Login/Logout Redirections broken after upgrade to Joomla 3.4.6
From Joomla! Documentation
Revision as of 09:43, 28 October 2018 by Franz.wohlkoenig
This article or section is incomplete, which means it may be lacking information. You are welcome to assist in its completion by editing it as well. If this article or section has not been edited in several days, please consider helping complete the content.
Wrong redirect after login on front-end since 3.4.6
This pertains only to Joomla! version(s): 3.4.6
Basically the security of redirection after login/logout was hardened in Joomla 3.4.6 - and this fixed a bug that some relied upon for years. If you are using a manually set url in a login/logout menu item options, then you must make sure that is an internal url, of non-sef, starting with index.php so that Joomla redirects you correctly.
It has always been the case however it was not until now that validation took place. Also note that in other places in Joomla 3.4.6 (like in the login module) and in Joomla 3.5, you are no longer be allowed to manually set a url - you only get a dropdown box to select a menu item to redirect to - this is the future and is much more secure.