From f33f48241e0a32e62fbaab4267b0eb585d9b0b9f Mon Sep 17 00:00:00 2001 From: "dkl%redhat.com" <> Date: Tue, 29 Jul 2008 01:57:57 +0000 Subject: Backing out these patches as they cause a regression. More information in the respective bug reports. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all Patch by Dave Lawrence - r/a=mkanat Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl Patch By Max Kanat-Alexander r=dkl, a=mkanat --- index.cgi | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'index.cgi') diff --git a/index.cgi b/index.cgi index 442617111..100941765 100755 --- a/index.cgi +++ b/index.cgi @@ -35,7 +35,6 @@ use Bugzilla; use Bugzilla::Constants; use Bugzilla::Error; use Bugzilla::Update; -use Bugzilla::Util; # Check whether or not the user is logged in my $user = Bugzilla->login(LOGIN_OPTIONAL); @@ -47,8 +46,9 @@ my $user = Bugzilla->login(LOGIN_OPTIONAL); my $cgi = Bugzilla->cgi; # Force to use HTTPS unless Bugzilla->params->{'ssl'} equals 'never'. # This is required because the user may want to log in from here. -$cgi->require_https(Bugzilla->params->{'sslbase'}) - if ssl_require_redirect(); +if (Bugzilla->params->{'sslbase'} ne '' and Bugzilla->params->{'ssl'} ne 'never') { + $cgi->require_https(Bugzilla->params->{'sslbase'}); +} my $template = Bugzilla->template; my $vars = {}; -- cgit v1.2.3-24-g4f1b