Closed mnabialek closed 9 years ago
nsa-yoda
commented
10 years ago Seems to me that this is more of a per-case issue that can be easily resolved in .htaccess by the developer.
Remember that just because you want index.php removed from the URL, doesn't mean that everyone else wants index.php removed from the URL.
mnabialek
commented
10 years ago That's true however I think such protection should work out of the box (with possibility to turn it off). In my own framework I always checked $_SERVER['REQUEST_URI'] and I was almost sure it is working the same here.
99% of developers haven't done anything with it (you can check sites developed in Laravel) and probably only less than 0.1% would need for some reason urls also with index.php working.
Garbee
commented
10 years ago We can check sites made with Laravel how? There are no signs that Laravel is being used. Who knows what people are doing for legacy reasons.
imo, if you need this kind of thing to prevent an illusive "negative-SEO" attack, then you can add it in yourself.
nsa-yoda
commented
10 years ago @mnabialek Please give an example of the 99% of developers (and sites that you can check are developed with Laravel). The fact of the matter is that this is a point of flexibility. I myself have an internal app that routes above index.php.
I have to agree with @Garbee - if you need this kind of thing to prevent a "negative SEO" attack - then add it internally (Literally, just add a route filter) or worry about correct SEO practices.
Not tested, but along the lines of:
Route::filter('index_redir', function() {
if(strpos($url, "index.php") !== false){
return Redirect::to(str_replace("index.php/", "", $url), 301);
}
return false;
});
Route::get('user', array('before' => 'index_redir', 'uses' => 'UserController@showProfile'));
bworwa
commented
10 years ago This has nothing to do with Laravel
You're just basically setting querystring variables, if you can guess the access point of any website (in this case index.php) that "prettifies" URLs and how those querystring variables map to the framework's MVC logic or .htaccess redirections you can generate all the URLs you want.
nsa-yoda
commented
10 years ago Good find @bworwa :+1:
mnabialek
commented
10 years ago For me it does not change anything. Many sites do it wrong and it does not mean that you should not care.
However if I look at your examples:
http://stackoverflow.com/q/25008004/anything redirects to correct url
https://www.youtube.com/watch?v=PeHA6cnAoRs&anything have <link rel="canonical" href="http://www.youtube.com/watch?v=PeHA6cnAoRs"> in site source
I still think if possible framework should deal with wrong urls instead of allowing all urls to display the same content.
a-h-abid
commented
10 years ago I use this code at top of public/index.php ...
/*
* --------------------------------------------------------------------
* REMOVE index.php from URI
* --------------------------------------------------------------------
*/
if (strpos($_SERVER['REQUEST_URI'],'index.php') !== FALSE )
{
$new_uri = preg_replace('#index\.php\/?#', '', $_SERVER['REQUEST_URI']);
header('Location: '.$new_uri, TRUE, 301);
die();
}Works fine.
Garbee
commented
10 years ago You are still assuming sites need the index.php removed. Some may not. If you want, submit a PR to laravel/laravel with the fix. That is the proper place for it, in application logic. So the developer can easily decide if they need that rerouting or not.
Either way, this is not an issue with the framework at all.
crynobone
commented
10 years ago The similar problem will be if you use the following url:
http://laravel.com/index.php/docs/anythingThis url is redirected to:http://laravel.com/index.php/docs
Abviously this was done at the app level https://github.com/laravel/website/blob/master/app/routes.php#L56-L62
hosamalzagh
commented
1 year ago stell error on 2023 laravel 10
Al
laravel.comwebsite was created in Laravel Framework it will be the url I want to show the issue (but in fact you can choose any other website created with Laravel and probably 99% of websites will have the same problem) - I've also tested it at localhost with Laravel 4.2.One of urls on this website is:
http://laravel.com/docsHowever it seems that the following url will also work:
http://laravel.com/index.php/docsSimilar problems will be for main website url.
Default url is:
http://laravel.comBut also the following urls will also work:
http://laravel.com/index.phpand
http://laravel.com/index.php?anythingThis situation can cause that competition could create urls for those unwanted urls with index.php and search engines will see duplicated urls for our whole website and finally we don't know which urls will be displayed in search engines (those without index.php or those with it).
The similar problem will be if you use the following url:
http://laravel.com/index.php/docs/anythingThis url is redirected to:
http://laravel.com/index.php/docsand of course it should be redirected to:
http://laravel.com/docsOn localhost (at
laravel.comit doesn't work) it also seems that urlhttp://mydomain.com/index.phpdocswould work - it will go to routedocseven if there is no slash betweenindex.phpanddocsin the urlAs solution I think Laravel should either by default check
$_SERVER['REQUEST_URI]and if it starts withindex.phpit should make 301 redirection to correct url or in.htaccessshould be added rewrite rules to do 301 redirection