From a7fc340c3644f8bbea36918539a924f77975804f Mon Sep 17 00:00:00 2001
From: Savindu Dimal <dimalsavindu@gmail.com>
Date: Thu, 14 Sep 2023 12:42:23 +0530
Subject: [PATCH] Fix loginRequestPath

---
 .../distribution/product/src/main/extensions/basicauth.jsp  | 4 +++-
 modules/distribution/product/src/main/extensions/login.jsp  | 6 +++++-
 .../repository/conf/tomcat/carbon/WEB-INF/web.xml.j2        | 4 ++++
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/modules/distribution/product/src/main/extensions/basicauth.jsp b/modules/distribution/product/src/main/extensions/basicauth.jsp
index 5d801ec01b..66b3647813 100644
--- a/modules/distribution/product/src/main/extensions/basicauth.jsp
+++ b/modules/distribution/product/src/main/extensions/basicauth.jsp
@@ -93,14 +93,16 @@
 
                     if (userName.value) {
                         let contextPath = "<%=proxyContextPath%>"
+                        let loginRequestPath = "<%=loginContextRequestUrl%>"
                         if (contextPath !== "") {
                             contextPath = contextPath.startsWith('/') ? contextPath : "/" + contextPath
                             contextPath = contextPath.endsWith('/') ?
                                 contextPath.substring(0, contextPath.length - 1) : contextPath
+                            loginRequestPath = loginRequestPath.startsWith('../') ? loginRequestPath.substring(2, loginRequestPath.length) : loginRequestPath
                         }
                         $.ajax({
                             type: "GET",
-                            url: contextPath + "<%=loginContextRequestUrl%>",
+                            url: contextPath + loginRequestPath,
                             xhrFields: { withCredentials: true },
                             success: function (data) {
                                 if (data && data.status == 'redirect' && data.redirectUrl && data.redirectUrl.length > 0) {
diff --git a/modules/distribution/product/src/main/extensions/login.jsp b/modules/distribution/product/src/main/extensions/login.jsp
index b9523b1ac1..594bfa9bf9 100644
--- a/modules/distribution/product/src/main/extensions/login.jsp
+++ b/modules/distribution/product/src/main/extensions/login.jsp
@@ -501,9 +501,13 @@
     <script>
         function checkSessionKey() {
             var proxyPath = "<%=contextPath%>"
+            let loginRequestPath = "<%=loginContextRequestUrl%>"
+            if (proxyPath !== "") {
+                loginRequestPath = loginRequestPath.startsWith('../') ? loginRequestPath.substring(2, loginRequestPath.length) : loginRequestPath
+            }
             $.ajax({
                 type: "GET",
-                url: proxyPath + "<%=loginContextRequestUrl%>",
+                url: proxyPath + loginRequestPath,
                 xhrFields: { withCredentials: true },
                 success: function (data) {
                     if (data && data.status == 'redirect' && data.redirectUrl && data.redirectUrl.length > 0) {
diff --git a/modules/distribution/product/src/main/resources/conf/templates/repository/conf/tomcat/carbon/WEB-INF/web.xml.j2 b/modules/distribution/product/src/main/resources/conf/templates/repository/conf/tomcat/carbon/WEB-INF/web.xml.j2
index 6e2a45312c..3a450f6d9f 100644
--- a/modules/distribution/product/src/main/resources/conf/templates/repository/conf/tomcat/carbon/WEB-INF/web.xml.j2
+++ b/modules/distribution/product/src/main/resources/conf/templates/repository/conf/tomcat/carbon/WEB-INF/web.xml.j2
@@ -26,6 +26,10 @@
         <param-name>Owasp.CsrfGuard.Config</param-name>
         <param-value>repository/conf/security/Owasp.CsrfGuard.Carbon.properties</param-value>
     </context-param>
+    <context-param>
+        <param-name>contextPath</param-name>
+        <param-value>{{server.proxy_context_path}}</param-value>
+    </context-param>
 
     <servlet id="bridge">
         <servlet-name>bridgeservlet</servlet-name>