From: Vincent Zanotti Date: Sun, 14 Jun 2009 21:01:21 +0000 (+0200) Subject: Removes the NO_HTTPS flags on three pages: X-Git-Tag: xorg/0.10.1~59 X-Git-Url: http://git.polytechnique.org/?a=commitdiff_plain;h=9db0a440bf858bced7bd14064a9197adca66b2e6;hp=fc8410065bd558265a4f05bcc351b9b6cacd186a;p=platal.git Removes the NO_HTTPS flags on three pages: 1. We never serve a non-https link to those pages. 2. Setting NO_HTTPS removes the default DO_AUTH flag, which means an unauthenticated user will not get the login form. 3. I'm pretty sure the auth cookie is set as secure (at least it should), which means an user on http will never be authenticated. Signed-off-by: Vincent Zanotti --- diff --git a/modules/carnet.php b/modules/carnet.php index 3080c91..5ac29ba 100644 --- a/modules/carnet.php +++ b/modules/carnet.php @@ -29,9 +29,9 @@ class CarnetModule extends PLModule 'carnet/notifs' => $this->make_hook('notifs', AUTH_COOKIE), 'carnet/contacts' => $this->make_hook('contacts', AUTH_COOKIE), - 'carnet/contacts/pdf' => $this->make_hook('pdf', AUTH_COOKIE, 'user', NO_HTTPS), + 'carnet/contacts/pdf' => $this->make_hook('pdf', AUTH_COOKIE), + 'carnet/contacts/vcard' => $this->make_hook('vcard', AUTH_COOKIE), 'carnet/contacts/ical' => $this->make_hook('ical', AUTH_PUBLIC, 'user', NO_HTTPS), - 'carnet/contacts/vcard' => $this->make_hook('vcard', AUTH_COOKIE, 'user', NO_HTTPS), 'carnet/rss' => $this->make_hook('rss', AUTH_PUBLIC, 'user', NO_HTTPS), ); diff --git a/modules/profile.php b/modules/profile.php index af3614e..514ca46 100644 --- a/modules/profile.php +++ b/modules/profile.php @@ -52,7 +52,7 @@ class ProfileModule extends PLModule 'groupes-x' => $this->make_hook('xnet', AUTH_COOKIE), - 'vcard' => $this->make_hook('vcard', AUTH_COOKIE, 'user', NO_HTTPS), + 'vcard' => $this->make_hook('vcard', AUTH_COOKIE), 'admin/binets' => $this->make_hook('admin_binets', AUTH_MDP, 'admin'), 'admin/medals' => $this->make_hook('admin_medals', AUTH_MDP, 'admin'), 'admin/formations' => $this->make_hook('admin_formations', AUTH_MDP, 'admin'),