Stop redirect loops

avtobiff · avtobiff · commit 4de04ee78c47 · 2025-01-15T14:31:22.000+01:00
Stop redirects if the server path equals redirect prefix path. This
stops redirect loops.
diff --git a/src/yaws_server.erl b/src/yaws_server.erl
@@ -2704,14 +2704,17 @@ deliver_redirect_map(CliSock, Req, Arg,
     %% Here Code is 1xx, 2xx, 4xx or 5xx
     ?Debug("in redir ~p", [Code]),
     deliver_xxx(CliSock, Req, Arg, Code);
-deliver_redirect_map(_CliSock, _Req, Arg,
-                     {_Prefix, Code, Path, Mode}, N) when is_list(Path) ->
+deliver_redirect_map(_CliSock, _Req, #arg{server_path = ServerPath} = Arg,
+                     {Prefix, Code, Path, Mode}, N)
+  when is_list(Path) andalso
+       %% Stop redirect loops
+       ServerPath == Prefix ->
     %% Here Code is 1xx, 2xx, 4xx or 5xx
     ?Debug("in redir ~p", [Code]),
     Path1 = if
                 Mode == append ->
-                    filename:join([Path ++ Arg#arg.server_path]) ++
-                        preserve_trailing_slash(Arg#arg.server_path);
+                    filename:join([Path ++ ServerPath]) ++
+                        preserve_trailing_slash(ServerPath);
                 true -> %% noappend
                     Path
             end,
@@ -2725,8 +2728,12 @@ deliver_redirect_map(_CliSock, _Req, Arg,
     put(yaws_arg, Arg),
     put(client_data_pos, N),
     {page, {[{status, Code}], Page}};
-deliver_redirect_map(CliSock, Req, Arg,
-                     {_Prefix, Code, URL, Mode}, N) when is_record(URL, url) ->
+deliver_redirect_map(CliSock, Req, #arg{server_path = ServerPath} = Arg,
+                     {Prefix, Code, URL, Mode}, N)
+  when is_record(url, URL)
+       andalso
+       %% Stop redirect loops
+       ServerPath == Prefix ->
     %% Here Code is 3xx
     ?Debug("in redir ~p", [Code]),
     H = get(outh),
@@ -2736,8 +2743,8 @@ deliver_redirect_map(CliSock, Req, Arg,
                 end,
     LocPath = if
                   Mode == append ->
-                      Path1 = filename:join([URL#url.path ++ Arg#arg.server_path]) ++
-                          preserve_trailing_slash(Arg#arg.server_path),
+                      Path1 = filename:join([URL#url.path ++ ServerPath]) ++
+                          preserve_trailing_slash(ServerPath),
                       yaws_api:format_partial_url(
                         URL#url{path=Path1,querypart=QueryData}, get(sc)
                        );
