Skip to content

Fix hash # escaping in donation redirect #1191

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
1 task done
zackkrida opened this issue Dec 3, 2020 · 2 comments · Fixed by #1192
Closed
1 task done

Fix hash # escaping in donation redirect #1191

zackkrida opened this issue Dec 3, 2020 · 2 comments · Fixed by #1192
Assignees
@TimidRobot

Comments

@zackkrida
Copy link
Member

zackkrida commented Dec 3, 2020
edited by TimidRobot
Loading

Currently creativecommons.org/donate is meant to redirect to https://www.classy.org/give/313412#!/donation/checkout, but there is an issue where the # character is escaped to %23:

Label URL
expected: https://www.classy.org/give/313412#!/donation/checkout
actual: https://www.classy.org/give/313412%23!/donation/checkout

Possible fixes:

I don't know enough about saltstack + our specific usage to fix this. In RewriteRules we could fix this with the [NE] flag.

Reproduction

  4. See error.

Expectation

Screenshots

Environment

  • Device: (eg. iPhone Xs; laptop)
  • OS: (eg. iOS 13.5; Fedora 32)
  • Browser: (eg. Safari; Firefox)
  • Version: (eg. 13; 73)
  • Other info: (eg. display resolution, ease-of-access settings)

Additional context

Resolution

  • I would be interested in resolving this bug.
@TimidRobot
Copy link
Member

Example test command:

http -h https://creativecommons.org/donate
HTTP/1.1 301 Moved Permanently
Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 5fc601b13aded346-LAX
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 04 Dec 2020 13:52:13 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Location: https://classy.org/give/313412/%23!/donation/checkout
Server: cloudflare
Set-Cookie: __cfduid=dc6ffce4361c60fc5cec56524d4e145041607089932; expires=Sun, 03-Jan-21 13:52:12 GMT; path=/; domain=.creativecommons.org; HttpOnly; SameSite=Lax
Strict-Transport-Security: max-age=15768000
Transfer-Encoding: chunked
Via: 1.1 varnish (Varnish/5.0)
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Varnish: 400501355
X-XSS-Protection: 1; mode=block
cf-request-id: 06cf9f62c10000d346ec92f000000001

@TimidRobot TimidRobot transferred this issue from creativecommons/sre-salt-prime Dec 4, 2020
@TimidRobot
Copy link
Member

The redirect in question is:

RewriteRule ^/donate/?$ https://classy.org/give/313412/#!/donation/checkout [R=301,L]

(https://github.com/creativecommons/creativecommons.org/blob/master/config/creativecommons.org.conf#L620)

@TimidRobot TimidRobot mentioned this issue Dec 4, 2020
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@TimidRobot TimidRobot

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix donate redirect creativecommons/creativecommons.org
2 participants
@TimidRobot @zackkrida