Cleanup: Remove an old piece of junk

[cgi-auth-flexible.git] / caf.pod

diff --git a/caf.pod b/caf.pod
index 88b6b0f1a86bbb2029623fdb65155263a1ed6f6e..6ddc56e647929e40678f68ceb2f33877b6e4ae7b 100644 (file)
--- a/caf.pod
+++ b/caf.pod
@@ -1,5 +1,20 @@
 # -*- fundamental -*-
 
+# This is part of CGI::Auth::Flexible, a perl CGI authentication module.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version, with the "CAF Login Exception"
+# as published by Ian Jackson (version 1, or at your option any 
+# later version) as an Additional Permission.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+
+
 =head1 NAME
 
 CGI::Auth::Flexible - web authentication optionally using cookies
@@ -473,11 +488,12 @@ Returns the value of the secret cookie.  CGI::Auth::Flexible sets this
 cookie in the forms generated by C<check_ok>.  You may also set it
 yourself (and indeed you must do so if you use C<check_divert>).
 
-=item C<< $authreq->_chain_params() >>
+=item C<< $authreq->chain_params() >>
 
 Returns a hash of the "relevant" parameters to this request, in a form
 suitable for C<url_with_query_params>.  This is all of the query
-parameters which are not related to CGI::Auth::Flexible.  The
+parameters which are not related to CGI::Auth::Flexible's authentication
+arrangements.  (The srcdump request parameters B<are> included.)  The
 PATH_INFO from the request is returned as the parameter C<< '' >>.
 
 =back
@@ -654,7 +670,8 @@ the form used by C<url_with_query_params>.
 
 The contents of this hashref does not include the CAF-specific
 parameters such as the secret cookie, those which follow from the kind
-of diversion requested, etc.
+of diversion requested, etc.  (But they may include the
+srcdump_param_name, so that srcdump_needlogin can work properly.)
 
 It is correct to always include the contents of C<Params> as hidden
 parameters in the urls for all redirections, and as hidden input
@@ -761,6 +778,9 @@ kind.)
 
 =back
 
+Applications should die if they are presented with a divert kind that
+they don't recognise.
+
 =head1 SETTINGS
 
 C<new_verifier> and C<new_request> each take a list of settings, as
@@ -1128,6 +1148,11 @@ names.  They will all start with this string.  Default: C<caf__>.
 
 =over
 
+=item C<srcdump_needlogin>
+
+Boolean: do users need to log in to be able to download the source
+code for the whole application ?  Default: 0.
+
 =item C<srcdump_param_name>
 
 Form parameter name used to indicate that this is a source download