diff options
author | Joey Hess <joeyh@joeyh.name> | 2018-01-05 11:40:18 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2018-01-05 11:59:35 -0400 |
commit | a79ab9ed186112056d7f60e41e8d0760c2cc13f5 (patch) | |
tree | cd0bb678038afd22e54b875dd19e13405a5719a5 /IkiWiki | |
parent | 71064e3af6638616659ed1319ec78f9692ba9fde (diff) | |
download | ikiwiki-a79ab9ed186112056d7f60e41e8d0760c2cc13f5.tar ikiwiki-a79ab9ed186112056d7f60e41e8d0760c2cc13f5.tar.gz |
add and use cgiurl_abs_samescheme
* emailauth: Fix cookie problem when user is on https and the cgiurl
uses http, by making the emailed login link use https.
* passwordauth: Use https for emailed password reset link when user
is on https.
Not entirely happy with this approach, but I don't currently see a
better one.
I have not verified that the passwordauth change fixes any problem,
other than the user getting a http link when they were using https.
The emailauth problem is verified fixed by this commit.
This commit was sponsored by Michael Magin.
Diffstat (limited to 'IkiWiki')
-rw-r--r-- | IkiWiki/Plugin/emailauth.pm | 2 | ||||
-rw-r--r-- | IkiWiki/Plugin/passwordauth.pm | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/IkiWiki/Plugin/emailauth.pm b/IkiWiki/Plugin/emailauth.pm index 9c595dc86..44311400a 100644 --- a/IkiWiki/Plugin/emailauth.pm +++ b/IkiWiki/Plugin/emailauth.pm @@ -76,7 +76,7 @@ sub email_auth ($$$$) { $template->param( wikiname => $config{wikiname}, # Intentionally using short field names to keep link short. - authurl => IkiWiki::cgiurl_abs( + authurl => IkiWiki::cgiurl_abs_samescheme( 'e' => $email, 'v' => $token, ), diff --git a/IkiWiki/Plugin/passwordauth.pm b/IkiWiki/Plugin/passwordauth.pm index 8d99cf2f6..cfa3ad418 100644 --- a/IkiWiki/Plugin/passwordauth.pm +++ b/IkiWiki/Plugin/passwordauth.pm @@ -358,7 +358,7 @@ sub formbuilder (@) { my $template=template("passwordmail.tmpl"); $template->param( user_name => $user_name, - passwordurl => IkiWiki::cgiurl_abs( + passwordurl => IkiWiki::cgiurl_abs_samescheme( 'do' => "reset", 'name' => $user_name, 'token' => $token, |