savannah-hackers-public
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers-public] Redirect gnutelephony.org

From: Bob Proulx
Subject: Re: [Savannah-hackers-public] Redirect gnutelephony.org
Date: Wed, 7 Feb 2018 11:18:19 -0700
User-agent: Mutt/1.9.3 (2018-01-21) 
Hello Thérèse,

> > Perhaps we should put in a redirect in that case so that if someone
> > arrives at Savannah by an unexpected and undesired name that they get
> > redirected to the main domain.

I have done this.  The redirect for other domains is now in place.  It
shouldn't cause any change at all for the standard domains.  For DNS
domains that point to the same IP address as Savannah those will see
an http redirect which will change the URL in their browser to show a
canonical name.  The causes them to be in the same security domain and
therefore session cookies and everything will work normally.

This only works well for http.  Since https requires a valid
certificate it can't work well with https.  But I did set up an https
redirect as well.  It will, as it must be, an invalid certificate.
But it seemed better to provide this for clients that don't check
validity than to have them arrive and stay at the wrong domain.

I also added a test to the savannah-tests testsuite to test that this
redirect is in place.

Thérèse Godefroy wrote:
> Bob Proulx wrote:
> > And because of the domain difference it will use a cookie for
> > the other domain instead of the Savannah one.
> 
> Will this happen if the URL is not redirected, but rewritten (as
> suggested in my last message)?

That is a separate issue because that needs to know about the listed
other domains.  Doing the http redirect for unknown domains just needs
to know that it isn't savannah.{non,}gnu.org.  That's simple and
generic.  But doing it for other domains requires a configuration for
each domain.  And a test for each one too.

I am pretty sure the RewriteRule suggested needed flags [R,L] added to
make it do what you wanted it to do.  However in the case suggested
simply using a Redirect is simpler and more direct.  I will say
something in detail in reply to that message in a moment.

> I assume the cookie will be for the
> rewritten version (gnu.org/software/gnucomm/), not the original domain
> (gnutelephony.org).

Yes.  After a redirect the browser then applies all rules associated
with the new domain.

> In fact, the only cookie I ever saw on gnu.org is the language cookie
> which goes with the "set language" feature.

I have no idea how localization is done.  That is done with a cookie?
I immediately have twenty questions but will hold them off for now.
Someone else was asking about localization and I had no idea how it
worked.

> > Perhaps we should put in a redirect in that case so that if someone
> > arrives at Savannah by an unexpected and undesired name that they get
> > redirected to the main domain.
> 
> Isn't it what the default vhost does already?

No.  That wasn't the way it worked before.  Before a default vhost
simply served the request.  That left the URL in the browser location
bar to be any of an infinite number of possible names, each creating a
new browser security domain and an indepedent set of cookies.  But as
of today that is the way it is working now moving forward.  Now if
someone arrives by using a different name a redirect will take them
back to a canonical name.

> What really happens is
> that if someone arrives at www.gnu.org by an unexpected name, they get
> redirected to the Savannah home page. And if they arrive directly at
> Savannah, they stay there.

The historical setup of everything is such a maze of twisty little
passages all different.  I didn't know that www.gnu.org had such a
redirect in place.  To my sensibilities that seems odd.  But I will
just accept it and keep going because, "C'est la vie".

In any case I think we have finally caught up the Savannah half of
this configuration, now in 2018, after it has probably been like this
for 15 years.  Oh well.

This is only half of this problem.  The browser domain context half.

> > That would clean up this current
> > situation.  I think that would make the best of the situation since we
> > can't prevent the world from pointing to it.
> > 
> > I will make that change sometime this week when I get enough time to
> > make the change and test it.
> 
> Thanks!

That part is done.  If you visit http://gnutelephony.org/ now you will
see the difference in the browser location bar.  And the behavior
should then follow correctly.  That is the only difference you should
notice.  Other appearances should be the same since it is rendering
the same page.

> >> What we would like to do now is redirect all requests for
> >> http(s)://gnutelephony.org/* or http(s)://www.gnutelephony.org/* to
> >> http(s)://www.gnu.org/gnucomm/gnucomm.html
> > 
> > I think you mean this address:
> > 
> >   https://www.gnu.org/software/gnucomm/
> 
> Either one will do. gnucomm/index.html is "symlinked" (not exactly,
> because this is done by mod_rewrite) to gnucomm/gnucomm.html.

When I visit http://www.gnu.org/gnucomm/gnucomm.html I get a 404 Not Found.

  wget -O/dev/null -S -q http://www.gnu.org/gnucomm/gnucomm.html
    HTTP/1.1 404 Not Found
    Date: Wed, 07 Feb 2018 18:14:19 GMT
    Server: Apache/2.4.7
    Content-Location: gnu-404.html
    ...

However https://www.gnu.org/software/gnucomm/ works.

> See the whole story below.

I want to send out notice of the above and not hold it while I read
and understand the rest of what you have written.  So I will send this
now and then queue up the below for further reading a little later in
the day when I have time.  At the moment other urgencies are dragging
my attention away.

Bob
reply via email to
[Prev in Thread] Current Thread [Next in Thread]