Bug 300093: index.cgi remains unsecure when the SSL parameter is set to…

Bug 300093: index.cgi remains unsecure when the SSL parameter is set to "authenticated sessions" - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=justdave

Bug 300093: index.cgi remains unsecure when the SSL parameter is set to…
353e7fc0 · lpsolit%gmail.com · f4966aeb · 353e7fc0 · 353e7fc0
Commit 353e7fc0 authored Aug 22, 2005 by lpsolit%gmail.com
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 1 deletion

index.cgi index.cgi +6 -0

useful-links.html.tmpl template/en/default/global/useful-links.html.tmpl +1 -1

No files found.
--- a/index.cgi
+++ b/index.cgi
@@ -43,6 +43,12 @@ Bugzilla->login(LOGIN_OPTIONAL);
 ###############################################################################

 my $cgi = Bugzilla->cgi;
+# Force to use HTTPS unless Param('ssl') equals 'never'.
+# This is required because the user may want to log in from here.
+if (Param('sslbase') ne '' and Param('ssl') ne 'never') {
+    $cgi->require_https(Param('sslbase'));
+}
+
 my $template = Bugzilla->template;

 # Return the appropriate HTTP response headers.

--- a/template/en/default/global/useful-links.html.tmpl
+++ b/template/en/default/global/useful-links.html.tmpl
@@ -29,7 +29,7 @@
  <div id="links-actions">
    <div class="label">Actions:</div>
    <div class="links">
-        <a href="[% Param('urlbase') %]">Home</a> | 
+        <a href="./">Home</a> | 
        <a href="enter_bug.cgi">New</a> | 
        <a href="query.cgi">Search</a> |