From 545040fdf0ab12a60bf8d134e05e73cf5c8fe4b3 Mon Sep 17 00:00:00 2001
From: Shannon <sdeminick@gmail.com>
Date: Thu, 20 Feb 2014 13:09:54 +1100
Subject: [PATCH 1/2] Fixes installer upgrade

---
 src/Umbraco.Core/UriExtensions.cs          | 23 ++++++++++++++++++++++
 src/Umbraco.Web.UI/install/Default.aspx.cs |  2 +-
 src/Umbraco.Web/UmbracoModule.cs           |  8 +++++++-
 3 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/src/Umbraco.Core/UriExtensions.cs b/src/Umbraco.Core/UriExtensions.cs
index 45cb906eef..6ace17220b 100644
--- a/src/Umbraco.Core/UriExtensions.cs
+++ b/src/Umbraco.Core/UriExtensions.cs
@@ -100,6 +100,29 @@ namespace Umbraco.Core
             return true;
         }
 
+        /// <summary>
+        /// Checks if it is a back office login or logout request
+        /// </summary>
+        /// <param name="url"></param>
+        /// <param name="applicationPath"></param>
+        /// <returns></returns>
+        internal static bool IsBackOfficeLoginRequest(this Uri url, string applicationPath)
+        {
+            applicationPath = applicationPath ?? string.Empty;
+
+            var fullUrlPath = url.AbsolutePath.TrimStart(new[] { '/' });
+            var appPath = applicationPath.TrimStart(new[] { '/' });
+            var urlPath = fullUrlPath.TrimStart(appPath).EnsureStartsWith('/');
+            
+            if (urlPath.InvariantStartsWith(GlobalSettings.Path.EnsureStartsWith('/') + "/login.aspx")
+                || urlPath.InvariantStartsWith(GlobalSettings.Path.EnsureStartsWith('/') + "/logout.aspx"))
+            {
+                return true;
+            }
+
+            return false;
+        }
+
         /// <summary>
         /// Checks if the current uri is an install request
         /// </summary>
diff --git a/src/Umbraco.Web.UI/install/Default.aspx.cs b/src/Umbraco.Web.UI/install/Default.aspx.cs
index 5a58949b8c..5ce92070a8 100644
--- a/src/Umbraco.Web.UI/install/Default.aspx.cs
+++ b/src/Umbraco.Web.UI/install/Default.aspx.cs
@@ -72,7 +72,7 @@ namespace Umbraco.Web.UI.Install
                     case ValidateRequestAttempt.FailedNoContextId:
                         Response.Redirect(
                             //We must add the token to prevent CSRF attacks since the logout occurs on a GET not a POST
-                        SystemDirectories.Umbraco + "/logout.aspx?redir=" + Server.UrlEncode(Request.RawUrl) + "&t=" + Security.UmbracoUserContextId);
+                        SystemDirectories.Umbraco + "/login.aspx?redir=" + Server.UrlEncode(Request.RawUrl) + "&t=" + Security.UmbracoUserContextId);
                         break;
                 }
             }
diff --git a/src/Umbraco.Web/UmbracoModule.cs b/src/Umbraco.Web/UmbracoModule.cs
index 3a616e22bc..a321196b88 100644
--- a/src/Umbraco.Web/UmbracoModule.cs
+++ b/src/Umbraco.Web/UmbracoModule.cs
@@ -83,6 +83,12 @@ namespace Umbraco.Web
 
 			var umbracoContext = UmbracoContext.Current;
 
+            //if it's a back office login request, do not continue
+		    if (httpContext.Request.Url.IsBackOfficeLoginRequest(HttpRuntime.AppDomainAppVirtualPath))
+		    {
+		        return;
+		    }
+
             //if it's a back office request then we need to ensure we're configured - otherwise redirect to installer
             if (httpContext.Request.Url.IsBackOfficeRequest(HttpRuntime.AppDomainAppVirtualPath)
                 && EnsureIsConfigured(httpContext, umbracoContext.OriginalRequestUrl) == false)
@@ -386,7 +392,7 @@ namespace Umbraco.Web
 
             LogHelper.Warn<UmbracoModule>("Umbraco is not configured");
 
-			var installPath = UriUtility.ToAbsolute(Core.IO.SystemDirectories.Install);
+			var installPath = UriUtility.ToAbsolute(SystemDirectories.Install);
 			var installUrl = string.Format("{0}/default.aspx?redir=true&url={1}", installPath, HttpUtility.UrlEncode(uri.ToString()));
 			httpContext.Response.Redirect(installUrl, true);
 			return false;

From a206652a0d9c67dcd6ae18abd694011c66b2ca22 Mon Sep 17 00:00:00 2001
From: Shannon <sdeminick@gmail.com>
Date: Thu, 20 Feb 2014 13:37:12 +1100
Subject: [PATCH 2/2] updates login redirect logic to be more inline with v7,
 less greedy which is better.

---
 src/Umbraco.Core/UriExtensions.cs | 40 +++++++++++++------------------
 src/Umbraco.Web/UmbracoModule.cs  | 10 ++------
 2 files changed, 19 insertions(+), 31 deletions(-)

diff --git a/src/Umbraco.Core/UriExtensions.cs b/src/Umbraco.Core/UriExtensions.cs
index 6ace17220b..430ba4b6d1 100644
--- a/src/Umbraco.Core/UriExtensions.cs
+++ b/src/Umbraco.Core/UriExtensions.cs
@@ -100,29 +100,6 @@ namespace Umbraco.Core
             return true;
         }
 
-        /// <summary>
-        /// Checks if it is a back office login or logout request
-        /// </summary>
-        /// <param name="url"></param>
-        /// <param name="applicationPath"></param>
-        /// <returns></returns>
-        internal static bool IsBackOfficeLoginRequest(this Uri url, string applicationPath)
-        {
-            applicationPath = applicationPath ?? string.Empty;
-
-            var fullUrlPath = url.AbsolutePath.TrimStart(new[] { '/' });
-            var appPath = applicationPath.TrimStart(new[] { '/' });
-            var urlPath = fullUrlPath.TrimStart(appPath).EnsureStartsWith('/');
-            
-            if (urlPath.InvariantStartsWith(GlobalSettings.Path.EnsureStartsWith('/') + "/login.aspx")
-                || urlPath.InvariantStartsWith(GlobalSettings.Path.EnsureStartsWith('/') + "/logout.aspx"))
-            {
-                return true;
-            }
-
-            return false;
-        }
-
         /// <summary>
         /// Checks if the current uri is an install request
         /// </summary>
@@ -139,6 +116,23 @@ namespace Umbraco.Core
             return afterAuthority.InvariantStartsWith(IOHelper.ResolveUrl("~/install").TrimStart("/"));
         }
 
+        /// <summary>
+        /// Checks if the uri is a request for the default back office page
+        /// </summary>
+        /// <param name="url"></param>
+        /// <returns></returns>
+        internal static bool IsDefaultBackOfficeRequest(this Uri url)
+        {
+            if (url.AbsolutePath.InvariantEquals(GlobalSettings.Path.TrimEnd("/"))
+                || url.AbsolutePath.InvariantEquals(GlobalSettings.Path.EnsureEndsWith('/'))
+                || url.AbsolutePath.InvariantStartsWith(GlobalSettings.Path.EnsureEndsWith('/') + "Default.aspx")
+                || url.AbsolutePath.InvariantStartsWith(GlobalSettings.Path.EnsureEndsWith('/') + "Umbraco.aspx"))
+            {
+                return true;
+            }
+            return false;
+        }
+
         /// <summary>
         /// This is a performance tweak to check if this is a .css, .js or .ico, .jpg, .jpeg, .png, .gif file request since
         /// .Net will pass these requests through to the module when in integrated mode.
diff --git a/src/Umbraco.Web/UmbracoModule.cs b/src/Umbraco.Web/UmbracoModule.cs
index a321196b88..48cb9c82d6 100644
--- a/src/Umbraco.Web/UmbracoModule.cs
+++ b/src/Umbraco.Web/UmbracoModule.cs
@@ -83,16 +83,10 @@ namespace Umbraco.Web
 
 			var umbracoContext = UmbracoContext.Current;
 
-            //if it's a back office login request, do not continue
-		    if (httpContext.Request.Url.IsBackOfficeLoginRequest(HttpRuntime.AppDomainAppVirtualPath))
-		    {
-		        return;
-		    }
-
             //if it's a back office request then we need to ensure we're configured - otherwise redirect to installer
-            if (httpContext.Request.Url.IsBackOfficeRequest(HttpRuntime.AppDomainAppVirtualPath)
+            if (httpContext.Request.Url.IsDefaultBackOfficeRequest()
                 && EnsureIsConfigured(httpContext, umbracoContext.OriginalRequestUrl) == false)
-            {                
+            {
                 return;
             }