Details
-
Improvement
-
Resolution: Obsolete
-
Medium
-
4.1.4, 4.2.0, 4.3.0alpha1
-
None
Description
It often happens that a bad css background image link can generate a request to the site homepage. In such a case, after every page, a second request is done to ezp, and this second request overwrites the lastaccessuri value stored in the user session (as it comes in a few msecs after the original pageview).
The end result is eg. that when the user edits a content he always gets redirected to the homepage, instead of being sent back to the node's parent - but other random breackages may occur.
I propose to alter the index.php script to not store the lastaccessuri when the http request is made for a image/css/js object.
I think it is doable by looking at the "Accept:" http header of the request. In the case I have seen, where / was asked via css background: url, the accept headers sent by firefox clearly indicated a preference for images (pngs). If this same behavior is validated with opera, chrome, safari and ie, I think it would be a pretty safe check - no user would alter the accept-headers sent by the browser by their own will.
I did not test this with requests sen t from flash/xhr...
related issues: 12621 and 6344