#12464: Empty PATH_INFO causes blank SCRIPT_NAME ------------------------------------+--------------------------------------- Reporter: chrisw | Owner: wogan Status: assigned | Milestone: 1.3 Component: HTTP handling | Version: SVN Resolution: | Keywords: Stage: Accepted | Has_patch: 1 Needs_docs: 0 | Needs_tests: 0 Needs_better_patch: 0 | ------------------------------------+--------------------------------------- Comment (by grahamd):
The code as it is technically will also only work if there is at most one internal redirect undertaken within Apache. In the case where there is more than one, Apache will prefix environment variables with 'REDIRECT_' at each iteration. This is where 'REDIRECT_SCRIPT_URL' comes from that mod_rewrite code internally checks for. Thus a robust implementation, to get hold of the very original URL should find the variant of SCRIPT_URL with the longest sequence of 'REDIRECT_' prefixes. Ie., 'REDIRECT_REDIRECT_SCRIPT_URL' takes precedence over 'REDIRECT_SCRIPT_URL' takes precedence of 'SCRIPT_URL'. A further case which presents a problem and where the code may not work is when an internal redirect is performed, it is possible that PATH_INFO from the parent isn't simply passed through but is modified in the process. This could result in the final PATH_INFO not even matching what is present in tail of 'SCRIPT_URL' and so simply dropping off 'SCRIPT_URL' the number of characters present in 'PATH_INFO' may give incorrect results. Take for example the convoluted example: {{{ WSGIScriptAlias /myapp /Library/WebServer/Sites/hello-1/htdocs/environ.wsgi RewriteEngine On RewriteRule ^/welcome(/.*)$ /myapp/about/$1 [QSA,PT,L] }}} The variables which go through to the app are: {{{ PATH_INFO: '/about/index' QUERY_STRING: '' REQUEST_URI: '/welcome/index' SCRIPT_FILENAME: '/Library/WebServer/Sites/hello-1/htdocs/environ.wsgi' SCRIPT_NAME: '/myapp' SCRIPT_URI: 'http://hello-1.example.com/welcome/index' SCRIPT_URL: '/welcome/index' }}} For code: {{{ script_url = environ.get('SCRIPT_URL', u'') if not script_url: script_url = environ.get('REDIRECT_URL', u'') if script_url: return force_unicode(script_url[:-len(environ.get('PATH_INFO', ''))]) }}} Pass this through the current algorithm and you get: {{{ >>> '/welcome/index'[:-len('/about/index')] '/w' }}} which isn't right. It is because of this latter issue that mod_wsgi hasn't in the past tried to do fixups to SCRIPT_NAME on internal redirects in Apache, as it can't know exactly what the nature of any URL manipulations are. This is why manual fixups in the WSGi script file have been suggested, where people can tailor it the specifics of the sort of redirect performed. Thus any automatic fixup in Apache/mod_wsgi seems unlikely. -- Ticket URL: <http://code.djangoproject.com/ticket/12464#comment:10> Django <http://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com. To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-updates?hl=en.