From f33f48241e0a32e62fbaab4267b0eb585d9b0b9f Mon Sep 17 00:00:00 2001 From: "dkl%redhat.com" <> Date: Tue, 29 Jul 2008 01:57:57 +0000 Subject: Backing out these patches as they cause a regression. More information in the respective bug reports. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all Patch by Dave Lawrence - r/a=mkanat Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl Patch By Max Kanat-Alexander r=dkl, a=mkanat --- token.cgi | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'token.cgi') diff --git a/token.cgi b/token.cgi index 71996bec0..c91c2f94f 100755 --- a/token.cgi +++ b/token.cgi @@ -347,9 +347,11 @@ sub request_create_account { $vars->{'date'} = str2time($date); # We require a HTTPS connection if possible. - Bugzilla->cgi->require_https(Bugzilla->params->{'sslbase'}) - if ssl_require_redirect(); - + if (Bugzilla->params->{'sslbase'} ne '' + && Bugzilla->params->{'ssl'} ne 'never') + { + $cgi->require_https(Bugzilla->params->{'sslbase'}); + } print $cgi->header(); $template->process('account/email/confirm-new.html.tmpl', $vars) -- cgit v1.2.3-24-g4f1b