X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FPlugin%2FRequireSSL.pm;h=f5457dbb39c0b28667423ad5047f7795949e5a19;hb=4585dfb15d7d9d2983f365d04c5b3423334184d7;hp=a03aad512554ae9748bec1b8c89d30fd692163b6;hpb=eeefd5982dc7052c1e714cc00160b77cfe17d56e;p=catagits%2FCatalyst-Plugin-RequireSSL.git diff --git a/lib/Catalyst/Plugin/RequireSSL.pm b/lib/Catalyst/Plugin/RequireSSL.pm index a03aad5..f5457db 100644 --- a/lib/Catalyst/Plugin/RequireSSL.pm +++ b/lib/Catalyst/Plugin/RequireSSL.pm @@ -4,9 +4,9 @@ use strict; use base qw/Class::Accessor::Fast/; use NEXT; -our $VERSION = '0.03'; +our $VERSION = '0.04'; -__PACKAGE__->mk_accessors('_require_ssl'); +__PACKAGE__->mk_accessors( qw/_require_ssl _ssl_strip_output/ ); sub require_ssl { my $c = shift; @@ -19,6 +19,7 @@ sub require_ssl { $c->log->warn( "RequireSSL: Would have redirected to $redir" ); } else { + $c->_ssl_strip_output(1); $c->res->redirect( $redir ); } } @@ -48,6 +49,11 @@ sub finalize { $c->res->redirect( $c->_redirect_uri('http') ); } + # do not allow any output to be displayed on the insecure page + if ( $c->_ssl_strip_output ) { + $c->res->body( undef ); + } + return $c->NEXT::finalize(@_); } @@ -84,12 +90,20 @@ sub _redirect_uri { my $redir = $type . '://' . $c->config->{require_ssl}->{$type} . $c->req->path; - + if ( scalar $c->req->param ) { - my @params - = map { "$_=" . $c->req->params->{$_} } sort $c->req->param; - $redir .= "?" . join "&", @params; - } + my @params; + foreach my $arg ( sort keys %{ $c->req->params } ) { + if ( ref $c->req->params->{$arg} ) { + my $list = $c->req->params->{$arg}; + push @params, map { "$arg=" . $_ } sort @{$list}; + } + else { + push @params, "$arg=" . $c->req->params->{$arg}; + } + } + $redir .= '?' . join( '&', @params ); + } return $redir; }