The ngcp-panel v1 codebase uses 'back=' GET parameters to record
all the navigation path and store it into the session array:
'$c->session->{redirect_targets}'.
On switch from v1 to v2 using the link 'GO TO NEW ADMIN PANEL',
the function 'login_to_v2' is not using the concept of 'back=' GET param,
but ngcp-panel still receives and stores the last value with 'empty' path:
> $VAR1 = bless( do{\(my $o = 'https://x.x.x.x:1443/')}, 'URI::https' );
> $VAR2 = bless( do{\(my $o = 'https://x.x.x.x:1443/subscriber/155/details')}, 'URI::https' );
> $VAR3 = bless( do{\(my $o = 'https://x.x.x.x:1443/subscriber')}, 'URI::https' );
> $VAR4 = bless( do{\(my $o = 'https://x.x.x.x:1443/dashboard')}, 'URI::https' );
The navigation above is a recorded browsing path on v1 (in a reverse order):
- login to ngcp-panel (dashboard page is opened),
- open 'Subscribers'
- open details for some subscriber with id 155
- open subscriber preferences
- click on link 'GO TO NEW ADMIN PANEL'.
As a result user is still located on the same page "Preferences",
but not on v1 but v2 interface. The empty value is inserted into
the array '$c->session->{redirect_targets}' (which is wrong).
The empty path 'https://x.x.x.x:1443/' brakes v2 navigation
for v1 'Back' button inside iframe.
It causes loading of iframe inside iframe,
which happens on v2 due to list of redirections:
- clicking on v1 button 'back' inside v2 iframe requests https://x.x.x.x:1443/back
- it triggers navigation to the top element array 'https://x.x.x.x:1443/' which is wrong/corrupted.
- loading '/' cause 302 redirect to '/v2/' (as 'v2' is a default UI for mr10.0+)
- loading '/v2/' inside iframe cause the issue with 'v2' content inside 'v2' iframe.
This is a commit to prevent inserting an empty 'back_uri' into
the session array '$c->session->{redirect_targets}'.
Change-Id: I69df4320fa8cde4d23a7d9dd18ffb5eb06ee8df1
mr10.1
Alexander Lutay
5 years ago
parent
3cc01922e7
commit
1840af1eb2
Loading…
Reference in new issue