chiark
/
gitweb
/
~ian
/
cgi-auth-flexible.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
support check_https and also redirect to https version
[cgi-auth-flexible.git]
/
cgi-auth-flexible.pm
diff --git
a/cgi-auth-flexible.pm
b/cgi-auth-flexible.pm
index eab1fe1b84d21768c0b36d74c70ecc82921a45be..4ab430d5f989affb6b080e1efe8401dedd5e518b 100644
(file)
--- a/
cgi-auth-flexible.pm
+++ b/
cgi-auth-flexible.pm
@@
-207,6
+207,7
@@
sub new_verifier {
get_path_info => sub { $_[0]->path_info() },
get_cookie => sub { $_[0]->cookie($_[1]->{S}{cookie_name}) },
get_method => sub { $_[0]->request_method() },
get_path_info => sub { $_[0]->path_info() },
get_cookie => sub { $_[0]->cookie($_[1]->{S}{cookie_name}) },
get_method => sub { $_[0]->request_method() },
+ check_https => sub { !!$_[0]->https() },
get_url => sub { $_[0]->url(); },
is_login => sub { defined $_[1]->_rp('password_param_name') },
login_ok => \&login_ok_password,
get_url => sub { $_[0]->url(); },
is_login => sub { defined $_[1]->_rp('password_param_name') },
login_ok => \&login_ok_password,
@@
-503,8
+504,16
@@
my @ca = (-name => $r->{S}{cookie_name},
sub _check_divert_core ($) {
my ($r) = @_;
sub _check_divert_core ($) {
my ($r) = @_;
- my $meth = $r->_ch('get_method');
my $cooks = $r->_ch('get_cookie');
my $cooks = $r->_ch('get_cookie');
+
+ if (!$r->_ch('check_https')) {
+ return ({ Kind => 'REDIRECT-HTTPS',
+ Message => $r->_gt("Redirecting to secure server..."),
+ CookieSecret => undef,
+ Params => { } });
+ }
+
+ my $meth = $r->_ch('get_method');
my $parmh = $r->_rp('assoc_param_name');
my $cookh = defined $cooks ? $r->hash($cooks) : undef;
my $parmh = $r->_rp('assoc_param_name');
my $cookh = defined $cooks ? $r->hash($cooks) : undef;
@@
-537,7
+546,7
@@
sub _check_divert_core ($) {
if ($r->_ch('is_login')) {
$r->_must_be_post();
die unless $parmt;
if ($r->_ch('is_login')) {
$r->_must_be_post();
die unless $parmt;
- if (!$cookt && $parmt eq '
t
') {
+ if (!$cookt && $parmt eq '
n
') {
return ({ Kind => 'SMALLPAGE-NOCOOKIE',
Message => $r->_gt("You do not seem to have cookies".
" enabled. You must enable cookies".
return ({ Kind => 'SMALLPAGE-NOCOOKIE',
Message => $r->_gt("You do not seem to have cookies".
" enabled. You must enable cookies".
@@
-781,11
+790,17
@@
sub check_ok ($) {
$params->{$r->{S}{loggedout_param_names}[0]} = [ 1 ];
} elsif ($kind eq 'REDIRECT-LOGOUT') {
$params->{$r->{S}{logout_param_names}[0]} = [ 1 ];
$params->{$r->{S}{loggedout_param_names}[0]} = [ 1 ];
} elsif ($kind eq 'REDIRECT-LOGOUT') {
$params->{$r->{S}{logout_param_names}[0]} = [ 1 ];
- } elsif ($kind
eq 'REDIRECT-LOGGEDIN'
) {
+ } elsif ($kind
=~ m/REDIRECT-(?:LOGGEDIN|HTTPS)/
) {
} else {
die;
}
my $new_url = $r->url_with_query_params($params);
} else {
die;
}
my $new_url = $r->url_with_query_params($params);
+ if ($kind eq 'REDIRECT-HTTPS') {
+ my $uri = URI->new($new_url);
+ die unless $uri->scheme eq 'http';
+ $uri->scheme('https');
+ $new_url = $uri->as_string();
+ }
$r->_ch('do_redirect',$new_url, $cookie);
return 0;
}
$r->_ch('do_redirect',$new_url, $cookie);
return 0;
}