Joomla! Issue Tracker | Joomla! CMS #9846 - Regression: Redirect to profile when Register to Read More

Closed
17 Apr 2016
Medium
Build: master
# 9846

infograf768
11 Apr 2016

Steps to reproduce the issue

Create an article set as Registered with a Read More.
Create a menu item of type category blog displaying the category of the article. Make sure Show Unauthorised Links is set to Yes.
Display the menu item in frontend and click on the Read More for that article. Log in.

Expected result

The full article should display

Actual result

The user profile displays.

System information (as much as possible)

This happens on monolanguage sites as well as multilanguage sites.

Additional comments

It looks like JUri::isInternal is broken as it works fine when I comment

/*if (!JUri::isInternal($data['return']))
            {
                $data['return'] = '';
            }*/

infograf768 - open - 11 Apr 2016

joomdonation - comment - 11 Apr 2016

Yes, JUri::isInternal is broken and that is the reason causing the issue. There is a PR to fix this issue #8698, however, I think we will still have this issue after applying this PR if the site is located in sub-folder

infograf768 - comment - 11 Apr 2016

@joomdonation

Look my comment at: #8698 (comment)

It works then, even if site is located in sub-folder.

brianteeman - change - 11 Apr 2016

Category

⇒

ACL

brianteeman - change - 11 Apr 2016

Labels

Added: ?

infograf768 - comment - 16 Apr 2016

@joomdonation
Could not we just add to the present checks a check to find out if the url is relative?:

diff --git a/libraries/joomla/uri/uri.php b/libraries/joomla/uri/uri.php
index 381f61e..96a89f8 100644
--- a/libraries/joomla/uri/uri.php
+++ b/libraries/joomla/uri/uri.php
@@ -277,4 +277,11 @@
            return true;
        }
+       
+       $position= stripos($url, '/');
+
+       if ($position === 0)
+       {
+           return true;
+       }

        return false;

joomdonation - comment - 16 Apr 2016

@infograf768 It is simpler to check of the url is relative. Please see https://github.com/joomla/joomla-cms/blob/staging/libraries/joomla/uri/uri.php#L272

If $host is empty, the URL is relative URL. People said that for security reason, the relative url need to starts with index.php (see the code), that's the reasons we are having this bug these days.

infograf768 - comment - 17 Apr 2016

hmm

infograf768 - comment - 17 Apr 2016

Therefore the only thing to do would be to correct #8698 (comment) and then hope for template designers (and all users) to change their overrides...

infograf768 - change - 17 Apr 2016

Status	New	⇒	Closed
Closed_Date	0000-00-00 00:00:00	⇒	2016-04-17 18:02:40
Closed_By		⇒	infograf768

infograf768 - close - 17 Apr 2016

infograf768 - comment - 17 Apr 2016

Closed as we have a patch #9959

_{This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9846.}

Add a Comment

Older
Newer

Joomla! Issue Tracker - CMS

[#9846] - Regression: Redirect to profile when Register to Read More

Steps to reproduce the issue

Expected result

Actual result

System information (as much as possible)

Additional comments

Add a Comment