Fix #2081 by detecting external URL
This commit is contained in:
parent
aa84a4213e
commit
ecbcc0b6b6
|
@ -142,7 +142,7 @@ sub display {
|
||||||
CHOICE_VALUE => $req->data->{_authChoice},
|
CHOICE_VALUE => $req->data->{_authChoice},
|
||||||
FORM_METHOD => $method,
|
FORM_METHOD => $method,
|
||||||
(
|
(
|
||||||
$method ne 'get' ? ( SEND_PARAMS => 1 )
|
(not $req->{urldc}) ? ( SEND_PARAMS => 1 )
|
||||||
: ()
|
: ()
|
||||||
),
|
),
|
||||||
(
|
(
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
use Test::More;
|
use Test::More;
|
||||||
use strict;
|
use strict;
|
||||||
use IO::String;
|
use IO::String;
|
||||||
|
use MIME::Base64;
|
||||||
|
|
||||||
BEGIN {
|
BEGIN {
|
||||||
require 't/test-lib.pm';
|
require 't/test-lib.pm';
|
||||||
|
@ -37,19 +38,20 @@ my $client3 = LLNG::Manager::Test->new( {
|
||||||
);
|
);
|
||||||
|
|
||||||
sub loginUser {
|
sub loginUser {
|
||||||
my ( $client, $user, $ip ) = @_;
|
my ( $client, $user, $ip, %args ) = @_;
|
||||||
my $query = "user=$user&password=$user";
|
my $query = "user=$user&password=$user";
|
||||||
ok(
|
ok(
|
||||||
my $res = $client->_post(
|
my $res = $client->_post(
|
||||||
'/',
|
'/',
|
||||||
IO::String->new($query),
|
IO::String->new($query),
|
||||||
length => length($query),
|
length => length($query),
|
||||||
|
accept => 'text/html',
|
||||||
ip => $ip,
|
ip => $ip,
|
||||||
|
%args
|
||||||
),
|
),
|
||||||
'Auth query'
|
'Auth query'
|
||||||
);
|
);
|
||||||
count(1);
|
count(1);
|
||||||
expectOK($res);
|
|
||||||
return $res;
|
return $res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -85,14 +87,23 @@ sub testGetParam {
|
||||||
# Test singleSession
|
# Test singleSession
|
||||||
switch ($client1);
|
switch ($client1);
|
||||||
|
|
||||||
|
# Test login
|
||||||
$res = loginUser( $client1, "dwho", "127.0.0.1" );
|
$res = loginUser( $client1, "dwho", "127.0.0.1" );
|
||||||
my $id1 = expectCookie($res);
|
my $id1 = expectCookie($res);
|
||||||
|
testGetParam( $res, 0 );
|
||||||
|
|
||||||
$res = loginUser( $client1, "dwho", "127.0.0.1" );
|
$res = loginUser( $client1, "dwho", "127.0.0.1" );
|
||||||
my $id2 = expectCookie($res);
|
my $id2 = expectCookie($res);
|
||||||
|
testGetParam( $res, 1 );
|
||||||
|
|
||||||
|
# Check that skin=bootstrap isn't appended when going to external URL (#2081)
|
||||||
|
$res = loginUser( $client1, "dwho", "127.0.0.1",
|
||||||
|
query => 'url=' . encode_base64( "http://test1.example.com/", '' ), );
|
||||||
|
my $id3 = expectCookie($res);
|
||||||
testGetParam( $res, 0 );
|
testGetParam( $res, 0 );
|
||||||
|
|
||||||
expectOK( testReq( $client1, $id2, 'Attempt login with latest session' ) );
|
expectOK( testReq( $client1, $id3, 'Attempt login with latest session' ) );
|
||||||
|
expectReject( testReq( $client1, $id2, 'Attempt login with removed session' ) );
|
||||||
expectReject( testReq( $client1, $id1, 'Attempt login with removed session' ) );
|
expectReject( testReq( $client1, $id1, 'Attempt login with removed session' ) );
|
||||||
|
|
||||||
clean_sessions();
|
clean_sessions();
|
||||||
|
|
Loading…
Reference in New Issue
Block a user