aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordkl%redhat.com <>2008-07-29 01:57:57 +0000
committerdkl%redhat.com <>2008-07-29 01:57:57 +0000
commitf33f48241e0a32e62fbaab4267b0eb585d9b0b9f (patch)
tree9268e0cb74bc3c35ef3a699c43920a07ff31cbe2 /token.cgi
parentBug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl (diff)
downloadbugzilla-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.tar.gz
bugzilla-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.tar.bz2
bugzilla-f33f48241e0a32e62fbaab4267b0eb585d9b0b9f.zip
Backing out these patches as they cause a regression. More information
in the respective bug reports. Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
Diffstat (limited to 'token.cgi')
-rwxr-xr-xtoken.cgi8
1 files changed, 5 insertions, 3 deletions
diff --git a/token.cgi b/token.cgi
index 71996bec0..c91c2f94f 100755
--- a/token.cgi
+++ b/token.cgi
@@ -347,9 +347,11 @@ sub request_create_account {
$vars->{'date'} = str2time($date);
# We require a HTTPS connection if possible.
- Bugzilla->cgi->require_https(Bugzilla->params->{'sslbase'})
- if ssl_require_redirect();
-
+ if (Bugzilla->params->{'sslbase'} ne ''
+ && Bugzilla->params->{'ssl'} ne 'never')
+ {
+ $cgi->require_https(Bugzilla->params->{'sslbase'});
+ }
print $cgi->header();
$template->process('account/email/confirm-new.html.tmpl', $vars)