summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYorhel <git@yorhel.nl>2010-11-02 18:47:15 +0100
committerYorhel <git@yorhel.nl>2010-11-02 18:48:22 +0100
commitd6cbbc9025ccffae5ec590c692676ac944775eb0 (patch)
tree792c7cb40c02158f278148b0a46ba8ca06ce8a8b
parent5d44709dd98c97cb8ef9a59340990a5ecf8f62db (diff)
Prefix all cookies with a configurable cookie_prefix
This replaces the "cookie_auth" setting, and applies to all cookies in use by VNDB.
-rw-r--r--ChangeLog1
-rw-r--r--data/global.pl2
-rw-r--r--data/script.js3
-rw-r--r--lib/VNDB/Handler/Tags.pm2
-rw-r--r--lib/VNDB/Handler/VNBrowse.pm2
-rw-r--r--lib/VNDB/Util/Auth.pm8
-rwxr-xr-xutil/jsgen.pl1
7 files changed, 11 insertions, 8 deletions
diff --git a/ChangeLog b/ChangeLog
index d4cfa6ec..3774e5b7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -11,6 +11,7 @@
- Added Apple iProduct platform
- Removed XML sitemap
- Added image dimensions to screenshot thumbail <img> tags
+ - Prefix all cookies with a configurable cookie_prefix
- Bugfix: only redirect VN search to VN page if page=1
- Bugfix: remove duplicate votes when merging tags (fixes a 500)
- Bugfix: Multi::Anime: don't crash when anidb returns an invalid or empty year
diff --git a/data/global.pl b/data/global.pl
index 45c8f6b5..4046ce10 100644
--- a/data/global.pl
+++ b/data/global.pl
@@ -19,7 +19,7 @@ our %S = (%S,
url_static => 'http://s.vndb.org',
skin_default => 'angel',
cookie_domain => '.vndb.org',
- cookie_auth => 'vndb_auth',
+ cookie_prefix => 'vndb_',
global_salt => 'any-private-string-here',
source_url => 'http://git.blicky.net/vndb.git/?h=master',
admin_email => 'contact@vndb.org',
diff --git a/data/script.js b/data/script.js
index 12569d25..3e2b479f 100644
--- a/data/script.js
+++ b/data/script.js
@@ -41,10 +41,11 @@ function ajax(url, func) {
function setCookie(n,v) {
var date = new Date();
date.setTime(date.getTime()+(365*24*60*60*1000));
- document.cookie = n+'='+v+'; expires='+date.toGMTString()+'; path=/';
+ document.cookie = cookie_prefix+n+'='+v+'; expires='+date.toGMTString()+'; path=/';
}
function getCookie(n) {
var l = document.cookie.split(';');
+ n = cookie_prefix+n;
for(var i=0; i<l.length; i++) {
var c = l[i];
while(c.charAt(0) == ' ')
diff --git a/lib/VNDB/Handler/Tags.pm b/lib/VNDB/Handler/Tags.pm
index 40183ea4..a8558575 100644
--- a/lib/VNDB/Handler/Tags.pm
+++ b/lib/VNDB/Handler/Tags.pm
@@ -35,7 +35,7 @@ sub tagpage {
{ name => 'm', required => 0, default => -1, enum => [qw|0 1 2|] },
);
return 404 if $f->{_err};
- my $tagspoil = $self->reqCookie('tagspoil');
+ my $tagspoil = $self->reqCookie($self->{cookie_prefix}.'tagspoil');
$f->{m} = $tagspoil =~ /^[0-2]$/ ? $tagspoil : 0 if $f->{m} == -1;
my($list, $np) = $t->{meta} || $t->{state} != 2 ? ([],0) : $self->dbVNGet(
diff --git a/lib/VNDB/Handler/VNBrowse.pm b/lib/VNDB/Handler/VNBrowse.pm
index f4f98194..f3193b57 100644
--- a/lib/VNDB/Handler/VNBrowse.pm
+++ b/lib/VNDB/Handler/VNBrowse.pm
@@ -25,7 +25,7 @@ sub list {
{ name => 'pl', required => 0, multi => 1, enum => $self->{platforms}, default => '' },
{ name => 'ti', required => 0, default => '', maxlength => 200 },
{ name => 'te', required => 0, default => '', maxlength => 200 },
- { name => 'sp', required => 0, default => $self->reqCookie('tagspoil') =~ /^([0-2])$/ ? $1 : 0, enum => [0..2] },
+ { name => 'sp', required => 0, default => $self->reqCookie($self->{cookie_prefix}.'tagspoil') =~ /^([0-2])$/ ? $1 : 0, enum => [0..2] },
);
return 404 if $f->{_err};
$f->{q} ||= $f->{sq};
diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm
index 9dd1d738..45b39249 100644
--- a/lib/VNDB/Util/Auth.pm
+++ b/lib/VNDB/Util/Auth.pm
@@ -20,7 +20,7 @@ sub authInit {
my $self = shift;
$self->{_auth} = undef;
- my $cookie = $self->reqCookie($self->{cookie_auth});
+ my $cookie = $self->reqCookie($self->{cookie_prefix}.'auth');
return 0 if !$cookie;
return _rmcookie($self) if length($cookie) < 41;
my $token = substr($cookie, 0, 40);
@@ -47,7 +47,7 @@ sub authLogin {
my $expstr = strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime(time + 31536000)); # keep the cookie for 1 year
$self->resRedirect($to, 'post');
- $self->resHeader('Set-Cookie', "$self->{cookie_auth}=$cookie; expires=$expstr; path=/; domain=$self->{cookie_domain}");
+ $self->resHeader('Set-Cookie', "$self->{cookie_prefix}auth=$cookie; expires=$expstr; path=/; domain=$self->{cookie_domain}");
return 1;
}
@@ -59,7 +59,7 @@ sub authLogin {
sub authLogout {
my $self = shift;
- my $cookie = $self->reqCookie($self->{cookie_auth});
+ my $cookie = $self->reqCookie($self->{cookie_prefix}.'auth');
if ($cookie && length($cookie) >= 41) {
my $token = substr($cookie, 0, 40);
my $uid = substr($cookie, 40);
@@ -138,7 +138,7 @@ sub authPreparePass{
# removes the vndb_auth cookie
sub _rmcookie {
$_[0]->resHeader('Set-Cookie',
- "$_[0]->{cookie_auth}= ; expires=Sat, 01-Jan-2000 00:00:00 GMT; path=/; domain=$_[0]->{cookie_domain}");
+ "$_[0]->{cookie_prefix}auth= ; expires=Sat, 01-Jan-2000 00:00:00 GMT; path=/; domain=$_[0]->{cookie_domain}");
}
diff --git a/util/jsgen.pl b/util/jsgen.pl
index 1ad8fb53..2235d289 100755
--- a/util/jsgen.pl
+++ b/util/jsgen.pl
@@ -85,6 +85,7 @@ sub jsgen {
my $js = encode_utf8(l10n()) . "\n";
$js .= sprintf "rlst_rstat = [ %s ];\n", join ', ', map qq{"$_"}, @{$S{rlst_rstat}};
$js .= sprintf "rlst_vstat = [ %s ];\n", join ', ', map qq{"$_"}, @{$S{rlst_vstat}};
+ $js .= sprintf "cookie_prefix = '%s';\n", $S{cookie_prefix};
open my $JS, '<', "$ROOT/data/script.js" or die $!;
$js .= join '', <$JS>;
close $JS;