_location]}]
append url $target_url
ns_log notice "ad_returnredirect path is absolute, updated URL <$url>"
} else {
#
# URL is relative to current directory.
#
set url [expr {[::acs::icanuse "relative redirects"] ? "" : [util_current_location]}]
append url [ad_urlencode_folder_path [util_current_directory]]
if {$target_url ne "."} {
append url $target_url
}
ns_log notice "ad_returnredirect path is relative, updated URL <$url>"
}
# Sanitize URL to avoid potential injection attack
regsub -all -- {[\r\n]} $url "" url
ns_log notice "ad_returnredirect final redirect to <$url>"
ns_returnredirect $url
}I can't exclude that NaviServer 4.99.31 might contribute to the problem. To try with NaviServer 5, rebuild with
sudo with_debug_flags=1 version_ns=GIT build_dir=/usr/local/ns5-src \
bash install-ns.sh buildall the best
-g
