From c1fe98e0b9dbe40d564dc5ddad23e14dd0e6e462 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 26 Aug 2015 07:38:33 -0700
Subject: [PATCH] Prevent too many redirects error when home page URL set to
 external_urll

Many users naively set the home page URL setting to external_url
(e.g. https://mydomain.com). When an unauthenticated user signs in, this
causes endless redirections. For example, this is occuring:

1. Unauthenticated user attempts to access https://mydomain.com/dashboard
2. Application redirects to the home page URL: https://mydomain.com
3. Repeat step 2

In step 3, ApplicationController should have redirected the user to
https://mydomain.com/users/sign_in. Disabling the redirection if home
page URL is the same as external_url prevents users from messing up.

Closes https://github.com/gitlabhq/gitlabhq/issues/8843
Closes #2057
---
 CHANGELOG                                 | 1 +
 app/controllers/application_controller.rb | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG b/CHANGELOG
index a93558fb10d..92793b6be24 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 Please view this file on the master branch, on stable branches it's out of date.
 
 v 8.0.0 (unreleased)
+  - Prevent too many redirects upon login when home page URL is set to external_url (Stan Hu)
   - Improve dropdown positioning on the project home page (Hannes Rosenögger)
   - Upgrade browser gem to 1.0.0 to avoid warning in IE11 compatibilty mode (Stan Hu)
   - Fix "Reload with full diff" URL button in compare branch view (Stan Hu)
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 12d439b0b31..ef1170e16da 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -55,7 +55,9 @@ class ApplicationController < ActionController::Base
 
   def authenticate_user!(*args)
     # If user is not signed-in and tries to access root_path - redirect him to landing page
-    if current_application_settings.home_page_url.present?
+    # Don't redirect to the default URL to prevent endless redirections
+    if current_application_settings.home_page_url.present? &&
+        current_application_settings.home_page_url.chomp('/') != Gitlab.config.gitlab['url'].chomp('/')
       if current_user.nil? && root_path == request.path
         redirect_to current_application_settings.home_page_url and return
       end