mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Patch for bug 260682: Support redirecting to HTTPS always or for authenticated sessions only; patch by Byron Jones (glob) <bugzilla@glob.com.au>, r=vladd, a=myk.

This commit is contained in:
jocuri%softhome.net 2005-01-16 13:09:58 +00:00
Родитель cd72058e5b
Коммит 9684b49f08
4 изменённых файлов: 81 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

5
webtools/bugzilla/Bugzilla/Auth/Login/WWW.pm
Просмотреть файл

@ -70,6 +70,11 @@ sub login {
if ($userid) {
$user = new Bugzilla::User($userid);
# Redirect to SSL if required
if (Param('sslbase') ne '' and Param('ssl') ne 'never') {
Bugzilla->cgi->require_https(Param('sslbase'));
}
$user->set_flags('can_logout' => $class->can_logout);
# Compat stuff

6
webtools/bugzilla/Bugzilla/Auth/Login/WWW/CGI.pm
Просмотреть файл

@ -135,6 +135,12 @@ sub login {
# No login details were given, but we require a login if the
# page does
if ($authres == AUTH_NODATA && $type == LOGIN_REQUIRED) {
# Redirect to SSL if required
if (Param('sslbase') ne '' and Param('ssl') ne 'never') {
$cgi->require_https(Param('sslbase'));
}
# Throw up the login page
print Bugzilla->cgi->header();

28
webtools/bugzilla/Bugzilla/CGI.pm
Просмотреть файл

@ -52,6 +52,11 @@ sub new {
# Make sure that we don't send any charset headers
$self->charset('');
# Redirect to SSL if required
if (Param('sslbase') ne '' and Param('ssl') eq 'always') {
$self->require_https(Param('sslbase'));
}
# Check for errors
# All of the Bugzilla code wants to do this, so do it here instead of
# in each script
@ -185,6 +190,21 @@ sub send_cookie {
return;
}
# Redirect to https if required
sub require_https {
my $self = shift;
if ($self->protocol ne 'https') {
my $url = shift;
if (defined $url) {
$url .= $self->url('-path_info' => 1, '-query' => 1, '-relative' => 1);
} else {
$url = $self->self_url;
$url =~ s/^http:/https:/i;
}
print $self->redirect(-location => $url);
exit;
}
}
1;
@ -238,6 +258,14 @@ Bugzilla code (instead of C<cookie> or the C<-cookie> argument to C<header>),
so that under mod_perl the headers can be sent correctly, using C<print> or
the mod_perl APIs as appropriate.
=item C<require_https($baseurl)>
This routine checks if the current page is being served over https, and
redirects to the https protocol if required, retaining QUERY_STRING.
It takes an option argument which will be used as the base URL. If $baseurl
is not provided, the current URL is used.
=back
=head1 SEE ALSO

42
webtools/bugzilla/defparams.pl
Просмотреть файл

@ -50,12 +50,36 @@
use strict;
use vars qw(@param_list);
use File::Spec; # for find_languages
use Socket;
use Bugzilla::Config qw(:DEFAULT $templatedir $webdotdir);
use Bugzilla::Util;
# Checking functions for the various values
# Some generic checking functions are included in Bugzilla::Config
sub check_sslbase {
my $url = shift;
if ($url ne '') {
if ($url !~ m#^https://([^/]+).*/$#) {
return "must be a legal URL, that starts with https and ends with a slash.";
}
my $host = $1;
if ($host =~ /:\d+$/) {
return "must not contain a port.";
}
local *SOCK;
my $proto = getprotobyname('tcp');
socket(SOCK, PF_INET, SOCK_STREAM, $proto);
my $sin = sockaddr_in(443, inet_aton($host));
if (!connect(SOCK, $sin)) {
return "Failed to connect to " . html_quote($host) .
":443, unable to enable SSL.";
}
}
return "";
}
sub check_priority {
my ($value) = (@_);
&::GetVersionTable();
@ -292,6 +316,24 @@ sub find_languages {
checker => \&check_urlbase
},
{
name => 'sslbase',
desc => 'The URL that is the common initial leading part of all HTTPS ' .
'(SSL) Bugzilla URLs.',
type => 't',
default => '',
checker => \&check_sslbase
},
{
name => 'ssl',
desc => 'Controls when Bugzilla should enforce sessions to use HTTPS by ' .
'using <tt>sslbase</tt>.',
type => 's',
choices => ['never', 'authenticated sessions', 'always'],
default => 'never'
},
{
name => 'languages' ,
desc => 'A comma-separated list of RFC 1766 language tags. These ' .