d1039b8f7028add5bb676f882c003152d50d073a angie Thu Jun 9 11:35:45 2016 -0700 Revert "Fixing bug that allowed faked wiki cookie name to override hgLogin name. refs #17397 note-8, note-9." This reverts commit 70688a29ce74bb1fafd03ef2dda79ef38ea2891b. diff --git src/hg/lib/wikiLink.c src/hg/lib/wikiLink.c index fc7b2b6..d22d2d4 100644 --- src/hg/lib/wikiLink.c +++ src/hg/lib/wikiLink.c @@ -469,34 +469,34 @@ char *wikiHost = cfgOption(CFG_WIKI_HOST); if (isEmpty(wikiHost) || sameString(wikiHost, "HTTPHOST")) wikiHost = hHttpHost(); return cloneString(wikiHost); } char *wikiLinkUserName() /* Return the user name specified in cookies from the browser, or NULL if * the user doesn't appear to be logged in. */ { if (loginSystemEnabled()) { if (! alreadyAuthenticated) errAbort("wikiLinkUserName: loginValidateCookies must be called first."); char *userName = getLoginUserName(); - if (isEmpty(userName) && isNotEmpty(remoteUserName)) - userName = remoteUserName; if (isEmpty(userName) && wikiLinkEnabled()) // TODO: remove in July 2016 userName = findCookieData(wikiLinkUserNameCookie()); // TODO: remove in July 2016 + if (isEmpty(userName) && isNotEmpty(remoteUserName)) + userName = remoteUserName; if (authenticated) return cloneString(userName); } else if (wikiLinkEnabled()) { char *wikiUserName = findCookieData(wikiLinkUserNameCookie()); char *wikiLoggedIn = findCookieData(wikiLinkLoggedInCookie()); if (isNotEmpty(wikiLoggedIn) && isNotEmpty(wikiUserName)) return cloneString(wikiUserName); } else errAbort("wikiLinkUserName called when wiki is not enabled (specified " "in hg.conf)."); return NULL; }