EugeneTorap commented on code in PR #22355:
URL: https://github.com/apache/superset/pull/22355#discussion_r1042705527
##########
tests/integration_tests/core_tests.py:
##########
@@ -626,7 +626,7 @@ def test_redirect_invalid(self):
self.login(username="admin")
response = self.client.get(f"/r/{model_url.id}")
- assert response.headers["Location"] == "http://localhost/";
+ assert response.headers["Location"] == "/"
Review Comment:
> Response.autocorrect_location_header is disabled by default. The Location
header URL will remain relative, and exclude the scheme and domain, by default.
https://github.com/pallets/werkzeug/issues/2352
> When Response.autocorrect_location_header was added in 2011
https://github.com/pallets/werkzeug/commit/0ec643b1cb48dc5ccef38a569941774d4bba52cd,
it was documented as "correct the location header to be RFC conformant". It
was referring to [RFC 2616](http://tools.ietf.org/html/rfc2616#section-14.30).
That was superseded by [RFC
7231](https://httpwg.org/specs/rfc7231.html#header.location) in 2014, which
allows relative URLs.
[MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Location) lists
all browsers as compliant with this. Switch autocorrect_location_header to be
disabled by default.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
