This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "FusionForge".
The branch, 6.1 has been updated
via 7f5273c3e47d4e0f0ea6c8b0b928d702cf001a57 (commit)
via 0c6a08b96d8f9533ef053cbebba8ef814c38c0fd (commit)
from 56868f7ca0d8f3943dcf9bde466a18e01c2fcbf9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://scm.fusionforge.org/anonscm/gitweb/?p=fusionforge/fusionforge.git;a=commitdiff;h=7f5273c3e47d4e0f0ea6c8b0b928d702cf001a57
commit 7f5273c3e47d4e0f0ea6c8b0b928d702cf001a57
Author: Franck Villaume <[email protected]>
Date: Sun Jan 14 17:16:01 2018 +0100
force proto in form action to avoid plain http when user force it.
diff --git a/src/plugins/authbuiltin/common/AuthBuiltinPlugin.class.php
b/src/plugins/authbuiltin/common/AuthBuiltinPlugin.class.php
index 8451880..149b720 100644
--- a/src/plugins/authbuiltin/common/AuthBuiltinPlugin.class.php
+++ b/src/plugins/authbuiltin/common/AuthBuiltinPlugin.class.php
@@ -66,7 +66,7 @@ class AuthBuiltinPlugin extends ForgeAuthPlugin {
$result = '';
$result .= html_e('p', array(), _('Cookies must be enabled past
this point.'), false);
- $result .= $HTML->openForm(array('action' =>
'/plugins/'.$this->name.'/post-login.php', 'method' => 'post'));
+ $result .= $HTML->openForm(array('action' =>
'/plugins/'.$this->name.'/post-login.php', 'method' => 'post'), true);
$result .= html_e('input', array('type' => 'hidden', 'name' =>
'form_key', 'value' => form_generate_key()));
$result .= html_e('input', array('type' => 'hidden', 'name' =>
'return_to', 'value' => $return_to));
$result .= html_ao('p');
https://scm.fusionforge.org/anonscm/gitweb/?p=fusionforge/fusionforge.git;a=commitdiff;h=0c6a08b96d8f9533ef053cbebba8ef814c38c0fd
commit 0c6a08b96d8f9533ef053cbebba8ef814c38c0fd
Author: Franck Villaume <[email protected]>
Date: Sun Jan 14 17:15:12 2018 +0100
Support forced proto in form action.
diff --git a/src/www/include/Layout.class.php b/src/www/include/Layout.class.php
index 4509c14..95c96c4 100644
--- a/src/www/include/Layout.class.php
+++ b/src/www/include/Layout.class.php
@@ -1196,11 +1196,16 @@ abstract class Layout extends FFError {
* openForm - create the html code to open a form
*
* @param array $args argument of the form (method, action,
...)
+ * @param bool $proto force https if needed. Useful in case
to force https URL page in http page.
* @return string html code
*/
- function openForm($args) {
+ function openForm($args, $proto = false) {
if (isset($args['action'])) {
- $args['action'] = util_make_uri($args['action']);
+ if ($proto && forge_get_config('use_ssl')) {
+ $args['action'] =
util_make_url($args['action'], 'https');
+ } else {
+ $args['action'] =
util_make_uri($args['action']);
+ }
}
return html_ao('form', $args);
}
-----------------------------------------------------------------------
Summary of changes:
src/plugins/authbuiltin/common/AuthBuiltinPlugin.class.php | 2 +-
src/www/include/Layout.class.php | 9 +++++++--
2 files changed, 8 insertions(+), 3 deletions(-)
hooks/post-receive
--
FusionForge
_______________________________________________
Fusionforge-commits mailing list
[email protected]
http://lists.fusionforge.org/cgi-bin/mailman/listinfo/fusionforge-commits
