diff options
| author | dkl%redhat.com <> | 2008-07-29 03:57:57 +0200 |
|---|---|---|
| committer | dkl%redhat.com <> | 2008-07-29 03:57:57 +0200 |
| commit | f33f48241e0a32e62fbaab4267b0eb585d9b0b9f (patch) | |
| tree | 9268e0cb74bc3c35ef3a699c43920a07ff31cbe2 /index.cgi | |
| parent | 949984314ceb7f076ed991c2648585a91df7fdeb (diff) | |
| download | bugzilla-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.tar.gz bugzilla-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.tar.xz | |
Backing out these patches as they cause a regression. More information
in the respective bug reports.
Bug 428659 â Setting SSL param to 'authenticated sessions' only
protects logins and param doesn't protect WebService calls at all
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat
Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
Diffstat (limited to 'index.cgi')
| -rwxr-xr-x | index.cgi | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -35,7 +35,6 @@ use Bugzilla; use Bugzilla::Constants; use Bugzilla::Error; use Bugzilla::Update; -use Bugzilla::Util; # Check whether or not the user is logged in my $user = Bugzilla->login(LOGIN_OPTIONAL); @@ -47,8 +46,9 @@ my $user = Bugzilla->login(LOGIN_OPTIONAL); my $cgi = Bugzilla->cgi; # Force to use HTTPS unless Bugzilla->params->{'ssl'} equals 'never'. # This is required because the user may want to log in from here. -$cgi->require_https(Bugzilla->params->{'sslbase'}) - if ssl_require_redirect(); +if (Bugzilla->params->{'sslbase'} ne '' and Bugzilla->params->{'ssl'} ne 'never') { + $cgi->require_https(Bugzilla->params->{'sslbase'}); +} my $template = Bugzilla->template; my $vars = {}; |