From 972306d8136bda503f6788b8d4b65400b03e571c Mon Sep 17 00:00:00 2001 From: Jaroslav Kysela Date: Tue, 16 Sep 2014 14:44:55 +0200 Subject: [PATCH] HTTP server: use cookie to remember the logout state --- src/http.c | 7 +++++++ src/http.h | 1 + src/webui/webui.c | 13 +++++++++++++ 3 files changed, 21 insertions(+) diff --git a/src/http.c b/src/http.c index 15297e69..f5913174 100644 --- a/src/http.c +++ b/src/http.c @@ -252,6 +252,11 @@ http_send_header(http_connection_t *hc, int rc, const char *content, if(rc == HTTP_STATUS_UNAUTHORIZED) htsbuf_qprintf(&hdrs, "WWW-Authenticate: Basic realm=\"tvheadend\"\r\n"); + if (hc->hc_logout_cookie == 1) { + htsbuf_qprintf(&hdrs, "Set-Cookie: logout=1; Path=\"/logout\"\r\n"); + } else if (hc->hc_logout_cookie == 2) { + htsbuf_qprintf(&hdrs, "Set-Cookie: logout=0; Path=\"/logout'\"; expires=Thu, 01 Jan 1970 00:00:00 GMT\r\n"); + } htsbuf_qprintf(&hdrs, "Connection: %s\r\n", hc->hc_keep_alive ? "Keep-Alive" : "Close"); @@ -918,6 +923,8 @@ http_serve_requests(http_connection_t *hc, htsbuf_queue_t *spill) free(hc->hc_password); hc->hc_password = NULL; + hc->hc_logout_cookie = 0; + } while(hc->hc_keep_alive && http_server); error: diff --git a/src/http.h b/src/http.h index 7a4baf61..544db669 100644 --- a/src/http.h +++ b/src/http.h @@ -137,6 +137,7 @@ typedef struct http_connection { struct config_head *hc_user_config; int hc_no_output; + int hc_logout_cookie; /* Support for HTTP POST */ diff --git a/src/webui/webui.c b/src/webui/webui.c index 2d631ea7..04b213f0 100644 --- a/src/webui/webui.c +++ b/src/webui/webui.c @@ -182,9 +182,22 @@ page_logout(http_connection_t *hc, const char *remain, void *opaque) if (hc->hc_access == NULL || hc->hc_access->aa_username == NULL || hc->hc_access->aa_username == '\0') { +redirect: http_redirect(hc, "/", &hc->hc_req_args); return 0; } else { + const char *s = http_arg_get(&hc->hc_args, "Cookie"); + if (s) { + while (*s && *s != ';') + s++; + if (*s) s++; + while (*s && *s <= ' ') s++; + if (!strncmp(s, "logout=1", 8)) { + hc->hc_logout_cookie = 2; + goto redirect; + } + hc->hc_logout_cookie = 1; + } return HTTP_STATUS_UNAUTHORIZED; } }