![[staff profile]](https://www.dreamwidth.org/img/silk/identity/user_staff.png){kind=small}
![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dw-free] Disabled referer headers make login/logout redirect to blank page
[commit: http://hg.dwscoalition.org/dw-free/rev/92893d18c71b]
http://bugs.dwscoalition.org/show_bug.cgi?id=1899
Redirect to the homepage if we have a blank referer.
Patch by![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
wyntarvox.
Files modified:
http://bugs.dwscoalition.org/show_bug.cgi?id=1899
Redirect to the homepage if we have a blank referer.
Patch by
wyntarvox.Files modified:
- htdocs/login.bml
- htdocs/logout.bml
--------------------------------------------------------------------------------
diff -r 0073e01d76e8 -r 92893d18c71b htdocs/login.bml
--- a/htdocs/login.bml Wed Oct 21 19:07:36 2009 +0000
+++ b/htdocs/login.bml Wed Oct 21 19:11:20 2009 +0000
@@ -360,10 +360,8 @@
return BML::redirect("$POST{'ref'}");
} elsif ( $GET{'ret'} == 1 && LJ::check_referer() ) {
my $uniq = BML::get_request()->notes->{uniq};
- if ($uniq) {
- LJ::MemCache::set("loginout:$uniq", 1, time() + 15);
- }
- return BML::redirect("$referer");
+ LJ::MemCache::set( "loginout:$uniq", 1, time() + 15 ) if $uniq;
+ return BML::redirect( $referer || "$LJ::SITEROOT/" );
}
LJ::set_remote($u);
diff -r 0073e01d76e8 -r 92893d18c71b htdocs/logout.bml
--- a/htdocs/logout.bml Wed Oct 21 19:07:36 2009 +0000
+++ b/htdocs/logout.bml Wed Oct 21 19:11:20 2009 +0000
@@ -51,7 +51,8 @@
if ( $GET{'ret'} == 1 && LJ::check_referer() ) {
my $uniq = DW::Request->get->note('uniq');
LJ::MemCache::set( "loginout:$uniq", 1, time() + 15 ) if $uniq;
- return BML::redirect( BML::get_client_header('Referer') );
+ my $referer = BML::get_client_header( 'Referer' );
+ return BML::redirect( $referer || "$LJ::SITEROOT/" );
}
# Redirect to offsite uri if allowed.
--------------------------------------------------------------------------------