New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clear absolute URLs from links and images in web pages #3638
Comments
Please, you can share the results and your proposed improvements. |
We searched through .php and .tpl files for the text We searched for the following functions in .php and .tpl:
We searched for the following variables (some of them are PHP-related, most are view template-related):
We just attached a list of the ~20 issues we found. They're flagged red/yellow/green: the red ones we think should be fixed; on the yellow ones we'd like a review to understand if they should be fixed or not. If you agree on which are the red ones, we'd happy to move on and submit the proposed improvements. In many cases, that would mean to drop the prefix, or to change the way a function is invoked (e.g. |
Attachment: Results of our investigation on absolute URL usage |
This is the same list as the one inside Excel document, posted here as text: ||Id||Source file||Check||Comment|| |
Going further, we checked again the listed issues and changed their status accordingly. For all the red ones, we're attaching a patch here that fixes them. Here's the updated list in text format. We're also attaching the same in Excel format. ||=Id=||=Source file=||=Check=||=Comment=||=Status=|| |
Attachment: Results of our investigation on absolute URL usage, updated |
Attachment: Diff to fix issues with Id's 27, 28, 2, 38 |
ok looks interesting. let me know when you have patches you have tested, that the tests pass, and you'd like to review :) Kuddos for doing this reviewing work! |
Please submit a pull request for these changes. Thanks! |
Hello all
For one of our customer there could be a policy in force to have only relative URLs within web pages (for things like
anchor href
,img src
, etc.)We've seen there have been a number of tickets related to relative URLs and reverse proxies, like ticket:466, ticket:647, ticket:691, ticket:2501, ticket:3318.
As a quick check, at least the //famous// logo image src on dashboard, or the one on login page, still have absolute URL.
We have done some grepping in code, and we think we've found some other potential spots where absolute URLs are generated within web pages. We think we skipped over //acceptable// usage of absolute URLs, trying to focus on those that would show up on served web pages.
We would be more than happy to share the results of this search (with its used criteria), and to understand if URLs are fine the way the are, or what else.
After that, we can understand if it's a matter of submitting patches to code-base for approval, or else they have to stay as custom changes.
Thanks for your time
Keywords: relative absolute url urls reverse proxy
The text was updated successfully, but these errors were encountered: