diff options
author | Joey Hess <joey@kitenet.net> | 2013-06-29 13:31:47 -0400 |
---|---|---|
committer | Joey Hess <joey@kitenet.net> | 2013-06-29 13:31:47 -0400 |
commit | c849a9f409e8b3cd5091dd8b674670850d7bd3b9 (patch) | |
tree | 602022235a6f623ebb69b128b8b91e6a4258befa /IkiWiki/Plugin | |
parent | 6b079261a5f58ea7986952dd1fcaf3911bcfd7bc (diff) | |
download | ikiwiki-c849a9f409e8b3cd5091dd8b674670850d7bd3b9.tar ikiwiki-c849a9f409e8b3cd5091dd8b674670850d7bd3b9.tar.gz |
openid: Automatically upgrade openid_realm to https when accessed via https.
Diffstat (limited to 'IkiWiki/Plugin')
-rw-r--r-- | IkiWiki/Plugin/openid.pm | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/IkiWiki/Plugin/openid.pm b/IkiWiki/Plugin/openid.pm index 40a956849..e3b9982f2 100644 --- a/IkiWiki/Plugin/openid.pm +++ b/IkiWiki/Plugin/openid.pm @@ -156,8 +156,8 @@ sub validate ($$$;$) { $trust_root=$cgiurl if ! defined $trust_root; my $check_url = $claimed_identity->check_url( - return_to => "$cgiurl?do=postsignin", - trust_root => $trust_root, + return_to => auto_upgrade_https($q, "$cgiurl?do=postsignin"), + trust_root => auto_upgrade_https($q, $trust_root), delayed_return => 1, ); # Redirect the user to the OpenID server, which will @@ -258,10 +258,19 @@ sub getobj ($$) { ua => $ua, args => $q, consumer_secret => sub { return shift()+$secret }, - required_root => $cgiurl, + required_root => auto_upgrade_https($q, $cgiurl), ); } +sub auto_upgrade_https { + my $q=shift; + my $url=shift; + if ($q->https()) { + $url=~s/^http:/https:/i; + } + return $url; +} + sub load_openid_module { # Give up if module is unavailable to avoid needing to depend on it. eval q{use Net::OpenID::Consumer}; |