Skip Menu |

This queue is for tickets about the AxKit-XSP-PerForm CPAN distribution.

Report information
The Basics
Id: 3248
Status: new
Priority: 0/
Queue: AxKit-XSP-PerForm

People
Owner: Nobody in particular
Requestors: grover [...] gil.com.au
Cc:
AdminCc:

Bug Information
Severity: Normal
Broken in: 1.83
Fixed in: (no value)



Subject: PerForm with SSL doesn't work with relative redirects
When running PerForm in an SSL site. If the submit callback returns a relative URI, the wrong scheme is sentt to the browser (http instead of https). This is because WebUtils only directs to https if called with the 'secure' param set. PerForm always sets this to undef. My patch uses an optional second return param from the callback to cause PerForm to call WebUtils with the secure param.
--- PerForm.pm 2003-08-11 02:43:56.000000000 +1000 +++ /usr/lib/perl5/site_perl/5.8.0/AxKit/XSP/PerForm.pm 2003-08-14 21:40:25.000000000 +1000 @@ -129,12 +129,13 @@ if (\$cgi->param(\$cancel)) { no strict 'refs'; my \$redirect; + my \$secure; \$redirect = \$_cancel_goto{\$cancel}; if (my \$sub = \$package->can(\$_cancel_index{\$cancel}{oncancel} || '$oncancel' || "cancel_\$_cancel_index{\$cancel}{name}")) { - \$redirect = \$sub->(\$_form_ctxt, \$_cancel_index{\$cancel}{'index'}); + (\$redirect, \$secure) = \$sub->(\$_form_ctxt, \$_cancel_index{\$cancel}{'index'}); } if (\$redirect) { - return AxKit::XSP::WebUtils::redirect(\$redirect,undef,undef,1); + return AxKit::XSP::WebUtils::redirect(\$redirect,undef,\$secure,1); } } } @@ -145,12 +146,13 @@ if (\$cgi->param(\$submit)) { no strict 'refs'; my \$redirect; + my \$secure; \$redirect = \$_submit_goto{\$submit}; if (my \$sub = \$package->can(\$_submit_index{\$submit}{onsubmit} || '$onsubmit' || "submit_\$_submit_index{\$submit}{name}")) { - \$redirect = \$sub->(\$_form_ctxt, \$_submit_index{\$submit}{'index'}); + (\$redirect, \$secure) = \$sub->(\$_form_ctxt, \$_submit_index{\$submit}{'index'}); } if (\$redirect) { - return AxKit::XSP::WebUtils::redirect(\$redirect,undef,undef,1); + return AxKit::XSP::WebUtils::redirect(\$redirect,undef,\$secure,1); } } } @@ -160,11 +162,12 @@ if (\$cgi->param('__submitting_$name') && !\$_form_ctxt->{_Failed}) { no strict 'refs'; my \$redirect; + my \$secure; if (my \$sub = \$package->can('$onsubmit')) { - \$redirect = \$sub->(\$_form_ctxt); + (\$redirect, \$secure) = \$sub->(\$_form_ctxt); } if (\$redirect) { - return AxKit::XSP::WebUtils::redirect(\$redirect, undef, undef, 1); + return AxKit::XSP::WebUtils::redirect(\$redirect, undef, \$secure, 1); } } @@ -1061,6 +1064,10 @@ The return value from submit_<name> is used to redirect the user to the "next" page, whatever that might be. +When using SSL, the return value can optionally be a list where the first +item is the redirect string and the second value specifies whether the +destination should be secure (https). + =back =head2 <f:cancel/> @@ -1085,6 +1092,10 @@ want to redirect to. This can be used to dynamically generate the URI to redirect to. +When using SSL, the return value can optionally be a list where the first +item is the redirect string and the second value specifies whether the +destination should be secure (https). + =back =head2 <f:textfield/>