From 7f48d1eb2eb71f8d5b1896bec1866f9b02414e48 Mon Sep 17 00:00:00 2001 From: Tomasz Sowa Date: Mon, 24 Sep 2012 20:31:01 +0000 Subject: [PATCH] fixed: the way we check whether we need make the redirect from SSL to non SSL (or vice versa) beforehand we didn't take into accout default winix functions git-svn-id: svn://ttmath.org/publicrep/winix/trunk@894 e52654a7-88a9-db11-a3e9-0013d4bc506e --- core/app.cpp | 118 ++++++++++++------------------------------------ core/app.h | 4 +- core/system.cpp | 3 +- 3 files changed, 32 insertions(+), 93 deletions(-) diff --git a/core/app.cpp b/core/app.cpp index c29ba60..8ba43c9 100755 --- a/core/app.cpp +++ b/core/app.cpp @@ -220,101 +220,41 @@ return true; -/* - this method is called when the connection is through SSL - if this method returns true then we make a redirect to an ordinary http (without ssl) -*/ -bool App::ShouldNotUseSSL() + +void App::CheckIfNeedSSLredirect() { if( cur.request->method == Request::post ) { - // something comes via POST, don't do a redirect because you lose the date - return false; + // something comes via POST, don't do the redirect because you lose the date + return; } - if( !config.use_ssl ) + if( config.use_ssl ) { - // we should not use SSL, we make a redirect - return true; - } - - if( cur.request->function && cur.request->function->need_ssl ) - { - // this winix function require SSL, so we don't make a redirect - return false; - } - - if( config.use_ssl_only_for_logged_users && !cur.session->puser ) - { - // use_ssl_only_for_logged_users is true and noone is logged, do the redirect - return true; - } - -return false; -} - - - -/* - this method is called when the connection is NOT through SSL - if this method returns true then we make a redirect to SSL -*/ -bool App::ShouldUseSSL() -{ - if( cur.request->method == Request::post ) - { - // something comes via POST, don't do a redirect because you lose the date - return false; - } - - if( !config.use_ssl ) - { - // we do not use ssl, don't do the redirect - return false; - } - - if( cur.request->function && cur.request->function->need_ssl ) - { - // this functions require SSL, do the redirect - return true; - } - - if( config.use_ssl_only_for_logged_users && !cur.session->puser ) - { - // we require SSL but only for logged users - // dont do redirect - return false; - } - -return true; -} - - -bool App::CheckSSLcorrectness() -{ -bool status = true; - - if( cur.request->using_ssl ) - { - if( ShouldNotUseSSL() ) + if( !cur.request->using_ssl ) { - BaseUrlRedirect(config.use_ssl_redirect_code, true); - log << log3 << "App: this operation should NOT be used through SSL" << logend; - status = false; + if( !config.use_ssl_only_for_logged_users || + cur.session->puser || + (cur.request->function && cur.request->function->need_ssl) ) + { + log << log3 << "App: this operation should be used through SSL" << logend; + BaseUrlRedirect(config.use_ssl_redirect_code, true); + } } } else - if( ShouldUseSSL() ) { - BaseUrlRedirect(config.use_ssl_redirect_code, true); - log << log3 << "App: this operation should be used through SSL" << logend; - status = false; + if( cur.request->using_ssl ) + { + log << log3 << "App: this operation should NOT be used through SSL" << logend; + BaseUrlRedirect(config.use_ssl_redirect_code, true); + } } - -return status; } + + void App::SetLocale() { size_t locale_id; @@ -356,15 +296,10 @@ void App::ProcessRequestThrow() plugin.Call(WINIX_SESSION_CHANGED); functions.Parse(); // parsing directories,files,functions and parameters + cur.mount = system.mounts.CalcCurMount(); - - if( CheckSSLcorrectness() ) - { - cur.mount = system.mounts.CalcCurMount(); - - if( system.mounts.pmount->type != system.mounts.MountTypeStatic() ) - Make(); - } + if( cur.mount->type != system.mounts.MountTypeStatic() ) + Make(); } SendAnswer(); @@ -524,6 +459,13 @@ void App::Make() if( cur.request->status == WINIX_ERR_OK ) functions.CheckFunctionAndSymlink(); + // !! CHECK ME CheckFunctionAndSymlink can set redirect_to + // may it should be tested before calling CheckIfNeedSSLredirect? + CheckIfNeedSSLredirect(); + + if( !cur.request->redirect_to.empty() ) + return; + if( cur.request->status == WINIX_ERR_OK ) functions.MakeFunction(); diff --git a/core/app.h b/core/app.h index 0e6647b..9a3d2fd 100755 --- a/core/app.h +++ b/core/app.h @@ -127,9 +127,7 @@ private: void ProcessRequest(); void BaseUrlRedirect(int code, bool add_subdomain); bool BaseUrlRedirect(); - bool ShouldUseSSL(); - bool ShouldNotUseSSL(); - bool CheckSSLcorrectness(); + void CheckIfNeedSSLredirect(); void SetLocale(); void CheckPostRedirect(); void MakePage(); diff --git a/core/system.cpp b/core/system.cpp index 12374b9..d723f1f 100755 --- a/core/system.cpp +++ b/core/system.cpp @@ -132,8 +132,7 @@ bool ssl = false; { if( !config->use_ssl_only_for_logged_users || cur->session->puser || - cur->request->function == &functions->fun_login || - cur->request->function == &functions->fun_adduser) + (cur->request->function && cur->request->function->need_ssl) ) { str += config->url_ssl_proto; ssl = true;