EPrints Technical Mailing List Archive
See the EPrints wiki for instructions on how to join this mailing list and related information.
Message: #01337
< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First
[EP-tech] Re: Infinite redirect on staffonly document
- To: "eprints-tech@ecs.soton.ac.uk" <eprints-tech@ecs.soton.ac.uk>
- Subject: [EP-tech] Re: Infinite redirect on staffonly document
- From: Jon Hallett <Jon.Hallett@uwe.ac.uk>
- Date: Mon, 3 Dec 2012 09:02:09 +0000
Okay, so redirecting to the https version of the document works. The patch for 3.3.6 is *** Rewrite.pm.20121126 2012-11-26 13:29:09.362766562 +0000 --- Rewrite.pm 2012-11-28 08:54:13.392769980 +0000 *************** *** 434,439 **** --- 434,452 ---- return NOT_FOUND; } + # jjh, 26th november 2012, staffonly documents should be redirected to https if the server has https... + # redirect secure stuff + if( $repository->config( "securehost" ) && !$secure && !$doc->is_public() ) + { + my $https_redirect = $repository->current_url( + scheme => "https", + host => 1, + path => "static", + "$eprintid/$pos$uri" ) . $args; + return redir( $r, $https_redirect ); + } + # ...end + if( !length($uri) ) { return redir( $r, "$urlpath/$eprintid/$pos/$args" ); Thanks, Jon -----Original Message----- Message: 1 Date: Thu, 15 Nov 2012 12:00:09 +0000 From: Jon Hallett <Jon.Hallett@uwe.ac.uk> Subject: [EP-tech] Infinite redirect on staffonly document To: "'eprints-tech@ecs.soton.ac.uk' (eprints-tech@ecs.soton.ac.uk)" <eprints-tech@ecs.soton.ac.uk> Message-ID: <361D6B1A2B6D194081955E94772543F288E040A614@EGEN-MBX01.campus.ads.uwe.ac.uk> Content-Type: text/plain; charset="us-ascii" Another problem related to http://www.eprints.org/tech.php/16874.html and http://www.eprints.org/tech.php/16546.html. As before, this affects an EPrints instance which uses different domains for http and https (http://researchdata.uwe.ac.uk/ and https://eprints.uwe.ac.uk/datasecure/). This time the problem is that we have a document restricted to repository staff which is inaccessible from its abstract page. Clicking on the document's link causes EPrints to issue an infinite series of redirects. I'm guessing that the root cause is that the document link is http://researchdata.uwe.ac.uk/85/1/Lorem%20ipsum.pdf, but the login process happens on https://eprints.uwe.ac.uk/datasecure/cgi/users/login?target=http%3A%2F%2Fresearchdata.uwe.ac.uk%2F85%2F1%2FLorem%2520ipsum.pdf, so researchdata.uwe.ac.uk never sees the user cookies. https://eprints.uwe.ac.uk/datasecure/85/1/Lorem%20ipsum.pdf works as expected. Anyway, is the fix to redirect secure documents to their https URLs, as is already done in Rewrite.pm for secure CGI directories? Thanks, Jon
- Prev by Date: [EP-tech] Re: Eprints-tech Digest, Vol 50, Issue 34
- Next by Date: [EP-tech] NEWS RELEASE: Call for Proposals and Registration Information for Open Repositories 2013
- Previous by thread: [EP-tech] Re: Eprints-tech Digest, Vol 50, Issue 34
- Next by thread: [EP-tech] NEWS RELEASE: Call for Proposals and Registration Information for Open Repositories 2013
- Index(es):