Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-22414

Session is lost when redirecting from a legacy module

    Details

      Description

      This only occurs when using Symfony stack, with legacy fallback.

      In a legacy module, when you set a session variable and then perform a redirection (e.g. using $Module->redirectTo( '/' )) to a page managed by Symfony stack, created session will be lost during the redirection process.

      Steps to reproduce

      1. Create a legacy module with the following code:

        <?php
        $Module = $Params['Module'];
        $Result = array();
         
        $http = eZHTTPTool::instance();
        $http->setSessionVariable( 'foo', time() );
        $Module = $Params['Module'];
        return $Module->redirectTo( "/my_custom_controller_uri" );
        

      2. Create a custom symfony controller with a /my_custom_controller_uri route, and ensure you dump foo session variable:

        var_dump( $this->getRequest()->getSession()->get( 'foo' ) );
        

      3. Access to your legacy module URL, you'll be redirected to your custom controller and foo session variable will be null
      1. http.log
        8 kB
        Pedro Resende

        Issue Links

          Activity

          Hide
          Pedro Resende (Inactive) added a comment -

          Tested and approved by Q.A.

          Show
          Pedro Resende (Inactive) added a comment - Tested and approved by Q.A.
          Hide
          Nuno Oliveira (Inactive) added a comment - - edited

          If was verified that after applying the patch from https://github.com/ezsystems/ezpublish-kernel-ee/commit/28807bde31224fc5689e1772fe9ee1e589c88b72, a double "location" HTTP header is generated.

          Steps to reproduce:

          1. Created a custom legacy extension, containing a module "paidcontent" and a view "metered";
          2. metered.php redirects to installation's root:

          <?php
           
          $http = eZHTTPTool::instance();
           
          $http->setSessionVariable( 'MyTest', time() );
          $Module = $Params['Module'];
          return $Module->redirectTo( "/" );
          ...
          

          3. Installed patches:

          3.1. https://github.com/ezsystems/ezpublish-legacy-ee/commit/841690362de5e35030402d41a7a1ef4394f9fcfa
          3.2. https://github.com/ezsystems/ezpublish-legacy-ee/commit/c7ba92c683481e851c9252780550fde5b52f28f8
          3.3. https://github.com/ezsystems/ezpublish-kernel-ee/commit/28807bde31224fc5689e1772fe9ee1e589c88b72

          4. On the command line, ran:

          $curl -v http://eng.52ezdemohost.com/paidcontent/metered
          

          5. Got:

          * About to connect() to eng.52ezdemohost.com port 80 (#0)
          *   Trying 127.0.0.1... connected
          > GET /paidcontent/metered HTTP/1.1
          > User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
          > Host: eng.52ezdemohost.com
          > Accept: */*
          > 
          < HTTP/1.1 302 Found
          < Date: Tue, 01 Apr 2014 17:21:42 GMT
          < Server: Apache/2.2.22 (Ubuntu)
          < X-Powered-By: eZ Publish Platform
          < Expires: Mon, 26 Jul 1997 05:00:00 GMT
          < Last-Modified: Tue, 01 Apr 2014 17:21:42 GMT
          < Cache-Control: no-cache, must-revalidate
          < Pragma: no-cache
          < Served-by: eng.52ezdemohost.com
          < Content-language: en-GB
          < Set-Cookie: eZSESSID=dpkrpame3rq5gsbdbas9ff94a7; path=/
          < Location: http://eng.52ezdemohost.com/
          < Cache-Control: no-cache
          < Location: http://eng.52ezdemohost.com/
          < Vary: Accept-Encoding
          < Transfer-Encoding: chunked
          < Content-Type: text/html; charset=UTF-8
          

          Show
          Nuno Oliveira (Inactive) added a comment - - edited If was verified that after applying the patch from https://github.com/ezsystems/ezpublish-kernel-ee/commit/28807bde31224fc5689e1772fe9ee1e589c88b72 , a double "location" HTTP header is generated. Steps to reproduce: 1. Created a custom legacy extension, containing a module "paidcontent" and a view "metered"; 2. metered.php redirects to installation's root: <?php   $http = eZHTTPTool::instance();   $http->setSessionVariable( 'MyTest', time() ); $Module = $Params['Module']; return $Module->redirectTo( "/" ); ... 3. Installed patches: 3.1. https://github.com/ezsystems/ezpublish-legacy-ee/commit/841690362de5e35030402d41a7a1ef4394f9fcfa 3.2. https://github.com/ezsystems/ezpublish-legacy-ee/commit/c7ba92c683481e851c9252780550fde5b52f28f8 3.3. https://github.com/ezsystems/ezpublish-kernel-ee/commit/28807bde31224fc5689e1772fe9ee1e589c88b72 4. On the command line, ran: $curl -v http://eng.52ezdemohost.com/paidcontent/metered 5. Got: * About to connect() to eng.52ezdemohost.com port 80 (#0) * Trying 127.0.0.1... connected > GET /paidcontent/metered HTTP/1.1 > User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3 > Host: eng.52ezdemohost.com > Accept: */* > < HTTP/1.1 302 Found < Date: Tue, 01 Apr 2014 17:21:42 GMT < Server: Apache/2.2.22 (Ubuntu) < X-Powered-By: eZ Publish Platform < Expires: Mon, 26 Jul 1997 05:00:00 GMT < Last-Modified: Tue, 01 Apr 2014 17:21:42 GMT < Cache-Control: no-cache, must-revalidate < Pragma: no-cache < Served-by: eng.52ezdemohost.com < Content-language: en-GB < Set-Cookie: eZSESSID=dpkrpame3rq5gsbdbas9ff94a7; path=/ < Location: http://eng.52ezdemohost.com/ < Cache-Control: no-cache < Location: http://eng.52ezdemohost.com/ < Vary: Accept-Encoding < Transfer-Encoding: chunked < Content-Type: text/html; charset=UTF-8
          Hide
          Joao Pingo (Inactive) added a comment -

          QA Approved

          Show
          Joao Pingo (Inactive) added a comment - QA Approved
          Show
          Jérôme Vieilledent (Inactive) added a comment - - edited Regression: EZP-22665 Fixed in master: https://github.com/ezsystems/ezpublish-kernel/commit/1e62345354f8e42bad98ac39dcf1bdf425be2de3
          Hide
          Gunnstein Lye added a comment -

          Regression: EZP-23356 (5.2, and likely 5.1 too)

          Show
          Gunnstein Lye added a comment - Regression: EZP-23356 (5.2, and likely 5.1 too)

            People

            • Assignee:
              Unassigned
              Reporter:
              Eduardo Fernandes (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

              Dates

              • Due:
                Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 days, 7 hours, 30 minutes
                3d 7h 30m