From: Ian Jackson Date: Mon, 2 Nov 2015 17:39:38 +0000 (+0000) Subject: Pass srcdump request parameter when redirecting etc. X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=cgi-auth-flexible.git;a=commitdiff_plain;h=66a33b3f4f0ead5cd54ef81886b94c53f2b806ea;ds=sidebyside Pass srcdump request parameter when redirecting etc. For most of CAF's purposes, the srcdump request parameter is not really for srcdump, since it is not related to authentication. Rather, it exists simply because we do not own the application path namespace. So when generating (or requesting) redirects etc. we should treat it as a form parameter relating to the application. Signed-off-by: Ian Jackson --- diff --git a/caf.pod b/caf.pod index 4d2b3f6..6ddc56e 100644 --- a/caf.pod +++ b/caf.pod @@ -492,7 +492,8 @@ yourself (and indeed you must do so if you use C). Returns a hash of the "relevant" parameters to this request, in a form suitable for C. This is all of the query -parameters which are not related to CGI::Auth::Flexible. The +parameters which are not related to CGI::Auth::Flexible's authentication +arrangements. (The srcdump request parameters B included.) The PATH_INFO from the request is returned as the parameter C<< '' >>. =back @@ -669,7 +670,8 @@ the form used by C. The contents of this hashref does not include the CAF-specific parameters such as the secret cookie, those which follow from the kind -of diversion requested, etc. +of diversion requested, etc. (But they may include the +srcdump_param_name, so that srcdump_needlogin can work properly.) It is correct to always include the contents of C as hidden parameters in the urls for all redirections, and as hidden input diff --git a/cgi-auth-flexible.pm b/cgi-auth-flexible.pm index 95c58ac..74c20b6 100644 --- a/cgi-auth-flexible.pm +++ b/cgi-auth-flexible.pm @@ -801,9 +801,11 @@ sub _check_divert_core ($) { Params => { }, }; } - if ($srcdump || !$r->{S}{srcdump_needlogin}) { + print STDERR "$r->{S}{srcdump_needlogin}\n"; + if ($srcdump && !$r->{S}{srcdump_needlogin}) { return ($srcdump); } + print STDERR "NOT NOW\n"; my $cooksraw = $r->_ch('get_cookie'); my $cooks = $r->_unblind($cooksraw); @@ -953,7 +955,9 @@ sub chain_params ($) { my %p = %{ $r->_ch('get_params') }; foreach my $pncn (keys %{ $r->{S} }) { my $names; - if ($pncn =~ m/_param_name$/) { + if ($pncn =~ m/^srcdump_/) { + next; + } elsif ($pncn =~ m/_param_name$/) { my $name = $r->{S}{$pncn}; die "$pncn ?" if ref $name; $names = [ $name ];