Bug #103171
openRedirect to file with "Force SSL Redirect" broken on iOS browsers
0%
Description
When you create a redirect in the Redirects module that points to a file in fileadmin (t3://file?uid=xxx) and enable force_https, the resulting url looks like 'https:/fileadmin/...'
Most browsers seem to handle this correctly and redirect to the chosen file, but iOS Browsers (Safari, Chrome) don't add the domain an redirect to https://fileadmin/... what leads to an error.
Maybe a problem in /sysext/core/Classes/Http/RedirectResponse.php with setting $headers['location'] = [(string)$uri] or in /sysext/redirects/Classes/Http/Middleware/RedirectHandler.php where buildRedirectResponse is called.
Files
Updated by Chris Müller 11 months ago
- Status changed from New to Needs Feedback
Without looking deeper, how have you configured your site configuration? Is there "/" as base defined?
Updated by Thorsten May 11 months ago
Chris Müller wrote in #note-1:
Without looking deeper, how have you configured your site configuration? Is there "/" as base defined?
The base is a full domain. I tried in different installations and now also with TYPO3 Version 12. It's the same behaviour there.
Updated by Riccardo De Contardi about 1 month ago
I think this is still true for both version 12 and 13; my test has been the following:
TYPO3 config:
Sites module¶
Site configuration > Entry Point [base]
: https://typo3.12.test.it.ddev.site/ (on version 13: https://typo3.13.test.it.ddev.site/ )
Redirect module¶
created a new redirect
- Source Domain [source_host]
: https://typo3.12.test.it.ddev.site (on version 13: https://typo3.13.test.it.ddev.site )
- Source Path [source_path]
: /testimage
- Target [target]
: t3://file?uid=72 (on the modal window I selected the tab "FILES" and then an image)
- Force SSL Redirect [force_https]
: 1
Result (TYPO3 12)
when calling the URL https://typo3.12.test.it.ddev.site/testimage you are redirected to https://typo3.12.test.it.ddev.site/fileadmin/Images/test.jpg
but the response-header is actually: https:/fileadmin/Images/test.jpg
Result (TYPO3 13)
when calling the URL https://typo3.13.test.it.ddev.site/testimage you are redirected to https://typo3.13.test.it.ddev.site/fileadmin/Images/test.jpg
but the response-header is actually: https:/fileadmin/Images/test.jpg
please note that I tested everything on Chrome, Desktop where everything somehow works nonetheless; I am not actually able to test it on a mobile device
Updated by Thilo Ratnaweera 16 days ago · Edited
Thorsten May wrote:
When you create a redirect in the Redirects module that points to a file in fileadmin (t3://file?uid=xxx) and enable force_https, the resulting url looks like 'https:/fileadmin/...'
Most browsers seem to handle this correctly and redirect to the chosen file, but iOS Browsers (Safari, Chrome) don't add the domain an redirect to https://fileadmin/... what leads to an error.
Maybe a problem in /sysext/core/Classes/Http/RedirectResponse.php with setting $headers['location'] = [(string)$uri] or in /sysext/redirects/Classes/Http/Middleware/RedirectHandler.php where buildRedirectResponse is called.
I can confirm this and I consider this a bug.
Even though some browsers are guessing correctly the response is incorrect and this should be fixed. I don't feel entitled enough to change the issue properties, but I would recommend to change the "Priority" from "Should have" to "Must have". Also, IMHO the subject could be more general as this is a problem with the HTTP response and has nothing to do with iOS per se.
Regards