detect sslcookie set and no https
This is likely a misconfiguration and can cause login to fail as the browser refuses the send the session cookie back over http. Not entirely happy with putting the check where I did, since users have to try to log in, and fail, to see the misconfiguration explained. But I could not find a better place to put the check.master
parent
2e0dec2ffc
commit
158c6c3ac8
|
@ -141,10 +141,15 @@ sub cgi_postsignin ($$) {
|
|||
cgi_savesession($session);
|
||||
exit;
|
||||
}
|
||||
else {
|
||||
if ($config{sslcookie} && ! $q->https()) {
|
||||
error(gettext("probable misconfiguration: sslcookie is set, but you are attepting to login via http, not https"));
|
||||
}
|
||||
else {
|
||||
error(gettext("login failed, perhaps you need to turn on cookies?"));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
sub cgi_prefs ($$) {
|
||||
my $q=shift;
|
||||
|
|
Loading…
Reference in New Issue