Domino Login URL: RedirectTo value cut short in location field of 302 response

hcl-bot · May 19, 2003, 9:49am

The following network packet capture shows a Domino login request which includes a long redirect to URL. In the 302 response from the server, the location field which contains the URL the browser is to redirect to is cut short, dropping any parameters from the URL that were specified in the redirectto query parameter. The length of the redirectto URL does not matter, parameters are dropped from any URL specified in the redirectto query parameter

Why does this happen and is there a way to make it work?

Thank you,

Rich

GET /names.nsf?Login&username=richard%20collette&password=xyz&redirectto=http://etgdev5/HSBCT/Public.nsf/hsbctframeset?readform&header=/HSBCT/Public.nsf/Header?readform&leftnav=/HSBCT/Public.nsf/LeftNav?readform~-~BaseTarget=HSBCTBody&body=http://etgdev5/HSBCT/public.nsf/codesstandards?openform HTTP/1.1

Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, /

Accept-Language: en-us

Accept-Encoding: gzip, deflate

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; YComp 5.0.0.0; .NET CLR 1.0.3705)

Host: etgdev5

Connection: Keep-Alive

HTTP/1.1 302 Found

Server: Lotus-Domino/5.0.8

Date: Fri, 16 May 2003 19:12:26 GMT

Location: http://etgdev5/HSBCT/Public.nsf/hsbctframeset?readform

Connection: close

Content-Type: text/html

Set-Cookie: DomAuthSessId=948058A39C97F8DE2455351A3A82EDAE; path=/

hcl-bot · May 20, 2003, 12:45pm

Subject: I am not sure why you need such a complicated redirect, but…

Look at it from the programmers view. How do you extract a parameter from the Query_String? The typical way is this: redirstr := @Left(@Right(Query_String + “&”, “&redirectto=”); “&”);Looking at your URL you are getting exactly what you ask for…

/names.nsf?Login&username=richard%20collette&password=xyz&redirectto=http://etgdev5/HSBCT/Public.nsf/hsbctframeset?readform&header=/HSBCT/Public.nsf/Header?readform&leftnav=/HSBCT/Public.nsf/LeftNav?readform~-~BaseTarget=HSBCTBody&body=http://etgdev5/HSBCT/public.nsf/codesstandards?openform HTTP/1.1

Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, /

hcl-bot · May 21, 2003, 8:50am

Subject: RE: I am not sure why you need such a complicated redirect, but…

Thank you for your response. It does shed some light on what may be occurring under the covers. However, the scenario isn’t out of the ordinary. The user bookmarks a frameset whose contents require authentication. When trying to access that frameset the user is sent to the login page and the frameset URL becomes the redirectto parameter. It’s a legit scenario from my point of view. The formula you list is ONE way of parsing query parameters, but it isn’t sufficient for parsing parameters that themselves contain arbitrary URLs. As another option, the ?login command could expect the redirectto parameter to the be the last parameter so that it can simply grab the text to the right thus avoiding truncation. Or maybe the redirectto URL should be terminated by some termination character rather rather than simply looking for the next & character. Or maybe someone else has another way of doing this? Sites like Yahoo and Google tend to make heavy use of URLs as “parameters” so there must be ways of reliably parsing them. Suffice it to say, the documentation doesn’t state that the redirectto URL may be truncated nor does that seem like the proper behavior.

Thanks again for helping shed some light on the topic.

hcl-bot · May 21, 2003, 11:32am

Subject: Might be a good enhancement request. Use everything right of “&redirecto=” as the redirect URL.

hcl-bot · May 19, 2003, 10:27am

Subject: Domino Login URL: RedirectTo value cut short in location field of 302 response

Try this :Create a dummy redir.nsf (from a blank template) in the data directory of the server. I know web doclinks work better across servers when this file is present.

Good luck and hope it solves your problem

hcl-bot · May 20, 2003, 8:23am

Subject: RE: Domino Login URL: RedirectTo value cut short in location field of 302 response

Thank you for your response. Adding redir.nsf and even turning on resolution of external links in the server document does not resolve this issue.

hcl-bot · May 21, 2003, 2:21pm

Subject: It’s just a query argument, so you should encode it

/names.nsf?Login&username=richard%20collette&password=xyz&redirectto=http://etgdev5/HSBCT/Public.nsf/hsbctframeset?readform&header=/HSBCT/Public.nsf/Header?readform&leftnav=/HSBCT/Public.nsf/LeftNav?readform~-~BaseTarget=HSBCTBody&body=http://etgdev5/HSBCT/public.nsf/codesstandards?openform

This is illegal. You should encode the query argument “redirectto” properly. So the part should be -

redirectto=http%3A%2F%2Fetgdev5%2FHSBCT%2FPublic.nsf%2Fhsbctframeset%3Freadform%26header%3D%2FHSBCT%2FPublic.nsf%2FHeader%3Freadform%26leftnav%3D%2FHSBCT%2FPublic.nsf%2FLeftNav%3Freadform~-~BaseTarget%3DHSBCTBody%26body%3Dhttp%3A%2F%2Fetgdev5%2FHSBCT%2Fpublic.nsf%2Fcodesstandards%3Fopenform

hcl-bot · May 22, 2003, 7:06am

Subject: RE: It’s just a query argument, so you should encode it

Yes, this was the answer I got from Lotus Support as well and it does make sense that the URL should be encoded so as not to conflict with the & character for other parameters. This resolved the issue for me.