[kmail2] [Bug 354822] New: Opening link in mail directs user to received location header instead of link

Martin van Es via KDE Bugzilla bugzilla_noreply at kde.org
Wed Nov 4 08:41:42 GMT 2015 

https://bugs.kde.org/show_bug.cgi?id=354822

            Bug ID: 354822
           Summary: Opening link in mail directs user to received location
                    header instead of link
           Product: kmail2
           Version: unspecified
          Platform: Kubuntu Packages
                OS: Linux
            Status: UNCONFIRMED
          Severity: major
          Priority: NOR
         Component: general
          Assignee: kdepim-bugs at kde.org
          Reporter: bugs at mrvanes.com

Chrome is my default browser. I've noticed a couple of times that clicking
links in kmail sent me to some sort of "you need to be logged in" page instead
of the content I was looking for. Copying the link and pasting it in Chrome
always brings me to the right location.

After some debugging, it turns out that since 5.0.2 (15.08.2-0ubuntu1 and/or
the update to Kubuntu Wily) kmail for shows a notification of the click action.
After some event tracking in Chrome I found that the link that kmail (or
notifier?) sent to Chrome was actually the location header of the first
request. This results in lost sessions which can be shown with the following
example:

I have a mail with a link that looks like this:
https://xxxx.xxx.xx/seminar_i_want_to_visit/access.html?sac=CA2A50DD905F&ck=personalpage

When accessed directly in Chrome, this page answers with a status 302 (found)
and a location header containing:
https://xxxx.xxx.xx/seminar_i_want_to_visit/personalpage.html?sid=e4ed2a3a-e8b5-466e-97c5-5c4efbd07390

Which in turn shows me my personal page for this seminar.

When clicked in kmail however, the FIRST request that Chrome receives is:
https://xxxx.xxx.xx/seminar_i_want_to_visit/personalpage.html?sid=e4ed2a3a-e8b5-466e-97c5-5c4efbd07390

Which sends me to a login page, because there is no session for sid
e4ed2a3a-e8b5-466e-97c5-5c4efbd07390 yet.

Clicking the link a second time in kmail (after having opened the page using
copy/paste before) brings me to the correct page, since there now is a valid
session on sid e4ed2a3a-e8b5-466e-97c5-5c4efbd07390.


Reproducible: Always

Steps to Reproduce:
1. Receive mail with personal link that forces a location header containing
session information
2. Click link in kmail
3. Watch page

Actual Results:  
Genereic page without session telling me to login

Expected Results:  
Personal page

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the Kdepim-bugs mailing list