Last modified: 2012-12-13 13:17:09 UTC
When trying to access the PNG attachment at <https://bugzilla.wikimedia.org/attachment.cgi?id=11489>, bugzilla is generating a redirect loop: daniel@brightpad ~/tmp> LANG=EN wget -S -O /dev/null http://bugzilla.wikimedia.org/attachment.cgi?id=11489 --2012-12-13 11:55:25-- http://bugzilla.wikimedia.org/attachment.cgi?id=11489 Resolving bugzilla.wikimedia.org... 208.80.152.149 Connecting to bugzilla.wikimedia.org|208.80.152.149|:80... connected. HTTP request sent, awaiting response... HTTP/1.1 302 Found Date: Thu, 13 Dec 2012 10:55:25 GMT Server: Apache Location: https://bugzilla.wikimedia.org/attachment.cgi?id=11489 Vary: Accept-Encoding Content-Length: 310 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Location: https://bugzilla.wikimedia.org/attachment.cgi?id=11489 [following] --2012-12-13 11:55:25-- https://bugzilla.wikimedia.org/attachment.cgi?id=11489 Connecting to bugzilla.wikimedia.org|208.80.152.149|:443... connected. HTTP request sent, awaiting response... HTTP/1.1 302 Found Date: Thu, 13 Dec 2012 10:55:26 GMT Server: Apache X-xss-protection: 1; mode=block X-frame-options: SAMEORIGIN X-content-type-options: nosniff Location: https://bug-attachment.wikimedia.org/attachment.cgi?id=11489 Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/plain Location: https://bug-attachment.wikimedia.org/attachment.cgi?id=11489 [following] --2012-12-13 11:55:26-- https://bug-attachment.wikimedia.org/attachment.cgi?id=11489 Resolving bug-attachment.wikimedia.org... 208.80.152.149 Connecting to bug-attachment.wikimedia.org|208.80.152.149|:443... connected. HTTP request sent, awaiting response... HTTP/1.1 302 Found Date: Thu, 13 Dec 2012 10:55:27 GMT Server: Apache Location: https://bugzilla.wikimedia.org/attachment.cgi?id=11489 Vary: Accept-Encoding Content-Length: 317 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1 Location: https://bugzilla.wikimedia.org/attachment.cgi?id=11489 [following] --2012-12-13 11:55:27-- https://bugzilla.wikimedia.org/attachment.cgi?id=11489 Connecting to bugzilla.wikimedia.org|208.80.152.149|:443... connected. HTTP request sent, awaiting response... HTTP/1.1 302 Found Date: Thu, 13 Dec 2012 10:55:28 GMT Server: Apache X-xss-protection: 1; mode=block X-frame-options: SAMEORIGIN X-content-type-options: nosniff Location: https://bug-attachment.wikimedia.org/attachment.cgi?id=11489 Content-Length: 0 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/plain ... ... ...
https://bug-attachment.wikimedia.org to https://bugzilla.wikimedia.org and back.
Reverting bug 43048 didn't change this plus it's likely more low-level.
Fixed
Reedy: What happened, and fixed how? For the records, from #bugzilla: <justdave> it'll redirect back to the main hostname to get a token issued to say you're authorized to see the attachment <justdave> the main hostname will check your login cookie, see that you're authorized, and redirect you back with a one-time-use token <justdave> if something is happening that causes that token to not get recorded in the database then it wouldn't be valid and the attachment hostname would redirect you back again <justdave> could also happen if something else is trying to retrieve it at the same time and the token gets used before you get there <justdave> if there's javascript in an attachment that causes it to reload, the second load the token would no longer be valid and it'd have to go back for another one
