d3be4d6354e5e4f2ad2b789eb40e7adaff680bcb kent Sun Mar 8 14:50:15 2015 -0700 Making it deal with situations like under a VPN where the web address is not qualified with . anything, and effectively there is thus no domain to use for the cookies. diff --git src/hg/hgLogin/hgLogin.c src/hg/hgLogin/hgLogin.c index 5f2c0c2..b2c7fd1 100644 --- src/hg/hgLogin/hgLogin.c +++ src/hg/hgLogin/hgLogin.c @@ -1177,52 +1177,67 @@ { char *centralDomain=cloneString(cfgOption(CFG_CENTRAL_DOMAIN)); char *returnURL = getReturnToURL(); char returnToDomain[256]; /* parse the URL */ struct netParsedUrl rtpu; netParseUrl(returnURL, &rtpu); safecpy(returnToDomain, sizeof(returnToDomain), rtpu.host); if (endsWith(returnToDomain,centralDomain)) return centralDomain; else return cloneString(returnToDomain); } +char *getCookieDomainString() +/* Get a string that will look something like " domain=.ucsc.edu;" if getCookieDomainName + * returns something good, otherwise just " " */ +{ +char buf[256]; +char *domain = getCookieDomainName(); +if (domain != NULL && strchr(domain, '.') != NULL) + safef(buf, sizeof(buf), " domain=%s;", domain); +else + safef(buf, sizeof(buf), " "); +freeMem(domain); +return cloneString(buf); +} + void displayLoginSuccess(char *userName, int userID) /* display login success msg, and set cookie */ { hPrintf("<h2>%s</h2>", brwName); hPrintf( "<p align=\"left\">" "</p>" "<span style='color:red;'></span>" "\n"); /* Set cookies */ -char *domainName=getCookieDomainName(); +char *domainString=getCookieDomainString(); + char *userNameCookie=cookieNameForUserName(); char *userIDCookie=cookieNameForUserID(); hPrintf("<script language=\"JavaScript\">" " document.write(\"Login successful, setting cookies now...\");" "</script>\n" "<script language=\"JavaScript\">" - "document.cookie = \"%s=%s; domain=%s; expires=Thu, 30-Dec-2037 23:59:59 GMT; path=/;\";" + "document.cookie = \"%s=%s;%s expires=Thu, 30-Dec-2037 23:59:59 GMT; path=/;\";" "\n" - "document.cookie = \"%s=%d; domain=%s; expires=Thu, 30-Dec-2037 23:59:59 GMT; path=/;\";" + "document.cookie = \"%s=%d;%s expires=Thu, 30-Dec-2037 23:59:59 GMT; path=/;\";" " </script>" - "\n", userNameCookie, userName, domainName, userIDCookie, userID, domainName); + "\n", userNameCookie, userName, domainString, userIDCookie, userID, domainString); cartRemove(cart,"hgLogin_userName"); returnToURL(150); } void displayLogin(struct sqlConnection *conn) /* display and process login info */ { struct sqlResult *sr; char **row; char query[256]; char *userName = cartUsualString(cart, "hgLogin_userName", ""); if (sameString(userName,"")) { freez(&errMsg); errMsg = cloneString("User name cannot be blank."); @@ -1279,38 +1294,38 @@ displayLoginPage(conn); return; } gbMembersFree(&m); } void displayLogoutSuccess() /* display logout success msg, and reset cookie */ { hPrintf("<h2>%s Sign Out</h2>", brwName); hPrintf( "<p align=\"left\">" "</p>" "<span style='color:red;'></span>" "\n"); -char *domainName=getCookieDomainName(); +char *domainString=getCookieDomainString(); char *userNameCookie=cookieNameForUserName(); char *userIDCookie=cookieNameForUserID(); hPrintf("<script language=\"JavaScript\">" - "document.cookie = \"%s=; domain=%s; expires=Thu, 1-Jan-1970 0:0:0 GMT; path=/;\";" + "document.cookie = \"%s=;%s expires=Thu, 1-Jan-1970 0:0:0 GMT; path=/;\";" "\n" - "document.cookie = \"%s=; domain=%s; expires=Thu, 1-Jan-1970 0:0:0 GMT; path=/;\";" - "</script>\n", userNameCookie, domainName, userIDCookie, domainName); + "document.cookie = \"%s=;%s expires=Thu, 1-Jan-1970 0:0:0 GMT; path=/;\";" + "</script>\n", userNameCookie, domainString, userIDCookie, domainString); /* return to "returnto" URL */ returnToURL(150); } void doMiddle(struct cart *theCart) /* Write the middle parts of the HTML page. * This routine sets up some globals and then * dispatches to the appropriate page-maker. */ { struct sqlConnection *conn = hConnectCentral(); cart = theCart; safecpy(brwName,sizeof(brwName), browserName()); safecpy(brwAddr,sizeof(brwAddr), browserAddr()); safecpy(signature,sizeof(signature), mailSignature()); safecpy(returnAddr,sizeof(returnAddr), mailReturnAddr());