vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-06 20:46:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix ntopng login redirection

Browse source
This commit is contained in:
emanuele-f 2018-05-08 14:01:37 +02:00
parent 3b792b9d55
commit 2ce6ac2fc1
2 changed files with 29 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

40
src/HTTPserver.cpp
View file

@ -432,18 +432,24 @@ static void redirect_to_login(struct mg_connection *conn,
mg_get_cookie(conn, "session", session_id, sizeof(session_id));
ntop->getTrace()->traceEvent(TRACE_INFO, "[HTTP] %s(%s)", __FUNCTION__, session_id);
mg_printf(conn,
if(referer)
mg_printf(conn,
"HTTP/1.1 302 Found\r\n"
"Set-Cookie: session=%s; path=/; expires=Thu, 01-Jan-1970 00:00:01 GMT; max-age=0;%s\r\n" // Session ID
"Location: %s%s?referer=%s\r\n\r\n",
session_id,
get_secure_cookie_attributes(request_info),
ntop->getPrefs()->get_http_prefix(),
Utils::getURL((char*)LOGIN_URL, buf, sizeof(buf)), referer);
else
mg_printf(conn,
"HTTP/1.1 302 Found\r\n"
"Set-Cookie: session=%s; path=/; expires=Thu, 01-Jan-1970 00:00:01 GMT; max-age=0;%s\r\n" // Session ID
"Location: %s%s?referer=%s%s%s%s\r\n\r\n", /* FIX */
"Location: %s%s\r\n\r\n",
session_id,
get_secure_cookie_attributes(request_info),
ntop->getPrefs()->get_http_prefix(),
Utils::getURL((char*)LOGIN_URL, buf, sizeof(buf)),
mg_get_header(conn, "Host") ? mg_get_header(conn, "Host") : (char*)"",
conn->request_info.uri,
conn->request_info.query_string ? "%3F" /* ? */: "",
conn->request_info.query_string ? conn->request_info.query_string : "");
Utils::getURL((char*)LOGIN_URL, buf, sizeof(buf)));
}
}
@ -538,8 +544,10 @@ static void authorize(struct mg_connection *conn,
redirect_to_login(conn, request_info, (referer[0] == '\0') ? NULL : referer);
} else {
/* Referer url must begin with '/' */
if((referer[0] != '/') || (strcmp(referer, AUTHORIZE_URL) == 0))
strcpy(referer, "/");
if((referer[0] != '/') || (strcmp(referer, AUTHORIZE_URL) == 0)) {
char *r = strchr(referer, '/');
strcpy(referer, r ? r : "/");
}
set_cookie(conn, user, referer);
}
@ -682,9 +690,17 @@ static int handle_lua_request(struct mg_connection *conn) {
else if(strcmp(request_info->uri, NETWORK_LOAD_URL) == 0) {
// avoid sending login redirect to allow js itself to redirect the user
return(send_error(conn, 403 /* Forbidden */, request_info->uri, "Login Required"));
} else
redirect_to_login(conn, request_info, mg_get_header(conn, "Host") ?
mg_get_header(conn, "Host"): (char*)"");
} else {
char referer[255];
snprintf(referer, sizeof(referer), "%s%s%s%s",
mg_get_header(conn, "Host") ? mg_get_header(conn, "Host") : (char*)"",
conn->request_info.uri,
conn->request_info.query_string ? "%3F" /* ? */: "",
conn->request_info.query_string ? conn->request_info.query_string : "");
redirect_to_login(conn, request_info, referer);
}
return(1);
} else if ((strcmp(request_info->uri, CHANGE_PASSWORD_ULR) != 0)