Testing: Provide no-login-requiring srcdump test

[cgi-auth-flexible.git] / caf.pod

diff --git a/caf.pod b/caf.pod
index de77f3d3562a50e673af1795b9c171f83fe8b5af..6ddc56e647929e40678f68ceb2f33877b6e4ae7b 100644 (file)
--- a/caf.pod
+++ b/caf.pod
@@ -488,11 +488,12 @@ Returns the value of the secret cookie.  CGI::Auth::Flexible sets this
 cookie in the forms generated by C<check_ok>.  You may also set it
 yourself (and indeed you must do so if you use C<check_divert>).
 
-=item C<< $authreq->_chain_params() >>
+=item C<< $authreq->chain_params() >>
 
 Returns a hash of the "relevant" parameters to this request, in a form
 suitable for C<url_with_query_params>.  This is all of the query
-parameters which are not related to CGI::Auth::Flexible.  The
+parameters which are not related to CGI::Auth::Flexible's authentication
+arrangements.  (The srcdump request parameters B<are> included.)  The
 PATH_INFO from the request is returned as the parameter C<< '' >>.
 
 =back
@@ -669,7 +670,8 @@ the form used by C<url_with_query_params>.
 
 The contents of this hashref does not include the CAF-specific
 parameters such as the secret cookie, those which follow from the kind
-of diversion requested, etc.
+of diversion requested, etc.  (But they may include the
+srcdump_param_name, so that srcdump_needlogin can work properly.)
 
 It is correct to always include the contents of C<Params> as hidden
 parameters in the urls for all redirections, and as hidden input
@@ -1146,6 +1148,11 @@ names.  They will all start with this string.  Default: C<caf__>.
 
 =over
 
+=item C<srcdump_needlogin>
+
+Boolean: do users need to log in to be able to download the source
+code for the whole application ?  Default: 0.
+
 =item C<srcdump_param_name>
 
 Form parameter name used to indicate that this is a source download