diff options
author | dkl%redhat.com <> | 2008-07-29 01:57:57 +0000 |
---|---|---|
committer | dkl%redhat.com <> | 2008-07-29 01:57:57 +0000 |
commit | f33f48241e0a32e62fbaab4267b0eb585d9b0b9f (patch) | |
tree | 9268e0cb74bc3c35ef3a699c43920a07ff31cbe2 /token.cgi | |
parent | 949984314ceb7f076ed991c2648585a91df7fdeb (diff) | |
download | bugs-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.tar bugs-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.tar.gz bugs-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.tar.bz2 bugs-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.tar.xz bugs-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.zip |
Backing out these patches as they cause a regression. More information
in the respective bug reports.
Bug 428659 â Setting SSL param to 'authenticated sessions' only
protects logins and param doesn't protect WebService calls at all
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat
Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
Diffstat (limited to 'token.cgi')
-rwxr-xr-x | token.cgi | 8 |
1 files changed, 5 insertions, 3 deletions
@@ -347,9 +347,11 @@ sub request_create_account { $vars->{'date'} = str2time($date); # We require a HTTPS connection if possible. - Bugzilla->cgi->require_https(Bugzilla->params->{'sslbase'}) - if ssl_require_redirect(); - + if (Bugzilla->params->{'sslbase'} ne '' + && Bugzilla->params->{'ssl'} ne 'never') + { + $cgi->require_https(Bugzilla->params->{'sslbase'}); + } print $cgi->header(); $template->process('account/email/confirm-new.html.tmpl', $vars) |