From a79ab9ed186112056d7f60e41e8d0760c2cc13f5 Mon Sep 17 00:00:00 2001
From: Joey Hess <joeyh@joeyh.name>
Date: Fri, 5 Jan 2018 11:40:18 -0400
Subject: add and use cgiurl_abs_samescheme

 * emailauth: Fix cookie problem when user is on https and the cgiurl
   uses http, by making the emailed login link use https.
 * passwordauth: Use https for emailed password reset link when user
   is on https.

Not entirely happy with this approach, but I don't currently see a
better one.

I have not verified that the passwordauth change fixes any problem,
other than the user getting a http link when they were using https.
The emailauth problem is verified fixed by this commit.

This commit was sponsored by Michael Magin.
---
 IkiWiki/Plugin/emailauth.pm    | 2 +-
 IkiWiki/Plugin/passwordauth.pm | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'IkiWiki')

diff --git a/IkiWiki/Plugin/emailauth.pm b/IkiWiki/Plugin/emailauth.pm
index 9c595dc86..44311400a 100644
--- a/IkiWiki/Plugin/emailauth.pm
+++ b/IkiWiki/Plugin/emailauth.pm
@@ -76,7 +76,7 @@ sub email_auth ($$$$) {
 	$template->param(
 		wikiname => $config{wikiname},
 		# Intentionally using short field names to keep link short.
-		authurl => IkiWiki::cgiurl_abs(
+		authurl => IkiWiki::cgiurl_abs_samescheme(
 			'e' => $email,
 			'v' => $token,
 		),
diff --git a/IkiWiki/Plugin/passwordauth.pm b/IkiWiki/Plugin/passwordauth.pm
index 8d99cf2f6..cfa3ad418 100644
--- a/IkiWiki/Plugin/passwordauth.pm
+++ b/IkiWiki/Plugin/passwordauth.pm
@@ -358,7 +358,7 @@ sub formbuilder (@) {
 				my $template=template("passwordmail.tmpl");
 				$template->param(
 					user_name => $user_name,
-					passwordurl => IkiWiki::cgiurl_abs(
+					passwordurl => IkiWiki::cgiurl_abs_samescheme(
 						'do' => "reset",
 						'name' => $user_name,
 						'token' => $token,
-- 
cgit v1.2.3