Append trailing slash to URL if missing #14822
Conversation
Closes qbittorrent#5693 Index pages now automatically redirect to a path with a trailing "/". If the site was accessed through a proxy with a modified path, a missing trailing "/" would break the relative paths.
kharenis
force-pushed
the
trailing-slash
branch
from
642ce51 to
209f784
Compare
glassez
changed the title
|
Does it supersede #14787? |
I believe so, I can't think of why a base path would be needed if this fix was to be added. |
|
Could you explain in detail using some example URL, what exactly happens without and with this patch? |
| @@ -2,6 +2,14 @@ | |||
| <html lang="${LANG}"> | |||
|
|
|||
| <head> | |||
| <script> | |||
| let path = window.location.pathname; | |||
There was a problem hiding this comment.
you can use const:
const path = ...
| <script> | ||
| let path = window.location.pathname; | ||
| if (path) { | ||
| let lastChar = path.substr(path.length - 1); |
There was a problem hiding this comment.
substr is not recommended: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/substr#browser_compatibility
I would suggest: const lastChar = path.slice(-1);
| let path = window.location.pathname; | ||
| if (path) { | ||
| let lastChar = path.substr(path.length - 1); | ||
| if (lastChar != '/') |
| if (path) { | ||
| let lastChar = path.substr(path.length - 1); | ||
| if (lastChar != '/') | ||
| window.location.replace(window.location.href + '/'); |
There was a problem hiding this comment.
Would this redirection break other things? such as the magnet handler?
| @@ -2,6 +2,14 @@ | |||
| <html lang="${LANG}"> | |||
|
|
|||
| <head> | |||
| <script> | |||
There was a problem hiding this comment.
Please move it to the next line of </noscript>.
The same for private/index.html.
|
Don't have time to review this right now, but I believe we should give @Piccirello a chance to look at this. |
|
Will review this tonight. |
There was a problem hiding this comment.
I think I'm lacking info right now as to how this solves the linked issue. Could you share some more info @kharenis and maybe an example or two?
My current inclination is that we should probably handle this redirect server-side, rather than client-side.
|
@glassez @Chocobo1 @Piccirello Given the following scenario:
Without the patch: If a user attempts to reach qbt at http://mywebsite.com/qbt/, the relative paths are correctly resolved and everything loads as expected. [http://mywebsite.com/qbt/scripts/login.js, http://mywebsite.com/qbit/icons/qbittorrent-tray.svg] etc. With the path: I'm not sure if it can be implemented server-side as qbt receives the path from the reverse proxy's perspective. - In the above scenario, the "/qbt" path from the user's perspective is seen as "/" to qbt. |
|
I don't see any problems at server side from the example above. |
|
The bottom line is how relative paths in HTML links are resolved. IIRC, they are resolved against the directory of file containing the link. Seems in case of http://mywebsite.com/qbt/ |
|
Thanks for that explanation. We can definitely nix my earlier server-side suggestion. It seems that without this fix, users can already employ a nasty regex in their proxy config, which will correctly handle the trailing slash. That's definitely not ideal. At the same time, this fix would now require (some) users to update their proxy config to properly handle double slashes. Is my understanding correct? It might be helpful if you shared an example proxy config for nginx (or whatever reverse proxy you use) so that we can see what would be needed. |
|
@Piccirello |
|
I just refreshed the wiki pages documenting reverse proxy setups with NGINX. I have never had this Links to the relevant wiki pages: https://github.com/qbittorrent/qBittorrent/wiki/NGINX-Reverse-Proxy-for-Web-UI |
|
@Piccirello
Technically no, whilst they're both a path to a resource, /qbt is treated as the file "qbt" in the "/" directory, and /qbt/ as a directory - with the convention that something representing the directory will be returned (typically an index page). The relative paths get appended to the deepest directory in the path. I guess what it really comes down to, is it qbt's responsibility to make sure it's being accessed using a directory path as it expects, or should the user have to make their proxy only allow access through a url with a trailing "/".
I don't use Nginx as my reverse proxy so haven't got experience with it, but are you able to access qbt without a trailing "/" in the url? I think the best way to handle it is a configurable base path in qbt so it always points things in the right direction without users having to faff around with proxy setups. |
For me this sounds the same as "it's application's responsibility to make sure it's being run using an executable file with some particular path". Unless you mean web UI rather than qBittorrent itself... |
Ah yep, I did indeed mean the web UI! |
Yes. What I notice is that a I tried this with the reference setups documented in the wiki and a fresh browser cache/data every time, and this is reproducible. I opened up Firefox's network monitor with cache disabled, and indeed I found that I'm getting
GET /qbt HTTP/2
Host: mywebsite.com
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:88.0) Gecko/20100101 Firefox/88.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/2 301 Moved Permanently
server: nginx
date: <snip>
content-type: text/html
content-length: 162
location: https://mywebsite.com/qbt/
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2and the subsequent requests/responses to the path with the trailing
There is probably a way to accomplish this in other webservers as well, even if it is not the default.
Yeah, they are there "for the future". It would be very nice to make use of at least
Since it currently "just works" with NGINX, wouldn't it be a better idea to simply find out what is needed to make it work with other webservers? Then it would be sufficient to add some text to qBittorrent's "javascript is disabled" error paragraph mentioning the necessary config change. After all, even if you introduce a configurable base path setting, it will still be broken out of the box for some users, and we have to inform them about what needs to be changed to fix the problem. |
|
This PR is stale because it has been 60 days with no activity. This PR will be automatically closed within 7 days if there is no further activity. |
|
This PR was closed because it has been stalled for some time with no activity. |
Closes #5693
Index pages now automatically redirect to a path with a trailing"/". If the site was accessed through a proxy with a modified path, a missing trailing "/" would break the relative paths.