fixed: the way we check whether we need make the redirect from SSL to non SSL (or vice versa)
beforehand we didn't take into accout default winix functions git-svn-id: svn://ttmath.org/publicrep/winix/trunk@894 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
parent
eaa97995d2
commit
7f48d1eb2e
118
core/app.cpp
118
core/app.cpp
|
|
@ -220,101 +220,41 @@ return true;
|
|||
|
||||
|
||||
|
||||
/*
|
||||
this method is called when the connection is through SSL
|
||||
if this method returns true then we make a redirect to an ordinary http (without ssl)
|
||||
*/
|
||||
bool App::ShouldNotUseSSL()
|
||||
|
||||
void App::CheckIfNeedSSLredirect()
|
||||
{
|
||||
if( cur.request->method == Request::post )
|
||||
{
|
||||
// something comes via POST, don't do a redirect because you lose the date
|
||||
return false;
|
||||
// something comes via POST, don't do the redirect because you lose the date
|
||||
return;
|
||||
}
|
||||
|
||||
if( !config.use_ssl )
|
||||
if( config.use_ssl )
|
||||
{
|
||||
// we should not use SSL, we make a redirect
|
||||
return true;
|
||||
}
|
||||
|
||||
if( cur.request->function && cur.request->function->need_ssl )
|
||||
{
|
||||
// this winix function require SSL, so we don't make a redirect
|
||||
return false;
|
||||
}
|
||||
|
||||
if( config.use_ssl_only_for_logged_users && !cur.session->puser )
|
||||
{
|
||||
// use_ssl_only_for_logged_users is true and noone is logged, do the redirect
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/*
|
||||
this method is called when the connection is NOT through SSL
|
||||
if this method returns true then we make a redirect to SSL
|
||||
*/
|
||||
bool App::ShouldUseSSL()
|
||||
{
|
||||
if( cur.request->method == Request::post )
|
||||
{
|
||||
// something comes via POST, don't do a redirect because you lose the date
|
||||
return false;
|
||||
}
|
||||
|
||||
if( !config.use_ssl )
|
||||
{
|
||||
// we do not use ssl, don't do the redirect
|
||||
return false;
|
||||
}
|
||||
|
||||
if( cur.request->function && cur.request->function->need_ssl )
|
||||
{
|
||||
// this functions require SSL, do the redirect
|
||||
return true;
|
||||
}
|
||||
|
||||
if( config.use_ssl_only_for_logged_users && !cur.session->puser )
|
||||
{
|
||||
// we require SSL but only for logged users
|
||||
// dont do redirect
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
bool App::CheckSSLcorrectness()
|
||||
{
|
||||
bool status = true;
|
||||
|
||||
if( cur.request->using_ssl )
|
||||
{
|
||||
if( ShouldNotUseSSL() )
|
||||
if( !cur.request->using_ssl )
|
||||
{
|
||||
BaseUrlRedirect(config.use_ssl_redirect_code, true);
|
||||
log << log3 << "App: this operation should NOT be used through SSL" << logend;
|
||||
status = false;
|
||||
if( !config.use_ssl_only_for_logged_users ||
|
||||
cur.session->puser ||
|
||||
(cur.request->function && cur.request->function->need_ssl) )
|
||||
{
|
||||
log << log3 << "App: this operation should be used through SSL" << logend;
|
||||
BaseUrlRedirect(config.use_ssl_redirect_code, true);
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
if( ShouldUseSSL() )
|
||||
{
|
||||
BaseUrlRedirect(config.use_ssl_redirect_code, true);
|
||||
log << log3 << "App: this operation should be used through SSL" << logend;
|
||||
status = false;
|
||||
if( cur.request->using_ssl )
|
||||
{
|
||||
log << log3 << "App: this operation should NOT be used through SSL" << logend;
|
||||
BaseUrlRedirect(config.use_ssl_redirect_code, true);
|
||||
}
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
void App::SetLocale()
|
||||
{
|
||||
size_t locale_id;
|
||||
|
|
@ -356,15 +296,10 @@ void App::ProcessRequestThrow()
|
|||
|
||||
plugin.Call(WINIX_SESSION_CHANGED);
|
||||
functions.Parse(); // parsing directories,files,functions and parameters
|
||||
cur.mount = system.mounts.CalcCurMount();
|
||||
|
||||
|
||||
if( CheckSSLcorrectness() )
|
||||
{
|
||||
cur.mount = system.mounts.CalcCurMount();
|
||||
|
||||
if( system.mounts.pmount->type != system.mounts.MountTypeStatic() )
|
||||
Make();
|
||||
}
|
||||
if( cur.mount->type != system.mounts.MountTypeStatic() )
|
||||
Make();
|
||||
}
|
||||
|
||||
SendAnswer();
|
||||
|
|
@ -524,6 +459,13 @@ void App::Make()
|
|||
if( cur.request->status == WINIX_ERR_OK )
|
||||
functions.CheckFunctionAndSymlink();
|
||||
|
||||
// !! CHECK ME CheckFunctionAndSymlink can set redirect_to
|
||||
// may it should be tested before calling CheckIfNeedSSLredirect?
|
||||
CheckIfNeedSSLredirect();
|
||||
|
||||
if( !cur.request->redirect_to.empty() )
|
||||
return;
|
||||
|
||||
if( cur.request->status == WINIX_ERR_OK )
|
||||
functions.MakeFunction();
|
||||
|
||||
|
|
|
|||
|
|
@ -127,9 +127,7 @@ private:
|
|||
void ProcessRequest();
|
||||
void BaseUrlRedirect(int code, bool add_subdomain);
|
||||
bool BaseUrlRedirect();
|
||||
bool ShouldUseSSL();
|
||||
bool ShouldNotUseSSL();
|
||||
bool CheckSSLcorrectness();
|
||||
void CheckIfNeedSSLredirect();
|
||||
void SetLocale();
|
||||
void CheckPostRedirect();
|
||||
void MakePage();
|
||||
|
|
|
|||
|
|
@ -132,8 +132,7 @@ bool ssl = false;
|
|||
{
|
||||
if( !config->use_ssl_only_for_logged_users ||
|
||||
cur->session->puser ||
|
||||
cur->request->function == &functions->fun_login ||
|
||||
cur->request->function == &functions->fun_adduser)
|
||||
(cur->request->function && cur->request->function->need_ssl) )
|
||||
{
|
||||
str += config->url_ssl_proto;
|
||||
ssl = true;
|
||||
|
|
|
|||
Loading…
Reference in New Issue