Incorrect(?) handling of redirects to links with leading double slashes

[pchemguy]

Introduction

Redirects to links with leading double slashes may not be handled correctly. Redirect to "link":"//currencies_table.sql" interprets it as a URL containing the host part. While it does make certain sense, perhaps a better approach would be to check if the rest of the link is a valid path. If so, interpret it as such, removing one leading slash.

To Reproduce

Create index.sql with the following code and open it:

SELECT
    'redirect' AS component,
    '//currencies_table.sql' AS link;

Actual behavior

SQLpage redirected to http://currencies_table.sql/

Expected behavior

If "/currencies_table.sql" is valid path, redirect to http://{host}:{port}/currencies_table.sql

Version information

• OS: Windows 10
• Database [e.g. SQLite, Postgres]: SQLite
• SQLPage Version [found when hovering the default footer of pages]: 0.23.0

[lovasoa]

Hi! I understand your confusion, but this behavior is implemented by your browser directly and is a standard on the web:

https://datatracker.ietf.org/doc/html/rfc3986#section-4.2

It's commonly referred to as "protocol-relative URL". It is not widely used today, but I think SQLPage overriding the URLs entered by the website creators would be even more confusing...