[Mailman-Developers] Problem with Proxying and Utils.GetRequestURI
Mark Sapiro
msapiro at value.net
Mon Nov 19 04:01:25 CET 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mathias Andre wrote:
>
> We have a dedicated Mailman server list.example.com
> For several reason we have been asked to make use of our main web server to
> proxy the request to the Mailman server (this allow us to use one single
> certificate SSL) so on our main web server www.example.com we have the
> following Apache configuration:
>
> ProxyPass /lists http://list.example.com/cgi-bin/mailman/
> ProxyPassReverse /lists http://list.example.com/cgi-bin/mailman/
>
> So we can acess the Mailman web interfaces via for example:
> http://www.example.com/lists/listinfo/mailman
>
> This works just fine, we 'renamed' all the lists using fix_url and everything
> went ok, all the links are fine.
>
>
> Well, except for one: the ACTION= entry in all the login forms (admin,
> admindb...)
>
> After a bit of investigation I identified the source of the 'problem', in
> Mailman/Cgi/Auth.py in def loginpage():
>
> As it's a frontpage the actionurl comes from Utils.GetRequestURI(url), which
> in turns uses the REQUEST_URI environment variable.
Actually, that's backwards. actionurl comes from
Utils.GetRequestURI(url) if frontpage is false.
> In our case this variable is set to the *local* Apache path, ie the path on
> list.example.com instead of the path on www.example.com, so we have
> /cgi-bin/mailman//admin/mailman
> instead of:
> /lists/admin/mailman
I think that's all the local web server can do. I don't think there's
anything in the CGI environment that could get the original URI path as
sent to the proxy server.
> So the web browser then tries to send the form's data to
> www.example.com/cgi-bin/mailman//admin/mailman which obviously doesn't exist.
>
> We temporarily fixed our problem by forcing loginpage() to always return
> actionurl = url whether or not frontpage is True or not.
> This doesn't seem to have broken anything else but obviously I would like to
> find a cleaner solution.
I think you'll find it breaks one thing. Namely if someone tries to go
to a sub-page, e.g
<http://www.example.com/lists/admin/listname/privacy/sender>, without
having logged in, they should be taken to that page upon posting the
password. In your case, it doesn't work anyway, but in general, always
setting frontpage true will cause the login page to always return to the
default <http://www.example.com/lists/admin/listname> page.
> So I have a couple of questions:
> Are we doing something wrong in our setup? Why does Mailman GetRequestURI if
> frontpage is True?
Actually, false, but the reason is as I explain above. The only time
loginpage() is called with frontpage true is in response to the logout
request so you go to the default page if you (or someone else) log in again.
- --
Mark Sapiro <msapiro at value.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFHQPyFVVuXXpU7hpMRAhzMAKC5MIUqPx9Vzf4dtF8CxvTeVL03GQCgi/jz
/ZSUa896yQdE1gd+tILGfKc=
=LYws
-----END PGP SIGNATURE-----
More information about the Mailman-Developers
mailing list