From 1a02b976452bf546a1d225361b3e7c27566a6696 Mon Sep 17 00:00:00 2001
From: Ian Jackson <ian.jackson@eu.citrix.com>
Date: Fri, 11 Jan 2013 16:33:53 +0000
Subject: [PATCH] wip

---
 cgi-auth-flexible.pm | 12 ++++++------
 test.cgi             | 12 ++++++++----
 2 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/cgi-auth-flexible.pm b/cgi-auth-flexible.pm
index f3f1599..00b766a 100644
--- a/cgi-auth-flexible.pm
+++ b/cgi-auth-flexible.pm
@@ -522,8 +522,8 @@ sub _check_divert_core ($) {
             return ({ Kind => 'SMALLPAGE-NOCOOKIE',
                       Message => "You do not seem to have cookies enabled.  ".
                           "You must enable cookies as we use them for login.",
-                          CookieSecret => $r->_fresh_secret(),
-                          Params => $r->_chain_params() })
+                      CookieSecret => $r->_fresh_secret(),
+                      Params => $r->chain_params() })
         }
         if (!$cookt || $cookt eq 'n' || $cookh ne $parmh) {
             $r->_db_revoke($cookh);
@@ -538,13 +538,13 @@ sub _check_divert_core ($) {
             return ({ Kind => 'LOGIN-BAD',
                       Message => "Incorrect username/password.",
                       CookieSecret => $cooks,
-                      Params => $r->_chain_params() })
+                      Params => $r->chain_params() })
         }
 	$r->_db_record_login_ok($parmh,$username);
 	return ({ Kind => 'REDIRECT-LOGGEDIN',
 		  Message => "Logging in...",
 		  CookieSecret => $cooks,
-		  Params => $r->_chain_params() });
+		  Params => $r->chain_params() });
     }
     if ($cookt eq 't') {
 	$cookt = '';
@@ -564,7 +564,7 @@ sub _check_divert_core ($) {
 	    return ({ Kind => 'LOGIN-INCOMINGLINK',
 		      Message => "You need to log in.",
 		      CookieSecret => $news,
-		      Params => $r->_chain_params() });
+		      Params => $r->chain_params() });
 	} else {
 	    $r->_db_revoke($parmh);
 	    return ({ Kind => 'LOGIN-FRESH',
@@ -597,7 +597,7 @@ sub _check_divert_core ($) {
     return undef;
 }
 
-sub _chain_params ($) {
+sub chain_params ($) {
     my ($r) = @_;
     my %p = %{ $r->_ch('get_params') };
     foreach my $pncn (keys %{ $r->{S} }) {
diff --git a/test.cgi b/test.cgi
index 289ac71..0715861 100755
--- a/test.cgi
+++ b/test.cgi
@@ -43,18 +43,22 @@ Set-Cookie: $cookie
 <pre>
 END
 
-my %vars = $q->Vars();
-delete $vars{caf_assochash};
+my $newurl = $authreq->url_with_query_params($authreq->chain_params());
+my $newurl_esc = escapeHTML($newurl);
 
 my $txt = Data::Dumper->Dump([$authreq->get_username(), $authreq->mutate_ok(),
-                              $q->path_info(), \%vars],
-                             [qw(username mutate_ok path params)]);
+                              $q->path_info(),
+                              $authreq->chain_params(),
+                              scalar $q->Vars()],
+                             [qw(username mutate_ok path
+                                 authreq->chain_params() cgi->params())]);
 foreach my $l (split /\n/, $txt) {
     print escapeHTML($l),"\n";
 }
 
 print <<END;
 </pre>
+<a href="$newurl_esc">$newurl_esc</a>
 <form method="POST" action="$url">
 $hiddenhtml
 <input type="submit" name="test_cgi_sponges" value="Make sponges">
-- 
2.30.2