Rewriting requests to /index.php on drupal sites

[tylmc3]

Hi,

A long-standing Drupal core issue exists surrounding hitting a Drupal site with the URL example.com/index.php which will cache all links on the page with /index.php before the rest of the route.

See index.php randomly appears in friendly URLs and index.php is inserted in menu links

This can be replicated by clearing the caches on a Drupal site, and then navigating to /index.php. Every URL on the page will now have /index.php prefixed to it and when you navigate back to the URL / those cached URLs will persist.

This doesn't cause issues with basic page navigation but will render public and private files inaccessible.

In the issue, [index.php randomly appears in friendly URLs](index.php randomly appears in friendly URLs), a patch exists for the .htaccess to add the RewriteRule RewriteRule ^index\.php/(.*) /$1 [L,R=301] which removes the /index.php from all requests if it exists.

I've modified this .htaccess RewriteRule to work for a site of ours that was affected by this by creating an nginx-override.conf file with the contents

if ($request_uri ~* "^/index\.php(/)?(.*)") {
  rewrite ^/index\.php(/)?(.*) /$2 redirect;
}

With this being a core bug since 2016, with consideration to what other effects this could have, I think adding this to the default Drupal nginx rules would be a good step forward to mitigating this issue in other Drupal sites on the Wodby stack.

[csandanov]

Hi, thank you. I see they now have a PR pending https://git.drupalcode.org/project/drupal/-/merge_requests/7995/diffs?commit_id=5a73e7d2b422e5278388d665b9592d023447479f. I suggest we wait

[gene-miller]

Just a note to say this issue still exists

[csandanov]

Introduced NGINX_DRUPAL_REMOVE_INDEXPHP, set to any value to enable the rewrite rule to remove /index.php/ prefix