aboutsummaryrefslogtreecommitdiff
path: root/www
diff options
context:
space:
mode:
authorMatthias Benkard <matthias.benkard@egym.de>2014-08-14 13:54:35 +0200
committerMatthias Andreas Benkard <code@mail.matthias.benkard.de>2015-04-23 21:55:01 +0200
commit39f38b65fd828c1dd29361a7d61d8685834cf229 (patch)
tree28c7eff2e2dce6e4ee7a899f95cd558269032841 /www
parent9e680b80e0c22ce76b6314741e05f1bcb0deb4f9 (diff)
Make reverse-proxyable.
MulkyID used to be unable to run behind a reverse proxy. This is fixed by using the real_domain configuration value for redirects instead of the domain name sent by the client.
Diffstat (limited to 'www')
-rw-r--r--www/common.pl6
-rwxr-xr-xwww/login.pl2
2 files changed, 2 insertions, 6 deletions
diff --git a/www/common.pl b/www/common.pl
index a094442..63b8d0f 100644
--- a/www/common.pl
+++ b/www/common.pl
@@ -35,11 +35,7 @@ sub email_users($) {
sub reluri($$) {
my ($cgi, $x) = @_;
- my $uri = URI->new($cgi->url(-full=>1));
- my @path = $uri->path_segments;
- pop @path;
- push @path, $x;
- $uri->path_segments(@path);
+ my $uri = "https://" . $::MULKONF->{real_domain} . $::MULKONF->{basepath} . "/$x";
return "$uri";
}
diff --git a/www/login.pl b/www/login.pl
index 2be2b77..363f243 100755
--- a/www/login.pl
+++ b/www/login.pl
@@ -74,7 +74,7 @@ while (my $cgi = new CGI::Fast) {
when ('google') {
my $g = Net::Google::FederatedLogin->new(
cgi => $cgi,
- return_to => $cgi->url()
+ return_to => reluri($cgi, "login.pl")
);
$g->verify_auth or die "Could not verify the OpenID assertion!";
my $ext = $g->get_extension('http://openid.net/srv/ax/1.0');