Project

General

Profile

Bug #11842

Captive Portal post-auth redirect is not properly respected

Added by Jim Pingle about 2 months ago. Updated 14 days ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Captive Portal
Target version:
Start date:
04/22/2021
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
21.05
Release Notes:
Default
Affected Version:
All
Affected Architecture:

Description

The value of "After authentication Redirection URL" in Captive Portal is supposed to override the automatically detected browser request URL so that the user is forced to go to that destination. This is the behavior stated under the field in the GUI. It is not a value of last resort.

Currently the code is not respecting that behavior.

While here, the redirect code handling is a bit of a mess and needs fixed up in general.

Associated revisions

Revision de9ba32b (diff)
Added by Jim Pingle about 2 months ago

Improve Captive Portal redirect URL handling.

  • Fix handling of after auth redir URL value so it gets properly
    respected as stated in the GUI. Fixes #11842
  • Fix up and optimize the redirect code in general, there were several
    ordering issues (using values before they were set), logic problems,
    etc. Issue #11842
  • Validate the redirect URL on save and again before attempting to use
    it, that way values which are not URLs do not make their way to clients
    and cause errors or unintended behavior in the browser. Fixes #11843

Revision 697a99c1 (diff)
Added by Jim Pingle about 2 months ago

Improve Captive Portal redirect URL handling.

  • Fix handling of after auth redir URL value so it gets properly
    respected as stated in the GUI. Fixes #11842
  • Fix up and optimize the redirect code in general, there were several
    ordering issues (using values before they were set), logic problems,
    etc. Issue #11842
  • Validate the redirect URL on save and again before attempting to use
    it, that way values which are not URLs do not make their way to clients
    and cause errors or unintended behavior in the browser. Fixes #11843

Revision 48860631 (diff)
Added by Jim Pingle about 2 months ago

Fix variable being used before assignment. Fixes #11842

Revision ef6524c7 (diff)
Added by Jim Pingle about 2 months ago

Fix variable being used before assignment. Fixes #11842

(cherry picked from commit 48860631d02e7aea6c03cef043a58081a1fadbb8)

History

#1 Updated by Jim Pingle about 2 months ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

#2 Updated by Gertjan KROEB about 2 months ago

A feedback :

I saw my browser sending 'plain http' to the https port.

File /etc/inc/captiveportal.inc line 2261 :

$protocol = (isset($cpcfg['httpslogin'])) ? 'https://' : 'http://';

$cpcfg is assigned a couple of lines lower, line 2275 :

$cpcfg = $config['captiveportal'][$cpzone];

I put this line before line 2261 and all is well.

edit : is it ok to leave message like this over here ?

#3 Updated by Jim Pingle about 2 months ago

  • Status changed from Feedback to In Progress

I'll look into that ASAP, thanks for testing!

#4 Updated by Jim Pingle about 2 months ago

  • % Done changed from 100 to 90

#5 Updated by Jim Pingle about 2 months ago

  • Status changed from In Progress to Feedback
  • % Done changed from 90 to 100

#6 Updated by Jim Pingle about 1 month ago

  • Plus Target Version set to 21.05

#7 Updated by Jim Pingle about 1 month ago

Already in 21.05 branch.

#8 Updated by Jim Pingle 20 days ago

  • Target version changed from 2.6.0 to 2.5.2

#9 Updated by Jim Pingle 14 days ago

  • Status changed from Feedback to Closed

Also available in: Atom PDF