aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess <joey@kitenet.net>2011-03-21 13:47:12 -0400
committerJoey Hess <joey@kitenet.net>2011-03-21 13:47:12 -0400
commit14b8abe60f02a9a31eb4b7ad489e6806637610f7 (patch)
treea260f52b60d453c2bc244e5e126522c2dc9e5628
parente96ecf2f9317b0f7d547e86bcaf67b3aebecd8ea (diff)
parent7be18bf29a26a40a9c401fb4f5ce8c2ef3e33ffb (diff)
downloadikiwiki-14b8abe60f02a9a31eb4b7ad489e6806637610f7.tar
ikiwiki-14b8abe60f02a9a31eb4b7ad489e6806637610f7.tar.gz
Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info
-rw-r--r--doc/bugs/trouble_with_base_in_search.mdwn53
-rw-r--r--doc/plugins/aggregate/discussion.mdwn12
2 files changed, 65 insertions, 0 deletions
diff --git a/doc/bugs/trouble_with_base_in_search.mdwn b/doc/bugs/trouble_with_base_in_search.mdwn
new file mode 100644
index 000000000..4ca2b4bef
--- /dev/null
+++ b/doc/bugs/trouble_with_base_in_search.mdwn
@@ -0,0 +1,53 @@
+For security reasons, one of the sites I'm in charge of uses a Reverse Proxy to grab the content from another machine behind our firewall.
+Let's call the out-facing machine Alfred and the one behind the firewall Betty.
+
+For the static pages, everything is fine. However, when trying to use the search, all the links break.
+This is because, when Alfred passes the search query on to Betty, the search result has a "base" tag which points to Betty, and all the links to the "found" pages are relative.
+So we have
+
+ <base href="Betty.example.com"/>
+ ...
+ <a href="./path/to/found/page/">path/to/found/page</a>
+
+This breaks things for anyone on Alfred, because Betty is behind a firewall and they can't get there.
+
+What would be better is if it were possible to have a "base" which didn't reference the hostname, and for the "found" links not to be relative.
+Something like this:
+
+ <base href="/"/>
+ ...
+ <a href="/path/to/found/page/">path/to/found/page</a>
+
+The workaround I've come up with is this.
+
+1. Set the "url" in the config to '&nbsp;' (a single space). It can't be empty because too many things complain if it is.
+2. Patch the search plugin so that it saves an absolute URL rather than a relative one.
+
+Here's a patch:
+
+ diff --git a/IkiWiki/Plugin/search.pm b/IkiWiki/Plugin/search.pm
+ index 3f0b7c9..26c4d46 100644
+ --- a/IkiWiki/Plugin/search.pm
+ +++ b/IkiWiki/Plugin/search.pm
+ @@ -113,7 +113,7 @@ sub indexhtml (@) {
+ }
+ $sample=~s/\n/ /g;
+
+ - my $url=urlto($params{destpage}, "");
+ + my $url=urlto($params{destpage}, undef);
+ if (defined $pagestate{$params{page}}{meta}{permalink}) {
+ $url=$pagestate{$params{page}}{meta}{permalink}
+ }
+
+It works for me, but it has the odd side-effect of prefixing links with a space. Fortunately that doesn't seem to break browsers.
+And I'm sure someone else could come up with something better and more general.
+
+--[[KathrynAndersen]]
+
+> The `<base href>` is required to be genuinely absolute (HTML 4.01 ยง12.4).
+> Have you tried setting `url` to the public-facing URL, i.e. with `alfred`
+> as the hostname? That seems like the cleanest solution to me; if you're
+> one of the few behind the firewall and you access the site via `betty`
+> directly, my HTTP vs. HTTPS cleanup in recent versions should mean that
+> you rarely get redirected to `alfred`, because most URLs are either
+> relative or "local" (start with '/'). --[[smcv]]
diff --git a/doc/plugins/aggregate/discussion.mdwn b/doc/plugins/aggregate/discussion.mdwn
index a3336ee08..80788fb1b 100644
--- a/doc/plugins/aggregate/discussion.mdwn
+++ b/doc/plugins/aggregate/discussion.mdwn
@@ -121,3 +121,15 @@ the user agent to be programmatically manipulated? --[[schmonz]]
>> Pong.. I'd be happier with a more 100% solution that let cookies be used
>> w/o needing to write a custom plugin to do it. --[[Joey]]
+
+>>> According to LWP::UserAgent, for the common case, a complete
+>>> and valid configuration for `$config{cookies}` would be `{ file =>
+>>> "$ENV{HOME}/.cookies.txt" }`. In the more common case of not needing
+>>> to prime one's cookies, `cookie_jar` can be `undef` (that's the
+>>> default). In my less common case, the cookies are generated by
+>>> visiting a couple magic URLs, which would be trivial to turn into
+>>> config options, except that these particular URLs rely on SPNEGO
+>>> and so LWP::Authen::Negotiate has to be loaded. So I think adding
+>>> `$config{cookies}` (and using it in the aggregate plugin) should
+>>> be safe, might help people in typical cases, and won't prevent
+>>> further enhancements for less typical cases. --[[schmonz]]