From 40c35fb48ab8c4b73dc0b16654b4d7f16d4b945c Mon Sep 17 00:00:00 2001 From: Paul Catinean Date: Tue, 15 Sep 2015 22:44:35 +0300 Subject: [PATCH] [FIX] website: set multilang to `False`on `website_image` Add multilang=False to website_image controller to prevent redirects Because website_image is decorated with website=True Requests made for the product image at `/website/image/product.template/xx_xx/..` triggered redirections to add the language code to the requests URLs. This redirection was useless, as setting the language code for images is non-sense. Adding `websitelang=False` prevents this redirection. In addition, the redirection could lead to SSL security concerns, as the redirection could use the http:// scheme. Closes #8515 --- addons/website/controllers/main.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/addons/website/controllers/main.py b/addons/website/controllers/main.py index cd9f7e0d601..7ef9dbe38b2 100644 --- a/addons/website/controllers/main.py +++ b/addons/website/controllers/main.py @@ -378,7 +378,7 @@ class Website(openerp.addons.web.controllers.main.Home): '/website/image', '/website/image///', '/website/image////x' - ], auth="public", website=True) + ], auth="public", website=True, multilang=False) def website_image(self, model, id, field, max_width=None, max_height=None): """ Fetches the requested field and ensures it does not go above (max_width, max_height), resizing it if necessary.