use base qw/Class::Accessor::Fast/;
use NEXT;
-our $VERSION = '0.03';
+our $VERSION = '0.06';
-__PACKAGE__->mk_accessors('_require_ssl');
+__PACKAGE__->mk_accessors( qw/_require_ssl _ssl_strip_output/ );
sub require_ssl {
my $c = shift;
$c->log->warn( "RequireSSL: Would have redirected to $redir" );
}
else {
+ $c->_ssl_strip_output(1);
$c->res->redirect( $redir );
}
}
$c->res->redirect( $c->_redirect_uri('http') );
}
+ # do not allow any output to be displayed on the insecure page
+ if ( $c->_ssl_strip_output ) {
+ $c->res->body( '' );
+ }
+
return $c->NEXT::finalize(@_);
}
# support SSL
# XXX: I didn't include Catalyst::Engine::Server here as it may be used as
# a backend in a proxy setup.
- if ( $c->engine eq "Catalyst::Engine::HTTP" ) {
+ if ( $c->engine =~ /Catalyst::Engine::HTTP/ ) {
$c->config->{require_ssl}->{disabled} = 1;
$c->log->warn( "RequireSSL: Disabling SSL redirection while running "
. "under " . $c->engine );
my $redir
= $type . '://' . $c->config->{require_ssl}->{$type} . $c->req->path;
-
+
if ( scalar $c->req->param ) {
- my @params
- = map { "$_=" . $c->req->params->{$_} } sort $c->req->param;
- $redir .= "?" . join "&", @params;
- }
+ my @params;
+ foreach my $arg ( sort keys %{ $c->req->params } ) {
+ if ( ref $c->req->params->{$arg} ) {
+ my $list = $c->req->params->{$arg};
+ push @params, map { "$arg=" . $_ } sort @{$list};
+ }
+ else {
+ push @params, "$arg=" . $c->req->params->{$arg};
+ }
+ }
+ $redir .= '?' . join( '&', @params );
+ }
return $redir;
}