From f33f48241e0a32e62fbaab4267b0eb585d9b0b9f Mon Sep 17 00:00:00 2001 From: "dkl%redhat.com" <> Date: Tue, 29 Jul 2008 01:57:57 +0000 Subject: Backing out these patches as they cause a regression. More information in the respective bug reports. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all Patch by Dave Lawrence - r/a=mkanat Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl Patch By Max Kanat-Alexander r=dkl, a=mkanat --- Bugzilla/Util.pm | 22 +--------------------- 1 file changed, 1 insertion(+), 21 deletions(-) (limited to 'Bugzilla/Util.pm') diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index 8e521c24a..e7a76e21d 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -36,7 +36,7 @@ use base qw(Exporter); html_quote url_quote xml_quote css_class_quote html_light_quote url_decode i_am_cgi get_netaddr correct_urlbase - lsearch ssl_require_redirect + lsearch diff_arrays diff_strings trim wrap_hard wrap_comment find_wrap_point format_time format_time_decimal validate_date @@ -218,26 +218,6 @@ sub i_am_cgi { return exists $ENV{'SERVER_SOFTWARE'} ? 1 : 0; } -sub ssl_require_redirect { - my $method = shift; - - # Redirect to SSL if required. - if (!(uc($ENV{HTTPS}) eq 'ON' || $ENV{'SERVER_PORT'} == 443) - && Bugzilla->params->{'sslbase'} ne '') - { - if (Bugzilla->params->{'ssl'} eq 'always' - || (Bugzilla->params->{'ssl'} eq 'authenticated sessions' - && Bugzilla->user->id) - || (Bugzilla->params->{'ssl'} eq 'authenticated sessions' - && !Bugzilla->user->id && $method eq 'User.login')) - { - return 1; - } - } - - return 0; -} - sub correct_urlbase { my $ssl = Bugzilla->params->{'ssl'}; return Bugzilla->params->{'urlbase'} if $ssl eq 'never'; -- cgit v1.2.3-24-g4f1b