In GET requests, it goes in the path; for POST requests, it can go in
`%user'. This is to prevent caches from returning the wrong pages. I
feel a bit stupid about not fixing this earlier.
## The special variables, to be picked out by `cgiparse'.
CGI.SPECIAL['%act'] = None
CGI.SPECIAL['%nonce'] = None
## The special variables, to be picked out by `cgiparse'.
CGI.SPECIAL['%act'] = None
CGI.SPECIAL['%nonce'] = None
+CGI.SPECIAL['%user'] = None
## We don't want to parse arguments until we've settled on a context; but
## issuing redirects in the early setup phase fails because we don't know
## We don't want to parse arguments until we've settled on a context; but
## issuing redirects in the early setup phase fails because we don't know
## `cgi-noauth'.
if ctx != 'cgi-noauth':
## `cgi-noauth'.
if ctx != 'cgi-noauth':
+ ## The next part of the URL should be the user name, so that caches don't
+ ## cross things over.
+ expuser = CGI.SPECIAL['%user']
+ if expuser is None:
+ if i >= np: raise U.ExpectedError, (404, 'Missing user name')
+ expuser = CGI.PATH[i]
+ i += 1
+
## If there's no token cookie, then we have to bail.
try: token = CGI.COOKIE['chpwd-token']
except KeyError:
## If there's no token cookie, then we have to bail.
try: token = CGI.COOKIE['chpwd-token']
except KeyError:
except HA.AuthenticationFailed, e:
CGI.redirect(CGI.action('login', why = e.why))
return
except HA.AuthenticationFailed, e:
CGI.redirect(CGI.action('login', why = e.why))
return
+ if CU.USER != expuser: raise U.ExpectedError, (401, 'User mismatch')
+ CGI.STATE.kw['user'] = CU.USER
## Invoke the subcommand handler.
c.cgi(CGI.PARAM, CGI.PATH[i:])
## Invoke the subcommand handler.
c.cgi(CGI.PARAM, CGI.PATH[i:])
+<input type=hidden name=%user value="~={user}H">
<input type=hidden name=%nonce value="~={nonce}H">
</form>
<input type=hidden name=%nonce value="~={nonce}H">
</form>
~mdw / chopwood / commitdiff