Add specific message for double-encoded redirects#6704
Conversation
Some hosts seem to re-encode parameters in a http=>https redirect, which causes problems with Jetpack auth. This checks the ‘redirect_to’ query param and if it detects a double-encoded value shows a specific message with link to support guide
|
@jeherve -- are you able to help with creating this support page? |
|
I'm happy to help, but I'm not sure what the list of possible solutions would be. @johngodley @georgeh I assume you already have some kind of predef you use for folks running into this issue with the Google Docs Add-on? Could you add the info you have to the draft I created here? Thanks! |
|
Thanks @jeherve - there's no predef as such, but I've filled in a few more details. It's mostly 'fix your server', but hopefully it helps. If it looks ok to you then I think the page is good to go. If it's possible to track stats for things like this then that would be a good addition. Is this something Jetpack can do? If not then the PR is ready. |
Yes, it can be done, through Nosara Tracks. Jetpack includes a library making it easier to track actions all across the plugin: @dereksmart could probably tell you more if needed. |
Will give an indication of how widespread this is, and hopefully help with support
|
That's perfect, added! Event should track under |
|
Removing the Needs Review label as I can't get tests to run locally now. Please rebase it so it gets up to date. And forgive me if this was a mistake on my side. |
|
This PR has been marked as stale. This happened because:
No further action is needed. But it's worth checking if this PR has clear testing instructions, is it up to date with master, and it is still valid. Feel free to close this issue if you think it's not valid anymore — if you do, please add a brief explanation. |
|
This PR looks like it might contain user tracking functions. We need to make sure that it is GDPR Compliant. Rules triggering this positive scan:
cc: @pesieminski |
This is automated check which relies on |
zinigor
left a comment
There was a problem hiding this comment.
Besides one minor spacing problem, and potential GDPR compliance issues I have no problems with this, thank you!
* Initial Changelog for 7.2 * Testing list: add mention of IE11 testing * Initial Changelog for 7.2 * Testing list: add mention of IE11 testing * Add CL for #11224 * Add CL for #11426 * Add CL for #11442 * Add testing instructions for #11224 * Add CL for #11451 * Reclassify CL item * Add testing instructions for #11451 * Add CL for #11486 * Add CL for #11418 * Add CL for #11524 * Add CL and testing instructions for #11449 * Add CL for #11460 * Add CL for #11520 and #11582 * Add CL for #11531 * Add CL #11644 * Add testing instructions for #11644 * Add testing instructions for #11644 * Add CL for #11618 * Uniform changelog lines * CL #11679 * CL #11661 * CL #11654 * CL #11645 * CL #11643 * CL #11636 * CL #11635 and for other PHPCS commits * CL #11627 * CL #11626 * CL #11598 * CL #11596 * Remove nested items for shortcopy. I don't believe the detailed list is helpful * CL #11570 * CL #11569 * CL #11560 * CL #11558 * CL #11555 * CL #6704 * CL #11298 * CL #11324 * CL #11443 * CL #11484 * CL #11516 * CL #11529 * Expand Ads block enhancement CL item
Some hosts seem to re-encode parameters in a http=>https redirect, which causes problems with Jetpack auth.
This checks the ‘redirect_to’ query param and if it detects a double-encoded value shows a specific error message, directing the user to a support page for further details.
This PR is an initial step to fixing the problem that is fully described in #6690:
Note: would appreciate help regards the support page and tracking statistics!