Pass srcdump request parameter when redirecting etc. For most of CAF's purposes, the srcdump request parameter is not really for srcdump, since it is not related to authentication. Rather, it exists simply because we do not own the application path namespace. So when generating (or requesting) redirects etc. we should treat it as a form parameter relating to the application. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Docs: Fix reference to $authreq->chain_params This is public now so its name does not start with _. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
srcdump: Introduce srcdump_needlogin option This makes it technically fairly straightforward to take advantage of the CAF Login Exception. In the resulting website the source download link is only present on the login page unless the application also provides such a link, but that link is functional after logging in and can easily be used by bookmarking the url or using multiple browser tabs. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
Licence: Add copyright and licence statement to many files The licence (including exception) applies to the whole project, as would be expected. Document this. Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk> Signed-off-by: Ian Jackson <ijackson@eu.citrix.com>
Docs: Say that unknown divert kinds should be fatal This ought to be obvious, but we should state it explicitly. Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Introduce STALE divert kind This is discussed in the algorithm comment in _check_divert_core, but was not implemented. Sadly this means we were missing a divert kind - however, apps which don't handle it should die if they don't understand the divert kind, which is what we did ourselves previously. Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Docs: Various fixes and minor clarifications Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
API: Expose $authreq->chain_params() Contrary to what I said in a97dc2ce, it seems that this function is indeed useful. test/cgi wants it! Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Docs: Clarify url_with_query_params $params It doesn't want CAF-specific parameters: it will put those in for itself. Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
blinding: Discuss CookieSecret a bit differently
db_... settings: rename file from assocdb_...
caf.db: rename file from caf-assocs.db
db_prefix setting: change from assocdb_table
docs: more work
docs: more work
docs: more work
docs: more work
docs: more work
docs: more work
_chain_params: make an internal-only function as seems to have little plausible external use