commit b498ab78fabd77784f216e7f1dc050e5da5e52a9
Author: Jon Jensen <jon@endpoint.com>
Date: Sat Mar 25 13:27:43 2017 -0600
Add new AlwaysSecureGlob directive
It's not possible to enumerate all the admin URLs or ActionMaps that should be
generated secure-only, so this new directive allows matching.
dist/strap/catalog.cfg | 6 ++++++
lib/Vend/Config.pm | 5 +++--
lib/Vend/Util.pm | 10 +++++++---
3 files changed, 16 insertions(+), 5 deletions(-)
---
diff --git a/dist/strap/catalog.cfg b/dist/strap/catalog.cfg
index 57210fd..8374525 100644
--- a/dist/strap/catalog.cfg
+++ b/dist/strap/catalog.cfg
@@ -364,6 +364,12 @@ AlwaysSecure <<EOD
query/order_detail
EOD
+AlwaysSecureGlob <<EOD
+ admin*,
+ cert*,
+ ui*,
+EOD
+
## Set this if you have a different secure server
#AlwaysSecure order ord/basket process
diff --git a/lib/Vend/Config.pm b/lib/Vend/Config.pm
index a6375cb..fbba72b 100644
--- a/lib/Vend/Config.pm
+++ b/lib/Vend/Config.pm
@@ -1,6 +1,6 @@
# Vend::Config - Configure Interchange
#
-# Copyright (C) 2002-2016 Interchange Development Group
+# Copyright (C) 2002-2017 Interchange Development Group
# Copyright (C) 1996-2002 Red Hat, Inc.
#
# This program was originally based on Vend 0.2 and 0.3
@@ -54,7 +54,7 @@ use Vend::Data;
use Vend::Cron;
use Vend::CharSet ();
-$VERSION = '2.248';
+$VERSION = '2.249';
my %CDname;
my %CPname;
@@ -649,6 +649,7 @@ sub catalog_directives {
['OptionsAttribute', undef, ''],
['Options', 'locale', ''],
['AlwaysSecure', 'boolean', ''],
+ ['AlwaysSecureGlob', 'list_wildcard_full', ''],
['Password', undef, ''],
['AdminSub', 'boolean', ''],
['ExtraSecure', 'yesno', 'No'],
diff --git a/lib/Vend/Util.pm b/lib/Vend/Util.pm
index 2523ce7..7610e42 100644
--- a/lib/Vend/Util.pm
+++ b/lib/Vend/Util.pm
@@ -1,6 +1,6 @@
# Vend::Util - Interchange utility functions
#
-# Copyright (C) 2002-2016 Interchange Development Group
+# Copyright (C) 2002-2017 Interchange Development Group
# Copyright (C) 1996-2002 Red Hat, Inc.
#
# This program was originally based on Vend 0.2 and 0.3
@@ -102,7 +102,7 @@ use Vend::Safe;
use Vend::File;
use subs qw(logError logGlobal);
use vars qw($VERSION @EXPORT @EXPORT_OK);
-$VERSION = '2.128';
+$VERSION = '2.129';
my $Eval_routine;
my $Eval_routine_file;
@@ -1382,7 +1382,11 @@ sub vendUrl {
$opt->{secure} = $CGI::secure;
}
- if($opt->{secure} or exists $Vend::Cfg->{AlwaysSecure}{$path}) {
+ my $asg = $Vend::Cfg->{AlwaysSecureGlob};
+ if ($opt->{secure}
+ or exists $Vend::Cfg->{AlwaysSecure}{$path}
+ or ($asg and $path =~ $asg)
+ ) {
$r = $Vend::Cfg->{SecureURL};
}
_______________________________________________
interchange-cvs mailing list
interchange-cvs@icdevgroup.org
http://www.icdevgroup.org/mailman/listinfo/interchange-cvs
Author: Jon Jensen <jon@endpoint.com>
Date: Sat Mar 25 13:27:43 2017 -0600
Add new AlwaysSecureGlob directive
It's not possible to enumerate all the admin URLs or ActionMaps that should be
generated secure-only, so this new directive allows matching.
dist/strap/catalog.cfg | 6 ++++++
lib/Vend/Config.pm | 5 +++--
lib/Vend/Util.pm | 10 +++++++---
3 files changed, 16 insertions(+), 5 deletions(-)
---
diff --git a/dist/strap/catalog.cfg b/dist/strap/catalog.cfg
index 57210fd..8374525 100644
--- a/dist/strap/catalog.cfg
+++ b/dist/strap/catalog.cfg
@@ -364,6 +364,12 @@ AlwaysSecure <<EOD
query/order_detail
EOD
+AlwaysSecureGlob <<EOD
+ admin*,
+ cert*,
+ ui*,
+EOD
+
## Set this if you have a different secure server
#AlwaysSecure order ord/basket process
diff --git a/lib/Vend/Config.pm b/lib/Vend/Config.pm
index a6375cb..fbba72b 100644
--- a/lib/Vend/Config.pm
+++ b/lib/Vend/Config.pm
@@ -1,6 +1,6 @@
# Vend::Config - Configure Interchange
#
-# Copyright (C) 2002-2016 Interchange Development Group
+# Copyright (C) 2002-2017 Interchange Development Group
# Copyright (C) 1996-2002 Red Hat, Inc.
#
# This program was originally based on Vend 0.2 and 0.3
@@ -54,7 +54,7 @@ use Vend::Data;
use Vend::Cron;
use Vend::CharSet ();
-$VERSION = '2.248';
+$VERSION = '2.249';
my %CDname;
my %CPname;
@@ -649,6 +649,7 @@ sub catalog_directives {
['OptionsAttribute', undef, ''],
['Options', 'locale', ''],
['AlwaysSecure', 'boolean', ''],
+ ['AlwaysSecureGlob', 'list_wildcard_full', ''],
['Password', undef, ''],
['AdminSub', 'boolean', ''],
['ExtraSecure', 'yesno', 'No'],
diff --git a/lib/Vend/Util.pm b/lib/Vend/Util.pm
index 2523ce7..7610e42 100644
--- a/lib/Vend/Util.pm
+++ b/lib/Vend/Util.pm
@@ -1,6 +1,6 @@
# Vend::Util - Interchange utility functions
#
-# Copyright (C) 2002-2016 Interchange Development Group
+# Copyright (C) 2002-2017 Interchange Development Group
# Copyright (C) 1996-2002 Red Hat, Inc.
#
# This program was originally based on Vend 0.2 and 0.3
@@ -102,7 +102,7 @@ use Vend::Safe;
use Vend::File;
use subs qw(logError logGlobal);
use vars qw($VERSION @EXPORT @EXPORT_OK);
-$VERSION = '2.128';
+$VERSION = '2.129';
my $Eval_routine;
my $Eval_routine_file;
@@ -1382,7 +1382,11 @@ sub vendUrl {
$opt->{secure} = $CGI::secure;
}
- if($opt->{secure} or exists $Vend::Cfg->{AlwaysSecure}{$path}) {
+ my $asg = $Vend::Cfg->{AlwaysSecureGlob};
+ if ($opt->{secure}
+ or exists $Vend::Cfg->{AlwaysSecure}{$path}
+ or ($asg and $path =~ $asg)
+ ) {
$r = $Vend::Cfg->{SecureURL};
}
_______________________________________________
interchange-cvs mailing list
interchange-cvs@icdevgroup.org
http://www.icdevgroup.org/mailman/listinfo/interchange-cvs