finn/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Use Req.URL.RequestURI() to cope with FCGI urls (#9473)

Browse source 
* Use Req.URL.RequestURI() to cope with FCGI urls

* Add debug logging statement when forbidden in internal API.
This commit is contained in:
zeripath 2019-12-24 00:11:12 +00:00 committed by GitHub
parent 546523a57c
commit 017f314b5a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 17 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

8
modules/context/auth.go
View file

@ -49,7 +49,7 @@ func Toggle(options *ToggleOptions) macaron.Handler {
if ctx.Req.URL.Path != "/user/settings/change_password" {
ctx.Data["Title"] = ctx.Tr("auth.must_change_password")
ctx.Data["ChangePasscodeLink"] = setting.AppSubURL + "/user/change_password"
ctx.SetCookie("redirect_to", setting.AppSubURL+ctx.Req.RequestURI, 0, setting.AppSubURL)
ctx.SetCookie("redirect_to", setting.AppSubURL+ctx.Req.URL.RequestURI(), 0, setting.AppSubURL)
ctx.Redirect(setting.AppSubURL + "/user/settings/change_password")
return
}
@ -61,7 +61,7 @@ func Toggle(options *ToggleOptions) macaron.Handler {
}
// Redirect to dashboard if user tries to visit any non-login page.
if options.SignOutRequired && ctx.IsSigned && ctx.Req.RequestURI != "/" {
if options.SignOutRequired && ctx.IsSigned && ctx.Req.URL.RequestURI() != "/" {
ctx.Redirect(setting.AppSubURL + "/")
return
}
@ -83,7 +83,7 @@ func Toggle(options *ToggleOptions) macaron.Handler {
return
}
ctx.SetCookie("redirect_to", setting.AppSubURL+ctx.Req.RequestURI, 0, setting.AppSubURL)
ctx.SetCookie("redirect_to", setting.AppSubURL+ctx.Req.URL.RequestURI(), 0, setting.AppSubURL)
ctx.Redirect(setting.AppSubURL + "/user/login")
return
} else if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm {
@ -118,7 +118,7 @@ func Toggle(options *ToggleOptions) macaron.Handler {
// Redirect to log in page if auto-signin info is provided and has not signed in.
if !options.SignOutRequired && !ctx.IsSigned && !auth.IsAPIPath(ctx.Req.URL.Path) &&
len(ctx.GetCookie(setting.CookieUserName)) > 0 {
ctx.SetCookie("redirect_to", setting.AppSubURL+ctx.Req.RequestURI, 0, setting.AppSubURL)
ctx.SetCookie("redirect_to", setting.AppSubURL+ctx.Req.URL.RequestURI(), 0, setting.AppSubURL)
ctx.Redirect(setting.AppSubURL + "/user/login")
return
}

10
modules/context/permission.go
View file

@ -15,7 +15,7 @@ import (
func RequireRepoAdmin() macaron.Handler {
return func(ctx *Context) {
if !ctx.IsSigned || !ctx.Repo.IsAdmin() {
ctx.NotFound(ctx.Req.RequestURI, nil)
ctx.NotFound(ctx.Req.URL.RequestURI(), nil)
return
}
}
@ -25,7 +25,7 @@ func RequireRepoAdmin() macaron.Handler {
func RequireRepoWriter(unitType models.UnitType) macaron.Handler {
return func(ctx *Context) {
if !ctx.Repo.CanWrite(unitType) {
ctx.NotFound(ctx.Req.RequestURI, nil)
ctx.NotFound(ctx.Req.URL.RequestURI(), nil)
return
}
}
@ -39,7 +39,7 @@ func RequireRepoWriterOr(unitTypes ...models.UnitType) macaron.Handler {
return
}
}
ctx.NotFound(ctx.Req.RequestURI, nil)
ctx.NotFound(ctx.Req.URL.RequestURI(), nil)
}
}
@ -63,7 +63,7 @@ func RequireRepoReader(unitType models.UnitType) macaron.Handler {
ctx.Repo.Permission)
}
}
ctx.NotFound(ctx.Req.RequestURI, nil)
ctx.NotFound(ctx.Req.URL.RequestURI(), nil)
return
}
}
@ -96,6 +96,6 @@ func RequireRepoReaderOr(unitTypes ...models.UnitType) macaron.Handler {
args = append(args, ctx.Repo.Repository, ctx.Repo.Permission)
log.Trace(format, args...)
}
ctx.NotFound(ctx.Req.RequestURI, nil)
ctx.NotFound(ctx.Req.URL.RequestURI(), nil)
}
}

2
modules/setting/log.go
View file

@ -204,7 +204,7 @@ func newMacaronLogService() {
func newAccessLogService() {
EnableAccessLog = Cfg.Section("log").Key("ENABLE_ACCESS_LOG").MustBool(false)
AccessLogTemplate = Cfg.Section("log").Key("ACCESS_LOG_TEMPLATE").MustString(
`{{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}"`)
`{{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.URL.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}"`)
Cfg.Section("log").Key("ACCESS").MustString("file")
if EnableAccessLog {
options := newDefaultLogOptions()