EPrints Technical Mailing List Archive

Message: #01307

< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

[EP-tech] Infinite redirect on staffonly document

Another problem related to http://www.eprints.org/tech.php/16874.html and http://www.eprints.org/tech.php/16546.html.


As before, this affects an EPrints instance which uses different domains for http and https (http://researchdata.uwe.ac.uk/ and https://eprints.uwe.ac.uk/datasecure/).


This time the problem is that we have a document restricted to repository staff which is inaccessible from its abstract page. Clicking on the document’s link causes EPrints to issue an infinite series of redirects.


I’m guessing that the root cause is that the document link is http://researchdata.uwe.ac.uk/85/1/Lorem%20ipsum.pdf, but the login process happens on https://eprints.uwe.ac.uk/datasecure/cgi/users/login?target=http%3A%2F%2Fresearchdata.uwe.ac.uk%2F85%2F1%2FLorem%2520ipsum.pdf, so researchdata.uwe.ac.uk never sees the user cookies. https://eprints.uwe.ac.uk/datasecure/85/1/Lorem%20ipsum.pdf works as expected.


Anyway, is the fix to redirect secure documents to their https URLs, as is already done in Rewrite.pm for secure CGI directories?