From 1137ab0715e4b1c0ad7c41061fa056f3b05ee3a3 Mon Sep 17 00:00:00 2001 From: Shane Kilkelly Date: Tue, 17 Jan 2017 14:35:37 +0000 Subject: [PATCH] Don't record redirect to static asset paths --- .../Authentication/AuthenticationController.coffee | 4 ++-- .../Authentication/AuthenticationControllerTests.coffee | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee b/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee index e8e3db4f93..485b046a85 100644 --- a/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee +++ b/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee @@ -194,8 +194,8 @@ module.exports = AuthenticationController = _setRedirectInSession: (req, value) -> if !value? - value = if Object.keys(req.query).length > 0 then "#{req.path}?#{querystring.stringify(req.query)}" else req.path - if req.session? + value = if Object.keys(req.query).length > 0 then "#{req.path}?#{querystring.stringify(req.query)}" else "#{req.path}" + if req.session? && !value.match(new RegExp('^\/(socket.io|js|stylesheets|img)\/.*$')) req.session.postLoginRedirect = value _getRedirectFromSession: (req) -> diff --git a/services/web/test/UnitTests/coffee/Authentication/AuthenticationControllerTests.coffee b/services/web/test/UnitTests/coffee/Authentication/AuthenticationControllerTests.coffee index 515b888911..94e930c7b1 100644 --- a/services/web/test/UnitTests/coffee/Authentication/AuthenticationControllerTests.coffee +++ b/services/web/test/UnitTests/coffee/Authentication/AuthenticationControllerTests.coffee @@ -550,6 +550,15 @@ describe "AuthenticationController", -> @AuthenticationController._setRedirectInSession(@req, '/somewhere/specific') expect(@req.session.postLoginRedirect).to.equal "/somewhere/specific" + describe 'with a js path', -> + + beforeEach -> + @req = {session: {}} + + it 'should not set the redirect', -> + @AuthenticationController._setRedirectInSession(@req, '/js/something.js') + expect(@req.session.postLoginRedirect).to.equal undefined + describe '_getRedirectFromSession', -> beforeEach -> @req = {session: {postLoginRedirect: "/a?b=c"}}