From cc15691891e32636bc52ae34ceba6690afc3e9d0 Mon Sep 17 00:00:00 2001
From: Tom Udding <tomudding@users.noreply.github.com>
Date: Wed, 31 Jul 2024 19:27:45 +0200
Subject: [PATCH] fix: exploding login redirect links

Thought I had already fixed this, but this was unfortunately not the case as I
still saw Amazon and Meta having issues with this.

Quite simple, `redirect_to` already in the URL? Than we provide a new clean URL.
---
 .../Application/view/partial/main-nav.phtml   | 23 +++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/module/Application/view/partial/main-nav.phtml b/module/Application/view/partial/main-nav.phtml
index e118bded84..5cf06ee9d4 100644
--- a/module/Application/view/partial/main-nav.phtml
+++ b/module/Application/view/partial/main-nav.phtml
@@ -93,6 +93,24 @@ endif; ?>
                 </li>
                 <?php
                 if (null === $this->identity() && null === $this->companyIdentity()): ?>
+                    <?php
+                    // Do NOT include the `redirect_to` parameter if it is already included (i.e. we are already on the
+                    // login page).
+                    $currentUrl = $this->serverUrl(true);
+                    $redirectTo = base64_encode($currentUrl);
+                    $loginUrl = $this->url(
+                        name: 'user/login',
+                        reuseMatchedParams: true,
+                    );
+
+                    if (!str_contains($currentUrl, 'redirect_to')) {
+                        $loginUrl = $this->url(
+                            name: 'user/login',
+                            options: ['query' => ['redirect_to' => base64_encode($this->serverUrl(true))]],
+                            reuseMatchedParams: true,
+                        );
+                    }
+                    ?>
                     <li class="dropdown pull-right">
                         <a href="<?= $this->hashUrl() ?>" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"
                            aria-expanded="false">
@@ -102,10 +120,7 @@ endif; ?>
                         </a>
                         <ul class="dropdown-menu">
                             <li>
-                                <a href="<?= $this->url(
-                                    name: 'user/login',
-                                    options: ['query' => ['redirect_to' => base64_encode($this->serverUrl(true))]],
-                                ) ?>">
+                                <a href="<?= $loginUrl ?>">
                                     <?= $this->translate('Login') ?>
                                 </a>
                             </li>