detect sslcookie set and no https

This is likely a misconfiguration and can cause login to fail as the browser refuses the send the session cookie back over http. Not entirely happy with putting the check where I did, since users have to try to log in, and fail, to see the misconfiguration explained. But I could not find a better place to put the check.
author: Joey Hess <joey@gnu.kitenet.net> 2009-02-26 01:59:05 -0500
committer: Joey Hess <joey@gnu.kitenet.net> 2009-02-26 01:59:05 -0500
commit: 158c6c3ac8a8975741587b55a298f10e632e993e (patch)
tree: 9e65dcc68327aaed2e952ff4ed09f768185676f8 /IkiWiki/CGI.pm
parent: 2e0dec2ffcab5af04f5e6c3e1e3504a7aca9e56e (diff)
download: ikiwiki-158c6c3ac8a8975741587b55a298f10e632e993e.tar
ikiwiki-158c6c3ac8a8975741587b55a298f10e632e993e.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index 3000ed100..04f24b04f 100644
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -142,7 +142,12 @@ sub cgi_postsignin ($$) {
 		exit;
 	}
 	else {
-		error(gettext("login failed, perhaps you need to turn on cookies?"));
+		if ($config{sslcookie} && ! $q->https()) {
+			error(gettext("probable misconfiguration: sslcookie is set, but you are attepting to login via http, not https"));
+		}
+		else {
+			error(gettext("login failed, perhaps you need to turn on cookies?"));
+		}
 	}
 }
author	Joey Hess <joey@gnu.kitenet.net>	2009-02-26 01:59:05 -0500
committer	Joey Hess <joey@gnu.kitenet.net>	2009-02-26 01:59:05 -0500
commit	158c6c3ac8a8975741587b55a298f10e632e993e (patch)
tree	9e65dcc68327aaed2e952ff4ed09f768185676f8 /IkiWiki/CGI.pm
parent	2e0dec2ffcab5af04f5e6c3e1e3504a7aca9e56e (diff)
download	ikiwiki-158c6c3ac8a8975741587b55a298f10e632e993e.tar ikiwiki-158c6c3ac8a8975741587b55a298f10e632e993e.tar.gz