Have the com_redirect plugin activated.
Go to a non-existing URL which is larger than 255 chars. I used an URL which has a length of 373 chars.
The plugin will trigger because there is a 404. It will now check it the URL exists in the redirect table. It does not, so it will add it. The problem here is that it will only add the first 255 chars of the url because the column is of type varchar(255).
When you visit the large URL again the plugin will trigger again as expected. It will check if the link exists in the table. The link does not exist in the table because it only saved the first 255 chars. Now, it will try to insert the URL into the table again. Again, it will use the first 255 chars. This causes an error in MySQL because it is trying to insert a duplicate key. Now the error in Joomla changes from 404 to 1062. Because of this the 404 page is not rendered. The browser will get a 500 error.
Because of the column type varchar(255) this can't be solved if this type is not changed. But I still expect to get a 404. Not a 1062 (500 for the browser).
Error 500. And no 404 page rendered.
Redirect plugin version: 3.0.0
For now, in my template override I added a check for jos_redirect_links:
if ($this->error->getCode() == '404' || strpos($this->error->getMessage(), 'jos_redirect_links')) {
// render 404 page
}
if (strpos($this->error->getMessage(), 'jos_redirect_links')) {
// Set to 404
header('HTTP/1.0 404 Not Found');
exit;
}
This renders the 404 page and returns a 404 error to the browser.
Labels |
Added:
?
|
As an extra note the code 1062 is a mysql error #1062 - Duplicate entry for key. Just to show it is not a status for the page Joomla has created, but the error message instead.
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/4692.
The field should be changed from VARCHAR to TEXT
@aDaneInSpain want to do a PR for that? Please
Should it also be looked at that the error message went in to the status code or is that a separate task?
Happy to check it if you do a PR as I am not sure where you do DB changes to do one. Would you change the set up scripts?
are you working on this @tristanbailey if not I can take this one
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/4692.
@brianteeman I did not do it as I am not sure how DB changes are made. I suppose in the install SQL but I expect that there should also be an upgrade SQL file that alters the table.
Yes thats right. I dont know how either but I thought I would ask you ;)
On 17 October 2014 12:44, Søren Beck Jensen notifications@github.com
wrote:
@brianteeman https://github.com/brianteeman I did not do it as I am not
sure how DB changes are made. I suppose in the install SQL but I expect
that there should also be an upgrade SQL file that alters the table.—
Reply to this email directly or view it on GitHub
#4692 (comment).
Brian Teeman
Co-founder Joomla! and OpenSourceMatters Inc.
http://brian.teeman.net/
ok
after some reading up I found up that maximum allowed URL in IE is 2083, other browsers allow much higher numbers, even over 100.000, but we must stand with the lowest one, so I set it up for 2083.
Example description here: http://www.boutell.com/newfaq/misc/urllength.html
In this PR I have removed unique constraint. When we insert new row we are actually doing this check inside of the Joomla code, so this is not needed. And it was making a trouble because maximum varchar key for unique key is 767. So while removing it for mysql, I removed it for all DBs because as stated above, it is not needed.
Please check this code against Postgre and sqlazure if possible.
#4781
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/4692.
Hmm.... did not know you could make varchar over 255. Nice to know, thanks.
Status | New | ⇒ | Closed |
closing as we have a PR by Kixo: http://issues.joomla.org/tracker/joomla-cms/4781
Set to "closed" on behalf of @zero-24 by The JTracker Application at issues.joomla.org/joomla-cms/4692
Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2014-10-17 13:54:00 |
yes you can, before MySQL 5.0.3, a VARCHAR could only store up to 255 characters. But Joomla requires 5.1 so we are good to have a 65535 characters
Labels |
Added:
?
|
I have just tested this one and it does chop the url at 255.
I would see it as a security bug too as the error message is being dumped into the status code as well as on page
First try:
404 Category not found
Status Code I get is this when added the long redirect:
1062 Duplicate entry 'http://109.73.224.4/index.php/en/discoveradventure.com/joomla/te' for key 'idx_link_old' SQL=INSERT INTO
j_redirect_links
(old_url
,new_url
,referer
,comment
,hits
,published
,created_date
) VALUES ('http://109.73.224.4/index.php/en/discoveradventure.com/joomla/templates/joostrap/font/din/bold/DINWeb-Bold/2discoveradventure.com/joomla/templates/joostrap/font/din/bold/DINWeb-Bold/3discoveradventure.com/joomla/templates/joostrap/font/din/bold/DINWeb-Bold/4discoveradventure.com/joomla/templates/joostrap/font/din/bold/DINWeb-Bold', '' ,'', '',1,0, '2014-10-17 05:35:37')This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/4692.