105193d3bc75ad4c8c5570cbd66286300c322bd3 angie Mon Jul 25 16:36:11 2016 -0700 Always use https for hgLogin, even if returning to hgSession with http. refs #17778 diff --git src/hg/lib/wikiLink.c src/hg/lib/wikiLink.c index 0f163b9..dce10b3 100644 --- src/hg/lib/wikiLink.c +++ src/hg/lib/wikiLink.c @@ -90,32 +90,32 @@ return cgiEncode(retBuf); } char *wikiLinkUserLoginUrlReturning(char *hgsid, char *returnUrl) /* Return the URL for the wiki user login page. */ { char buf[2048]; if (loginSystemEnabled()) { if (! wikiLinkEnabled()) errAbort("wikiLinkUserLoginUrl called when login system is not enabled " "(specified in hg.conf)."); safef(buf, sizeof(buf), - "http%s://%s/cgi-bin/hgLogin?hgLogin.do.displayLoginPage=1&returnto=%s", - cgiAppendSForHttps(), wikiLinkHost(), returnUrl); + "https://%s/cgi-bin/hgLogin?hgLogin.do.displayLoginPage=1&returnto=%s", + wikiLinkHost(), returnUrl); } else { if (! wikiLinkEnabled()) errAbort("wikiLinkUserLoginUrl called when wiki is not enabled (specified " "in hg.conf)."); safef(buf, sizeof(buf), "http://%s/index.php?title=Special:UserloginUCSC&returnto=%s", wikiLinkHost(), returnUrl); } return(cloneString(buf)); } char *wikiLinkUserLoginUrl(char *hgsid) /* Return the URL for the wiki user login page with return going to hgSessions. */ @@ -124,32 +124,32 @@ char *result = wikiLinkUserLoginUrlReturning(hgsid, retUrl); freez(&retUrl); return result; } char *wikiLinkUserLogoutUrlReturning(char *hgsid, char *returnUrl) /* Return the URL for the wiki user logout page. */ { char buf[2048]; if (loginSystemEnabled()) { if (! wikiLinkEnabled()) errAbort("wikiLinkUserLogoutUrl called when login system is not enabled " "(specified in hg.conf)."); safef(buf, sizeof(buf), - "http%s://%s/cgi-bin/hgLogin?hgLogin.do.displayLogout=1&returnto=%s", - cgiAppendSForHttps(), wikiLinkHost(), returnUrl); + "https://%s/cgi-bin/hgLogin?hgLogin.do.displayLogout=1&returnto=%s", + wikiLinkHost(), returnUrl); } else { if (! wikiLinkEnabled()) errAbort("wikiLinkUserLogoutUrl called when wiki is not enable (specified " "in hg.conf)."); safef(buf, sizeof(buf), "http://%s/index.php?title=Special:UserlogoutUCSC&returnto=%s", wikiLinkHost(), returnUrl); } return(cloneString(buf)); } char *wikiLinkUserLogoutUrl(char *hgsid) /* Return the URL for the wiki user logout page that returns to hgSessions. */ @@ -160,59 +160,59 @@ return result; } char *wikiLinkUserSignupUrl(char *hgsid) /* Return the URL for the user signup page. */ { char buf[2048]; char *retEnc = encodedHgSessionReturnUrl(hgsid); if (loginSystemEnabled()) { if (! wikiLinkEnabled()) errAbort("wikiLinkUserSignupUrl called when login system is not enabled " "(specified in hg.conf)."); safef(buf, sizeof(buf), - "http%s://%s/cgi-bin/hgLogin?hgLogin.do.signupPage=1&returnto=%s", - cgiAppendSForHttps(), wikiLinkHost(), retEnc); + "https://%s/cgi-bin/hgLogin?hgLogin.do.signupPage=1&returnto=%s", + wikiLinkHost(), retEnc); } else { if (! wikiLinkEnabled()) errAbort("wikiLinkUserLogoutUrl called when wiki is not enable (specified " "in hg.conf)."); safef(buf, sizeof(buf), "http://%s/index.php?title=Special:UserlogoutUCSC&returnto=%s", wikiLinkHost(), retEnc); } freez(&retEnc); return(cloneString(buf)); } char *wikiLinkChangePasswordUrl(char *hgsid) /* Return the URL for the user change password page. */ { char buf[2048]; char *retEnc = encodedHgSessionReturnUrl(hgsid); if (loginSystemEnabled()) { if (! wikiLinkEnabled()) errAbort("wikiLinkChangePasswordUrl called when login system is not enabled " "(specified in hg.conf)."); safef(buf, sizeof(buf), - "http%s://%s/cgi-bin/hgLogin?hgLogin.do.changePasswordPage=1&returnto=%s", - cgiAppendSForHttps(), wikiLinkHost(), retEnc); + "https://%s/cgi-bin/hgLogin?hgLogin.do.changePasswordPage=1&returnto=%s", + wikiLinkHost(), retEnc); } else { if (! wikiLinkEnabled()) errAbort("wikiLinkUserLogoutUrl called when wiki is not enable (specified " "in hg.conf)."); safef(buf, sizeof(buf), "http://%s/index.php?title=Special:UserlogoutUCSC&returnto=%s", wikiLinkHost(), retEnc); } freez(&retEnc); return(cloneString(buf)); }