@diosmosis haven't tested but when doing the redirect, and then logging in, does the feature still work to load the same page as you loaded initially? Say you are logged out and open the users manager, then log in, is the users manager loaded after log in?
@tsteur It doesn't, but this doesn't work on 3.x-dev for me either. (To be clear that's: login, load users manager, logout, log back in, see dashboard not users manager.)
What happens when you do
load users manager, login? I think we added some feature to do that... but maybe it isn't merged yet or so
Would there need to be anonymous access to a site to do that? I'm not sure how I'd get past the login page w/o logging in.
When you open eg
https://example.com/index.php?module=UsersManager&action=userSettings&idSite=1&period=day&date=yesterday , then it should show the login form on that page... once you log in, it should show the same page again. Not sure if that URL would now redirect to login page?
It might be naive, but why is
!$this->shouldHandleRememberMe() even called? Why not just take a look at
$_POST['form_rememberme'] and if it is there set expires? Wouldn't that instantaniosly solve #14075 and not touch any redirect logic that is present in Matomo?
@tsteur I see, it should remember the URL, was testing incorrectly.
@fdellwing it's only needed to perform that logic in a single controller action, and w/o that check, the logic could be triggered by a user by simply adding a query parameter. To protect against future bugs/exploits that could arise w/ new features written in completely different places by people who are not aware or have forgotten about this specific code path, we restrict the code's execution to exactly where it needs to be used.
@tsteur interestingly enough, that feature still works, but remember me doesn't...
@tsteur updated the code and tweaked the URL retaining feature. Now it posts to
module=Login and gets the referrer URL from a POST parameter. Can you check if this works for you?
Patch seems to work for me.
@diosmosis I got redirected to this:
What I did was open
https://apache.matomo/index.php?module=UsersManager&action=userSettings&idSite=1&period=day&date=yesterday and then logged in.
It was supposed to render userSettings but it is rendering users manager because of the wrong URL