Mercurial > hg > soundsoftware-site

changeset 239:7cec015f07ce cannam-pre-20110113-merge

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merge from branch "live"
author Chris Cannam
date Tue, 22 Feb 2011 16:48:15 +0000
parents 61f66ddb0b65 (current diff) 83bf35c4f9d1 (diff)
children 6c282df74a30 73ff0e6a11b1 82caabe96ad4 1d51c9df069b
files
diffstat 1 files changed, 6 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/app/controllers/application_controller.rb	Thu Feb 17 19:48:33 2011 +0000
+++ b/app/controllers/application_controller.rb	Tue Feb 22 16:48:15 2011 +0000
@@ -263,6 +263,12 @@
         uri = URI.parse(back_url)
         # do not redirect user to another host or to the login or register page
         if (uri.relative? || (uri.host == request.host)) && !uri.path.match(%r{/(login|account/register)})
+          # soundsoftware: if login page is https but back_url http,
+          # switch back_url to https to ensure cookie validity (#83)
+          if (uri.scheme == "http") && (URI.parse(request.url).scheme == "https")
+            uri.scheme = "https"
+            back_url = uri.to_s
+          end
           redirect_to(back_url)
           return
         end