From 31c89db246a2e4704e3d4c3784c5406fbd084bb6 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Sun, 14 May 2017 14:44:43 +0100 Subject: httpauth: If REMOTE_USER is empty, behave as though it was unset A frequently cut-and-pasted HTTP basic authentication configuration for nginx sets it to the empty string when not authenticated, which is not useful. --- IkiWiki/Plugin/httpauth.pm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'IkiWiki') diff --git a/IkiWiki/Plugin/httpauth.pm b/IkiWiki/Plugin/httpauth.pm index 76d574b2a..041eaebc9 100644 --- a/IkiWiki/Plugin/httpauth.pm +++ b/IkiWiki/Plugin/httpauth.pm @@ -66,7 +66,7 @@ sub auth ($$) { my $cgi=shift; my $session=shift; - if (defined $cgi->remote_user()) { + if (length $cgi->remote_user()) { $session->param("name", $cgi->remote_user()); } } @@ -80,7 +80,7 @@ sub formbuilder_setup (@) { my $buttons=$params{buttons}; if ($form->title eq "signin" && - ! defined $cgi->remote_user() && defined $config{cgiauthurl}) { + ! length $cgi->remote_user() && defined $config{cgiauthurl}) { my $button_text="Login with HTTP auth"; push @$buttons, $button_text; @@ -97,7 +97,7 @@ sub canedit ($$$) { my $cgi=shift; my $session=shift; - if (! defined $cgi->remote_user() && + if (! length $cgi->remote_user() && (! defined $session->param("name") || ! IkiWiki::userinfo_get($session->param("name"), "regdate")) && defined $config{httpauth_pagespec} && -- cgit v1.2.3