diff options
author | dkl%redhat.com <> | 2008-07-29 01:57:57 +0000 |
---|---|---|
committer | dkl%redhat.com <> | 2008-07-29 01:57:57 +0000 |
commit | f33f48241e0a32e62fbaab4267b0eb585d9b0b9f (patch) | |
tree | 9268e0cb74bc3c35ef3a699c43920a07ff31cbe2 /Bugzilla/Auth | |
parent | 949984314ceb7f076ed991c2648585a91df7fdeb (diff) | |
download | bugs-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.tar bugs-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.tar.gz bugs-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.tar.bz2 bugs-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.tar.xz bugs-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.zip |
Backing out these patches as they cause a regression. More information
in the respective bug reports.
Bug 428659 â Setting SSL param to 'authenticated sessions' only
protects logins and param doesn't protect WebService calls at all
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat
Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
Diffstat (limited to 'Bugzilla/Auth')
-rw-r--r-- | Bugzilla/Auth/Login/CGI.pm | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/Bugzilla/Auth/Login/CGI.pm b/Bugzilla/Auth/Login/CGI.pm index 0bc3ee119..980e27123 100644 --- a/Bugzilla/Auth/Login/CGI.pm +++ b/Bugzilla/Auth/Login/CGI.pm @@ -66,9 +66,11 @@ sub fail_nodata { } # Redirect to SSL if required - Bugzilla->cgi->require_https(Bugzilla->params->{'sslbase'}) - if ssl_require_redirect(); - + if (Bugzilla->params->{'sslbase'} ne '' + and Bugzilla->params->{'ssl'} ne 'never') + { + $cgi->require_https(Bugzilla->params->{'sslbase'}); + } print $cgi->header(); $template->process("account/auth/login.html.tmpl", { 'target' => $cgi->url(-relative=>1) }) |