dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don t send params with GET method (#2081)

Browse Source
This commit is contained in:
Christophe Maudoux 2020-02-07 21:39:58 +01:00
parent b879f318a0
commit dd9e849b3e
3 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
View File

@ -2,7 +2,7 @@
# Display functions for LemonLDAP::NG Portal # Display functions for LemonLDAP::NG Portal
package Lemonldap::NG::Portal::Main::Display; package Lemonldap::NG::Portal::Main::Display;
our $VERSION = '2.0.7'; our $VERSION = '2.0.8';
package Lemonldap::NG::Portal::Main; package Lemonldap::NG::Portal::Main;
use strict; use strict;
@ -122,6 +122,7 @@ sub display {
# 1.3 There is a message to display # 1.3 There is a message to display
elsif ( my $info = $req->info ) { elsif ( my $info = $req->info ) {
my $method = $req->data->{infoFormMethod} || $self->conf->{infoFormMethod};
$self->logger->debug('Display: info detected'); $self->logger->debug('Display: info detected');
$self->logger->debug('Hidden values :'); $self->logger->debug('Hidden values :');
$self->logger->debug( " $_: " . $req->{portalHiddenFormValues}->{$_} ) $self->logger->debug( " $_: " . $req->{portalHiddenFormValues}->{$_} )
@ -138,8 +139,11 @@ sub display {
ACTIVE_TIMER => $req->data->{activeTimer}, ACTIVE_TIMER => $req->data->{activeTimer},
CHOICE_PARAM => $self->conf->{authChoiceParam}, CHOICE_PARAM => $self->conf->{authChoiceParam},
CHOICE_VALUE => $req->data->{_authChoice}, CHOICE_VALUE => $req->data->{_authChoice},
FORM_METHOD => $req->data->{infoFormMethod} FORM_METHOD => $method,
|| $self->conf->{infoFormMethod}, (
$method ne 'get' ? ( SEND_PARAMS => 1 )
: ()
),
( (
$req->data->{customScript} $req->data->{customScript}
? ( CUSTOM_SCRIPT => $req->data->{customScript} ) ? ( CUSTOM_SCRIPT => $req->data->{customScript} )
@ -507,7 +511,6 @@ sub buildHiddenForm {
# TODO: create property for skinRule # TODO: create property for skinRule
sub getSkin { sub getSkin {
my ( $self, $req ) = @_; my ( $self, $req ) = @_;
my $skin = $self->conf->{portalSkin}; my $skin = $self->conf->{portalSkin};
# Fill sessionInfo to eval rule if empty (unauthenticated user) # Fill sessionInfo to eval rule if empty (unauthenticated user)

4
lemonldap-ng-portal/site/templates/bootstrap/info.tpl
View File

@ -7,7 +7,9 @@
<TMPL_IF NAME="CHOICE_VALUE"> <TMPL_IF NAME="CHOICE_VALUE">
<input type="hidden" id="authKey" name="<TMPL_VAR NAME="CHOICE_PARAM">" value="<TMPL_VAR NAME="CHOICE_VALUE">" /> <input type="hidden" id="authKey" name="<TMPL_VAR NAME="CHOICE_PARAM">" value="<TMPL_VAR NAME="CHOICE_VALUE">" />
</TMPL_IF> </TMPL_IF>
<input type="hidden" name="skin" value="<TMPL_VAR NAME="SKIN">" /> <TMPL_IF NAME="SEND_PARAMS">
<input type="hidden" name="skin" value="<TMPL_VAR NAME="SKIN">" />
</TMPL_IF>
<div class="card border-info"> <div class="card border-info">
<div class="card-header text-white bg-info"> <div class="card-header text-white bg-info">
<h3 class="card-title" trspan="info">Information</h3> <h3 class="card-title" trspan="info">Information</h3>

7
lemonldap-ng-portal/t/62-SingleSession.t
View File

@ -34,11 +34,14 @@ ok(
$res = $client->_post( $res = $client->_post(
'/', '/',
IO::String->new('user=dwho&password=dwho'), IO::String->new('user=dwho&password=dwho'),
length => 23 length => 23,
accept => 'text/html',
), ),
'Auth query' 'Auth query'
); );
count(1); ok( $res->[2]->[0] !~ m%<input type="hidden" name="skin" value="bootstrap" />%, '"skin=bootstrap" input not found' )
or explain( $res->[2]->[0], '"skin=bootstrap" found' );
count(2);
expectOK($res); expectOK($res);
my $id2 = expectCookie($res); my $id2 = expectCookie($res);