diff options
author | Renato Botelho <garga@FreeBSD.org> | 2015-01-08 11:08:03 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2015-01-08 11:08:03 -0200 |
commit | a980b284f3c2d588e3778542aaea302acf26f490 (patch) | |
tree | fa0a0abd0b5a8f6e4de9adc53d6ad19fdfd1a30a /etc/inc | |
parent | 9156a51d0cb8f7124be3c173ea9bebc057f662b5 (diff) | |
download | pfsense-a980b284f3c2d588e3778542aaea302acf26f490.zip pfsense-a980b284f3c2d588e3778542aaea302acf26f490.tar.gz |
Fix check for cookies, the way it was implemented didn't work because it would need a refresh to check if cookie was set or not. Use javascript to do a simple test
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/authgui.inc | 31 |
1 files changed, 16 insertions, 15 deletions
diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc index 70ccfd4..0999452 100644 --- a/etc/inc/authgui.inc +++ b/etc/inc/authgui.inc @@ -225,16 +225,6 @@ if ($local_ip == false) { } } } -setcookie( - "cookie_test", - 'cookie_test', - time() + 3600, - '/', - NULL, - ($config['system']['webgui']['protocol'] == "https"), - true -); -$have_cookies = isset($_COOKIE["cookie_test"]); ?> @@ -304,13 +294,11 @@ $have_cookies = isset($_COOKIE["cookie_test"]); <?=gettext("Enter username and password to login."); ?> </span> - <?php if (!$have_cookies && isset($_POST['login'])): ?> - <br /><br /> - <span style="text-align:center; font-weight: normal ; font-style: italic; color: #ff0000"> + <span style="text-align:center; font-weight: normal ; font-style: italic; color: #ff0000; display:none" id="no_cookies"> + <br /><br /> <?= gettext("Your browser must support cookies to login."); ?> </span> - <?php endif; ?> - </p> + </p> <p> <span style="text-align:center"> <input type="submit" name="login" class="formbtn" value="<?=gettext("Login"); ?>" tabindex="3" /> @@ -318,6 +306,19 @@ $have_cookies = isset($_COOKIE["cookie_test"]); </p> </form> </div> + <script type="text/javascript"> + //<![CDATA[ + document.cookie= + "cookie_test=1" + + "<?php echo $config['system']['webgui']['protocol'] == 'https' ? '; secure' : '';?>"; + + if (document.cookie.indexOf("cookie_test") == -1) + document.getElementById("no_cookies").style.display=""; + + // Delete it + document.cookie = "cookie_test=1; expires=Thu, 01-Jan-1970 00:00:01 GMT"; + //]]> + </script> </body> </html> <?php |