[FIX] ensure_db() werkzeug.BaseResponse.url usage leads to encoded hashes loss

author Fabien Meghazi <fme@openerp.com>

Tue, 11 Mar 2014 20:52:20 +0000 (21:52 +0100)

committer Fabien Meghazi <fme@openerp.com>

Tue, 11 Mar 2014 20:52:20 +0000 (21:52 +0100)
author Fabien Meghazi <fme@openerp.com>
Tue, 11 Mar 2014 20:52:20 +0000 (21:52 +0100)
committer Fabien Meghazi <fme@openerp.com>
Tue, 11 Mar 2014 20:52:20 +0000 (21:52 +0100)
diff --git a/addons/web/controllers/main.py b/addons/web/controllers/main.py

index d13226c..0074a88 100644 (file)
--- a/addons/web/controllers/main.py
+++ b/addons/web/controllers/main.py
@@ -141,7 +141,12 @@ def ensure_db(redirect='/web/database/selector'):
          # Thus, we redirect the user to the same page but with the session cookie set.
          # This will force using the database route dispatcher...
          r = request.httprequest
-        response = werkzeug.utils.redirect(r.url, 302)
+        url_redirect = r.base_url
+        if r.query_string:
+            # Can't use werkzeug.wrappers.BaseRequest.url with encoded hashes:
+            # https://github.com/amigrave/werkzeug/commit/b4a62433f2f7678c234cdcac6247a869f90a7eb7
+            url_redirect += '?' + r.query_string
+        response = werkzeug.utils.redirect(url_redirect, 302)
          request.session.db = db
          response = r.app.get_response(r, response, explicit_session=False)
          werkzeug.exceptions.abort(response)
author	Fabien Meghazi <fme@openerp.com>
	Tue, 11 Mar 2014 20:52:20 +0000 (21:52 +0100)
committer	Fabien Meghazi <fme@openerp.com>
	Tue, 11 Mar 2014 20:52:20 +0000 (21:52 +0100)