fix: modify compression middleware to pass through redirects immediately without buffering

internal/handlers/page_handler.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"html/template"
 	"net/http"
+	"net/url"
 	"os"
 	"path/filepath"
 	"strconv"
@@ -877,7 +878,8 @@ func (h *PageHandler) ResetPassword(w http.ResponseWriter, r *http.Request) {
 func (h *PageHandler) Settings(w http.ResponseWriter, r *http.Request) {
 	user := h.currentUserWithLockCheck(w, r)
 	if user == nil {
-		http.Redirect(w, r, "/login?flash=Sign in to manage your account", http.StatusSeeOther)
+		redirectURL := "/login?flash=" + url.QueryEscape("Sign in to manage your account")
+		http.Redirect(w, r, redirectURL, http.StatusSeeOther)
 		return
 	}
 
@@ -897,7 +899,8 @@ func (h *PageHandler) Settings(w http.ResponseWriter, r *http.Request) {
 func (h *PageHandler) UpdateEmail(w http.ResponseWriter, r *http.Request) {
 	user := h.currentUserWithLockCheck(w, r)
 	if user == nil {
-		http.Redirect(w, r, "/login?flash=Sign in to manage your account", http.StatusSeeOther)
+		redirectURL := "/login?flash=" + url.QueryEscape("Sign in to manage your account")
+		http.Redirect(w, r, redirectURL, http.StatusSeeOther)
 		return
 	}
 
@@ -960,13 +963,15 @@ func (h *PageHandler) UpdateEmail(w http.ResponseWriter, r *http.Request) {
 	}
 	h.clearAuthCookie(w, r)
 
-	http.Redirect(w, r, "/login?flash=Email updated. Check your inbox to confirm the new address. You will need to sign in again after verification.", http.StatusSeeOther)
+	redirectURL := "/login?flash=" + url.QueryEscape("Email updated. Check your inbox to confirm the new address. You will need to sign in again after verification.")
+	http.Redirect(w, r, redirectURL, http.StatusSeeOther)
 }
 
 func (h *PageHandler) UpdateUsername(w http.ResponseWriter, r *http.Request) {
 	user := h.currentUserWithLockCheck(w, r)
 	if user == nil {
-		http.Redirect(w, r, "/login?flash=Sign in to manage your account", http.StatusSeeOther)
+		redirectURL := "/login?flash=" + url.QueryEscape("Sign in to manage your account")
+		http.Redirect(w, r, redirectURL, http.StatusSeeOther)
 		return
 	}
 
@@ -1022,13 +1027,15 @@ func (h *PageHandler) UpdateUsername(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	http.Redirect(w, r, "/settings?flash=Username updated successfully.", http.StatusSeeOther)
+	redirectURL := "/settings?flash=" + url.QueryEscape("Username updated successfully.")
+	http.Redirect(w, r, redirectURL, http.StatusSeeOther)
 }
 
 func (h *PageHandler) UpdatePassword(w http.ResponseWriter, r *http.Request) {
 	user := h.currentUserWithLockCheck(w, r)
 	if user == nil {
-		http.Redirect(w, r, "/login?flash=Sign in to manage your account", http.StatusSeeOther)
+		redirectURL := "/login?flash=" + url.QueryEscape("Sign in to manage your account")
+		http.Redirect(w, r, redirectURL, http.StatusSeeOther)
 		return
 	}
 
@@ -1140,13 +1147,15 @@ func (h *PageHandler) UpdatePassword(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	http.Redirect(w, r, "/settings?flash=Password updated successfully.", http.StatusSeeOther)
+	redirectURL := "/settings?flash=" + url.QueryEscape("Password updated successfully.")
+	http.Redirect(w, r, redirectURL, http.StatusSeeOther)
 }
 
 func (h *PageHandler) DeleteAccount(w http.ResponseWriter, r *http.Request) {
 	user := h.currentUserWithLockCheck(w, r)
 	if user == nil {
-		http.Redirect(w, r, "/login?flash=Sign in to manage your account", http.StatusSeeOther)
+		redirectURL := "/login?flash=" + url.QueryEscape("Sign in to manage your account")
+		http.Redirect(w, r, redirectURL, http.StatusSeeOther)
 		return
 	}
 
@@ -1204,7 +1213,8 @@ func (h *PageHandler) DeleteAccount(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	http.Redirect(w, r, "/settings?flash=Check your inbox for a confirmation link to finish deleting your account.", http.StatusSeeOther)
+	redirectURL := "/settings?flash=" + url.QueryEscape("Check your inbox for a confirmation link to finish deleting your account.")
+	http.Redirect(w, r, redirectURL, http.StatusSeeOther)
 }
 
 func (h *PageHandler) ConfirmAccountDeletion(w http.ResponseWriter, r *http.Request) {
@@ -1328,7 +1338,8 @@ func (h *PageHandler) clearAuthCookie(w http.ResponseWriter, r *http.Request) {
 func (h *PageHandler) Vote(w http.ResponseWriter, r *http.Request) {
 	user := h.currentUserWithLockCheck(w, r)
 	if user == nil {
-		http.Redirect(w, r, "/login?flash=Please sign in to vote", http.StatusSeeOther)
+		redirectURL := "/login?flash=" + url.QueryEscape("Please sign in to vote")
+		http.Redirect(w, r, redirectURL, http.StatusSeeOther)
 		return
 	}
 

internal/middleware/compression.go

@@ -38,6 +38,10 @@ func CompressionMiddlewareWithConfig(config *CompressionConfig) func(http.Handle
 
 			next.ServeHTTP(bufferedWriter, r)
 
+			if bufferedWriter.isRedirect {
+				return
+			}
+
 			if buf.Len() < config.MinSize {
 				bufferedWriter.flush()
 				w.Write(buf.Bytes())
@@ -73,9 +77,13 @@ type bufferedResponseWriter struct {
 	buffer        *bytes.Buffer
 	statusCode    int
 	headerWritten bool
+	isRedirect    bool
 }
 
 func (brw *bufferedResponseWriter) Write(b []byte) (int, error) {
+	if brw.isRedirect {
+		return brw.ResponseWriter.Write(b)
+	}
 	if !brw.headerWritten {
 		brw.statusCode = http.StatusOK
 	}
@@ -87,6 +95,11 @@ func (brw *bufferedResponseWriter) WriteHeader(code int) {
 		return
 	}
 	brw.statusCode = code
+	if isRedirect(code) {
+		brw.isRedirect = true
+		brw.ResponseWriter.WriteHeader(code)
+		brw.headerWritten = true
+	}
 }
 
 func (brw *bufferedResponseWriter) Header() http.Header {
@@ -100,6 +113,10 @@ func (brw *bufferedResponseWriter) flush() {
 	}
 }
 
+func isRedirect(statusCode int) bool {
+	return statusCode >= 300 && statusCode < 400
+}
+
 func shouldCompress(r *http.Request, config *CompressionConfig) bool {
 	return r.Header.Get("Content-Encoding") == ""
 }