Monotone-Parent: 9ce00a7f3dabe1a68fa6eb5c0dc5e85403287b76

Monotone-Revision: e3cff884472b4a92410e32c3f8083123af17c801 Monotone-Author: wsourdeau@inverse.ca Monotone-Date: 2009-09-13T15:17:05 Monotone-Branch: ca.inverse.sogo
2009-09-13 15:17:05 +00:00 · 2009-09-13 15:17:05 +00:00 · 11f9a77317
parent 4b54234375
commit 11f9a77317
5 changed files with 27 additions and 5 deletions
--- a/12
+++ b/12
@ -1,3 +1,15 @@
+2009-09-13  Wolfgang Sourdeau  <wsourdeau@inverse.ca>
+
+	* UI/WebServerResources/SOGoRootPage.js (onLoginClick): avoid
+	setting an empty string as value to "document.cookie" since this
+	will actually create a cookie.
+
+	* UI/MainUI/SOGoUserHomePage.m (-logoffAction): fixed a typo in
+	the "cache-control" header.
+
+	* Main/SOGo.m (-sessionIDFromRequest:): overriden method that
+	returns nil to avoid any session cookie to be set by SOPE.
+
 2009-09-11  Cyril Robert <crobert@inverse.ca>

 	* UI/Contacts/UIxContactFoldersView.m (allContactSearchAction): Added 
--- a/Main/SOGo.m
+++ b/Main/SOGo.m
@ -461,6 +461,11 @@ static BOOL debugObjectAllocation = NO;

 /* session management */

+- (NSString *) sessionIDFromRequest: (WORequest *) _rq
+{
+  return nil;
+}
+
 - (id) createSessionForRequest: (WORequest *) _request
 {
  [self warnWithFormat: @"session creation requested!"];
--- a/UI/MainUI/SOGoRootPage.m
+++ b/UI/MainUI/SOGoRootPage.m
@ -89,6 +89,8 @@ static NSArray *supportedLanguages = nil;
      authCookie = [WOCookie cookieWithName: [auth cookieNameInContext: context]
 			     value: cookieValue];
      [authCookie setPath: @"/"];
+      /* enable this when we have code to determine whether request is HTTPS:
+         [authCookie setIsSecure: YES]; */
      [response addCookie: authCookie];

      if (language && [supportedLanguages containsObject: language])
--- a/UI/MainUI/SOGoUserHomePage.m
+++ b/UI/MainUI/SOGoUserHomePage.m
@ -290,7 +290,7 @@ static NSString *LDAPContactInfoAttribute = nil;
    cookieName = [auth cookieNameInContext: context];
  else
    cookieName = nil;
-  if (cookieName)
+  if ([cookieName length])
    {
      cookie = [WOCookie cookieWithName: cookieName value: @"discard"];
      [cookie setPath: @"/"];
@ -299,7 +299,7 @@ static NSString *LDAPContactInfoAttribute = nil;
    }

  [response setHeader: [date rfc822DateString] forKey: @"Last-Modified"];
-  [response setHeader: @"no-store, no-cache, must-revalidate."
+  [response setHeader: @"no-store, no-cache, must-revalidate,"
            @" max-age=0, post-check=0, pre-check=0"
               forKey: @"Cache-Control"];
  [response setHeader: @"no-cache" forKey: @"Pragma"];
--- a/UI/WebServerResources/SOGoRootPage.js
+++ b/UI/WebServerResources/SOGoRootPage.js
@ -3,8 +3,9 @@
 function initLogin() {
 	var date = new Date();
 	date.setTime(date.getTime() - 86400000);
-	document.cookie = ("0xHIGHFLYxSOGo=discard; path=/"
-										 + "; expires=" + date.toGMTString());
+	document.cookie = ("0xHIGHFLYxSOGo=discarded"
+                           + "; expires=" + date.toGMTString()
+		           + "; path=/");

 	var about = $("about");
 	if (about) {
@ -48,7 +49,9 @@ function onLoginClick(event) {
 											"&password=" + encodeURIComponent(password);
 		if (language)
 			parameters += (language.value == "WONoSelectionString")?"":("&language=" + language.value);
-		document.cookie = "";
+        /// Discarded as it seems to create a cookie for nothing. To discard
+        //  a cookie in JS, have a look here: http://www.quirksmode.org/js/cookies.html
+	//	document.cookie = "";
 		triggerAjaxRequest(url, onLoginCallback, null, (parameters),
 											 { "Content-type": "application/x-www-form-urlencoded",
 													 "Content-length": parameters.length,