From e3c0ae35546c71e82f656ab3618ed87664272a1d Mon Sep 17 00:00:00 2001
From: Oliver Gorwits <oliver@cpan.org>
Date: Mon, 4 Mar 2013 21:40:43 +0000
Subject: [PATCH] All links and redirects are now relative

WARNING - this might break. We'll revert this commit if so.
The rationale is for those using proxies where the host name is not proxied
on, as in Apache's ProxyPreserveHost.
RFC2161 does not permit relative Location: header, but an upcoming revision
stil in-draft will apparently allow relative spec. I believe all browsers to
support relative Location: headers already.
---
 Netdisco/Changes                        |  3 ++-
 Netdisco/lib/App/Netdisco/Web.pm        |  2 +-
 Netdisco/lib/App/Netdisco/Web/AuthN.pm  |  9 ++++++---
 Netdisco/lib/App/Netdisco/Web/Device.pm |  4 +++-
 Netdisco/lib/App/Netdisco/Web/Search.pm | 12 +++++++++---
 TODO                                    |  1 -
 6 files changed, 21 insertions(+), 10 deletions(-)

diff --git a/Netdisco/Changes b/Netdisco/Changes
index cf614b52..dde47c97 100644
--- a/Netdisco/Changes
+++ b/Netdisco/Changes
@@ -13,10 +13,11 @@
   * Remove Daemon's job queue DBIC schema from user config
   * Add log messages to the Daemon
   * Use Path::Class for path and file name construction consistently
-  * Avoid use of DNS when looking up devices in DB by IP
+  * All links and redirects are now relative
 
   [BUG FIXES]
 
+  * Avoid use of DNS when looking up devices in DB by IP
   * Search by device port MAC no longer fatal
   * URI and HTML escape template variables
 
diff --git a/Netdisco/lib/App/Netdisco/Web.pm b/Netdisco/lib/App/Netdisco/Web.pm
index 347ed3dc..01c6eb78 100644
--- a/Netdisco/lib/App/Netdisco/Web.pm
+++ b/Netdisco/lib/App/Netdisco/Web.pm
@@ -43,7 +43,7 @@ hook 'before_template' => sub {
         if request->base->path ne '/';
 
     # allow portable dynamic content
-    $tokens->{uri_for} = \&uri_for;
+    $tokens->{uri_for} = sub { uri_for(@_)->path_query() };
 
     # allow very long lists of ports
     $Template::Directive::WHILE_MAX = 10_000;
diff --git a/Netdisco/lib/App/Netdisco/Web/AuthN.pm b/Netdisco/lib/App/Netdisco/Web/AuthN.pm
index f560a108..8ee84cea 100644
--- a/Netdisco/lib/App/Netdisco/Web/AuthN.pm
+++ b/Netdisco/lib/App/Netdisco/Web/AuthN.pm
@@ -22,23 +22,26 @@ hook 'before' => sub {
 };
 
 post '/login' => sub {
+    status(302);
+
     if (param('username') and param('password')) {
         my $user = schema('netdisco')->resultset('User')->find(param('username'));
         if ($user) {
             my $sum = Digest::MD5::md5_hex(param('password'));
             if ($sum and $sum eq $user->password) {
                 session(user => $user->username);
-                redirect uri_for('/inventory');
+                header(Location => uri_for('/inventory')->path_query());
                 return;
             }
         }
     }
-    redirect uri_for('/', {failed => 1});
+    header(Location => uri_for('/', {failed => 1})->path_query());
 };
 
 get '/logout' => sub {
     session->destroy;
-    redirect uri_for('/', {logout => 1});
+    status(302);
+    header(Location => uri_for('/', {logout => 1})->path_query());
 };
 
 true;
diff --git a/Netdisco/lib/App/Netdisco/Web/Device.pm b/Netdisco/lib/App/Netdisco/Web/Device.pm
index 3abf7281..7155747b 100644
--- a/Netdisco/lib/App/Netdisco/Web/Device.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Device.pm
@@ -94,7 +94,9 @@ get '/device' => sub {
     });
 
     if (!defined $dev) {
-        return redirect uri_for('/', {nosuchdevice => 1});
+        status(302);
+        header(Location => uri_for('/', {nosuchdevice => 1})->path_query());
+        return;
     }
 
     params->{'tab'} ||= 'details';
diff --git a/Netdisco/lib/App/Netdisco/Web/Search.pm b/Netdisco/lib/App/Netdisco/Web/Search.pm
index 9976daa8..4c09c038 100644
--- a/Netdisco/lib/App/Netdisco/Web/Search.pm
+++ b/Netdisco/lib/App/Netdisco/Web/Search.pm
@@ -64,7 +64,11 @@ get '/search' => sub {
     my $s = schema('netdisco');
 
     if (not param('tab')) {
-        if (not $q) { return redirect uri_for('/') }
+        if (not $q) {
+            status(302);
+            header(Location => uri_for('/')->path_query());
+            return;
+        }
 
         # pick most likely tab for initial results
         if ($q =~ m/^\d+$/) {
@@ -76,11 +80,13 @@ get '/search' => sub {
             if ($nd and $nd->count) {
                 if ($nd->count == 1) {
                     # redirect to device details for the one device
-                    return redirect uri_for('/device', {
+                    status(302);
+                    header(Location => uri_for('/device', {
                       tab => 'details',
                       q => ($nd->first->dns || $nd->first->ip),
                       f => '',
-                    });
+                    })->path_query());
+                    return;
                 }
 
                 # multiple devices
diff --git a/TODO b/TODO
index e19a919b..abaacb32 100644
--- a/TODO
+++ b/TODO
@@ -12,7 +12,6 @@ FRONTEND
 * reports page
 * reports plugin(s)
 * (jeneric) device module tab
-* remove host from uri_for includes
 * duplicate requests problem?
 
 DAEMON