[shibboleth-sp2] 02/09: Fix use of relative redirect.
Ferenc Wágner
wferi-guest at moszumanska.debian.org
Tue Jan 26 21:30:19 UTC 2016
This is an automated email from the git hooks/post-receive script.
wferi-guest pushed a commit to annotated tag 1.3.5
in repository shibboleth-sp2.
commit fadb983fd8a457e6a586ead26f8168a03aaabfb6
Author: Scott Cantor <cantor.2 at osu.edu>
Date: Sat Oct 24 20:43:54 2009 +0000
Fix use of relative redirect.
---
adfs/handlers.cpp | 32 ++++++++++++++++++++++++++++----
shib-target/shib-handlers.cpp | 32 ++++++++++++++++++++++++++++----
2 files changed, 56 insertions(+), 8 deletions(-)
diff --git a/adfs/handlers.cpp b/adfs/handlers.cpp
index 382b67b..1eaeaad 100644
--- a/adfs/handlers.cpp
+++ b/adfs/handlers.cpp
@@ -429,8 +429,19 @@ pair<bool,void*> ADFSHandler::run(ShibTarget* st, const IPropertySet* handler, b
ret=handler->getString("ResponseLocation").second;
if (!ret)
ret=st->getApplication()->getString("homeURL").second;
- if (!ret)
- ret="/";
+ if (!ret) {
+ // No homeURL, so compute a URL to the root of the site.
+ int port = st->getPort();
+ const char* scheme = st->getProtocol();
+ string dest = string(scheme) + "://" + st->getHostname();
+ if ((!strcmp(scheme,"http") && port!=80) || (!strcmp(scheme,"https") && port!=443)) {
+ ostringstream portstr;
+ portstr << port;
+ dest += ':' + portstr.str();
+ }
+ dest += '/';
+ return make_pair(true, st->sendRedirect(dest));
+ }
return make_pair(true, st->sendRedirect(ret));
}
@@ -469,7 +480,7 @@ pair<bool,void*> ADFSHandler::run(ShibTarget* st, const IPropertySet* handler, b
if (target=="default") {
pair<bool,const char*> homeURL=app->getString("homeURL");
- target=homeURL.first ? homeURL.second : "/";
+ target=homeURL.first ? homeURL.second : "";
}
else if (target=="cookie" || target.empty()) {
// Pull the target value from the "relay state" cookie.
@@ -478,7 +489,7 @@ pair<bool,void*> ADFSHandler::run(ShibTarget* st, const IPropertySet* handler, b
if (!relay_state || !*relay_state) {
// No apparent relay state value to use, so fall back on the default.
pair<bool,const char*> homeURL=app->getString("homeURL");
- target=homeURL.first ? homeURL.second : "/";
+ target=homeURL.first ? homeURL.second : "";
}
else {
char* rscopy=strdup(relay_state);
@@ -519,6 +530,19 @@ pair<bool,void*> ADFSHandler::run(ShibTarget* st, const IPropertySet* handler, b
}
}
+ if (target == "") {
+ // No homeURL, so compute a URL to the root of the site.
+ int port = st->getPort();
+ const char* scheme = st->getProtocol();
+ target = string(scheme) + "://" + st->getHostname();
+ if ((!strcmp(scheme,"http") && port!=80) || (!strcmp(scheme,"https") && port!=443)) {
+ ostringstream portstr;
+ portstr << port;
+ target += ':' + portstr.str();
+ }
+ target += '/';
+ }
+
// Now redirect to the target.
return make_pair(true, st->sendRedirect(target));
}
diff --git a/shib-target/shib-handlers.cpp b/shib-target/shib-handlers.cpp
index 701a9dd..73038d2 100644
--- a/shib-target/shib-handlers.cpp
+++ b/shib-target/shib-handlers.cpp
@@ -316,7 +316,7 @@ pair<bool,void*> SAML1Consumer::run(ShibTarget* st, const IPropertySet* handler,
if (target=="default") {
pair<bool,const char*> homeURL=app->getString("homeURL");
- target=homeURL.first ? homeURL.second : "/";
+ target=homeURL.first ? homeURL.second : "";
}
else if (target=="cookie" || target.empty()) {
// Pull the target value from the "relay state" cookie.
@@ -325,7 +325,7 @@ pair<bool,void*> SAML1Consumer::run(ShibTarget* st, const IPropertySet* handler,
if (!relay_state || !*relay_state) {
// No apparent relay state value to use, so fall back on the default.
pair<bool,const char*> homeURL=app->getString("homeURL");
- target=homeURL.first ? homeURL.second : "/";
+ target=homeURL.first ? homeURL.second : "";
}
else {
char* rscopy=strdup(relay_state);
@@ -366,6 +366,19 @@ pair<bool,void*> SAML1Consumer::run(ShibTarget* st, const IPropertySet* handler,
}
}
+ if (target == "") {
+ // No homeURL, so compute a URL to the root of the site.
+ int port = st->getPort();
+ const char* scheme = st->getProtocol();
+ target = string(scheme) + "://" + st->getHostname();
+ if ((!strcmp(scheme,"http") && port!=80) || (!strcmp(scheme,"https") && port!=443)) {
+ ostringstream portstr;
+ portstr << port;
+ target += ':' + portstr.str();
+ }
+ target += '/';
+ }
+
// Now redirect to the target.
return make_pair(true, st->sendRedirect(target));
}
@@ -401,8 +414,19 @@ pair<bool,void*> ShibLogout::run(ShibTarget* st, const IPropertySet* handler, bo
ret=handler->getString("ResponseLocation").second;
if (!ret)
ret=st->getApplication()->getString("homeURL").second;
- if (!ret)
- ret="/";
+ if (!ret) {
+ // No homeURL, so compute a URL to the root of the site.
+ int port = st->getPort();
+ const char* scheme = st->getProtocol();
+ string dest = string(scheme) + "://" + st->getHostname();
+ if ((!strcmp(scheme,"http") && port!=80) || (!strcmp(scheme,"https") && port!=443)) {
+ ostringstream portstr;
+ portstr << port;
+ dest += ':' + portstr.str();
+ }
+ dest += '/';
+ return make_pair(true, st->sendRedirect(dest));
+ }
return make_pair(true, st->sendRedirect(ret));
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/shibboleth-sp2.git
More information about the Pkg-shibboleth-devel
mailing list