[Jifty-commit] jifty branch, master, updated. 1.10518-41-gf51cae7

Jifty commits jifty-commit at lists.jifty.org
Thu Aug 4 14:50:56 EDT 2011

The branch, master has been updated
       via  f51cae781f809c45b03d3bcb44cabb775a41fafb (commit)
      from  c14c88cf97851d9c6f2157f0b7acdb9bb5ea762f (commit)

Summary of changes:
 lib/Jifty/Continuation.pm |    6 ------
 1 files changed, 0 insertions(+), 6 deletions(-)

- Log -----------------------------------------------------------------
commit f51cae781f809c45b03d3bcb44cabb775a41fafb
Author: Alex Vandiver <alexmv at bestpractical.com>
Date:   Thu Aug 4 14:06:28 2011 -0400

    Checking for path hygene in continuation returns is no longer necessary
    This warning was introduced in 36bd338, when "call" and "return" were
    handled by the same code.  The only way we determined which phase we
    were in was by whether the path matched what was stored in the
    continuation.  The danger is this was that the path that we redirected
    to could be different from the path that the browser then requested, if
    it chose to escape characters differently; this would cause Jifty to
    redirect indefinitely.  The warning was placed here to warn of the
    perils of redirecting to URIs containing characters which the browser
    might choose to escape differently than Jifty did.
    However, the canonicalization done by Plack::Request (and in 3e54cf2)
    guarantees that the URIs have been canonicalized equivilently; thus,
    this warning is always a false-positive.

diff --git a/lib/Jifty/Continuation.pm b/lib/Jifty/Continuation.pm
index dece686..6701fd6 100644
--- a/lib/Jifty/Continuation.pm
+++ b/lib/Jifty/Continuation.pm
@@ -190,12 +190,6 @@ sub call {
-    # If we needed to fix up the path (it contains invalid
-    # characters) then warn, because this may cause infinite
-    # redirects
-    $self->log->warn("Redirect to '@{[$self->request->path]}' contains unsafe characters")
-        if $self->request->path =~ m{[^A-Za-z0-9\-_.!~*'()/?&;+%]};
     # Clone our request
     my $request = $self->request->clone;


More information about the Jifty-commit mailing list