get_path_info => sub { $_[0]->path_info() },
get_cookie => sub { $_[0]->cookie($_[1]->{S}{cookie_name}) },
get_method => sub { $_[0]->request_method() },
+ check_https => sub { !!$_[0]->https() },
get_url => sub { $_[0]->url(); },
is_login => sub { defined $_[1]->_rp('password_param_name') },
login_ok => \&login_ok_password,
sub _check_divert_core ($) {
my ($r) = @_;
- my $meth = $r->_ch('get_method');
my $cooks = $r->_ch('get_cookie');
+
+ if ($r->{S}{encrypted_only} && !$r->_ch('check_https')) {
+ return ({ Kind => 'REDIRECT-HTTPS',
+ Message => $r->_gt("Redirecting to secure server..."),
+ CookieSecret => undef,
+ Params => { } });
+ }
+
+ my $meth = $r->_ch('get_method');
my $parmh = $r->_rp('assoc_param_name');
my $cookh = defined $cooks ? $r->hash($cooks) : undef;
if ($r->_ch('is_login')) {
$r->_must_be_post();
die unless $parmt;
- if (!$cookt && $parmt eq 't') {
+ if (!$cookt && $parmt eq 'n') {
return ({ Kind => 'SMALLPAGE-NOCOOKIE',
Message => $r->_gt("You do not seem to have cookies".
" enabled. You must enable cookies".
$params->{$r->{S}{loggedout_param_names}[0]} = [ 1 ];
} elsif ($kind eq 'REDIRECT-LOGOUT') {
$params->{$r->{S}{logout_param_names}[0]} = [ 1 ];
- } elsif ($kind eq 'REDIRECT-LOGGEDIN') {
+ } elsif ($kind =~ m/REDIRECT-(?:LOGGEDIN|HTTPS)/) {
} else {
die;
}
my $new_url = $r->url_with_query_params($params);
+ if ($kind eq 'REDIRECT-HTTPS') {
+ my $uri = URI->new($new_url);
+ die unless $uri->scheme eq 'http';
+ $uri->scheme('https');
+ $new_url = $uri->as_string();
+ }
$r->_ch('do_redirect',$new_url, $cookie);
return 0;
}
~ian / cgi-auth-flexible.git / blobdiff