This code creates invalid redirect.

src/KernelEventListener.php

<?php
  private function sendUserToAccessDeniedPage() {
    $response = new RedirectResponse('/system/403');
    $response->send();
    return $response;
  }
?>

It should be fixed as this.

<?php
  private function sendUserToAccessDeniedPage() {
    $redirect_url = new \Drupal\Core\Url('system.403');
    $response = new RedirectResponse($redirect_url->toString());
    $response->send();
    return $response;
  }
?>
CommentFileSizeAuthor
#2 permissions_by_term-invalid_403_redirect-2.patch538 bytesothermachines

Comments

mh35 created an issue. See original summary.

othermachines’s picture

othermachines commented
Title: Redirect to /system/403 is invalid if Drupal is installed in sub-directory » Invalid 403 redirect
Version: 8.x-1.17 » 8.x-1.x-dev
Status: Active » Needs review
StatusFileSize
new permissions_by_term-invalid_403_redirect-2.patch538 bytes

My installation isn't in a subdirectory, but the invalid redirect is affecting all logged in users. This is on a fresh installation (Drupal 8.3.2).

Fix suggested above works well. I'll attach a patch. Thanks!

jepster_’s picture

jepster_
Location 🇩🇪Düsseldorf
commented
Status: Needs review » Fixed

Thanks for the patch! It's applied in the latest dev version.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.