Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge branch 'Release02x01'
  • Loading branch information
gac410 committed Jan 23, 2017
2 parents 5a6b766 + 01a2586 commit b5be818
Show file tree
Hide file tree
Showing 9 changed files with 55 additions and 18 deletions.
5 changes: 5 additions & 0 deletions JQueryPlugin/lib/Foswiki/Plugins/JQueryPlugin/FOSWIKI.pm
Expand Up @@ -93,6 +93,11 @@ sub init {
if ( defined $Foswiki::cfg{ScriptUrlPaths} ) {
%{ $prefs{"SCRIPTURLPATHS"} } = %{ $Foswiki::cfg{ScriptUrlPaths} };
}

# add {Sessions}{CookieRealm}
if ( defined $Foswiki::cfg{Sessions}{CookieRealm} ) {
$prefs{"COOKIEREALM"} = $Foswiki::cfg{Sessions}{CookieRealm};
}
$prefs{"URLHOST"} = Foswiki::Func::getUrlHost();

my $text =
Expand Down
4 changes: 3 additions & 1 deletion PatternSkin/pub/System/JavascriptFiles/foswikiPref_src.js
Expand Up @@ -260,12 +260,14 @@ foswiki.Pref = {
var cookieString = (inValues != null)
? inValues.join(foswiki.Pref.COOKIE_PREF_SEPARATOR) : '';
var expiryDate = new Date ();
var cookieDomain = foswiki.getPreference('COOKIEREALM');
var cookieSecure = foswiki.getPreference('URLHOST').startsWith("https://");
// Correct for Mac date bug - call only once for given Date object!
foswiki.Pref._fixCookieDate (expiryDate);
expiryDate.setTime (expiryDate.getTime()
+ foswiki.Pref.COOKIE_EXPIRY_TIME);
foswiki.Pref.setCookie(foswiki.Pref.FOSWIKI_PREF_COOKIE_NAME,
cookieString, expiryDate, '/');
cookieString, expiryDate, '/', cookieDomain, cookieSecure);
},

/**
Expand Down
3 changes: 3 additions & 0 deletions UnitTestContrib/test/unit/RequestTests.pm
Expand Up @@ -12,6 +12,7 @@ sub set_up {
my $this = shift;
$this->SUPER::set_up(@_);
$Foswiki::cfg{ScriptUrlPath} = '/fatwilly/bin';
$Foswiki::cfg{Sessions}{CookieRealm} = 'weebles.wobble';
delete $Foswiki::cfg{ScriptUrlPaths};
}

Expand Down Expand Up @@ -591,11 +592,13 @@ sub test_cookies {
);
$result[1] = new CGI::Cookie(
-name => 'c3',
-domain => 'weebles.wobble',
-value => 'value3',
-path => '/test',
-expires => '1234',
-secure => 1
);

$this->assert_deep_equals( $result[0], $result[1],
'Wrong returned cookie' );
}
Expand Down
15 changes: 8 additions & 7 deletions UpdatesPlugin/data/System/UpdatesPlugin.txt
@@ -1,4 +1,4 @@
%META:TOPICINFO{author="ProjectContributor" comment="" date="1437761267" format="1.1" version="1"}%
%META:TOPICINFO{author="ProjectContributor" comment="" date="1485184197" format="1.1" version="1"}%
---+!! %TOPIC%
<img class="foswikiRight" src="%ATTACHURL%/logo.png">
%$SHORTDESCRIPTION%
Expand Down Expand Up @@ -66,6 +66,7 @@ to prevent disclosing them to the outside world.
This plugin was initially developed during a collaborative design and coding session at the 2011 Foswiki Camp.

| Change History: | <!-- versions below in reverse order -->&nbsp; |
| 1.02 (23 Jan 2017) | Foswikitask:Item14281: Cookie related changes. Inconsistent use of the domain and secure flags. |
| 1.01 (24 Jul 2015) | Foswikitask:Item13555: Compare VERSION not RELEASE strings.<br/>\
Foswikitask:Item13524: Plugin reports "0 extensions need update - too noisy |
| Dependencies: | %$DEPENDENCIES% |
Expand All @@ -76,12 +77,12 @@ This plugin was initially developed during a collaborative design and coding ses
%META:FIELD{name="Version" title="Version" value="%25$VERSION%25"}%
%META:FIELD{name="Release" title="Release" value="%25$RELEASE%25"}%
%META:FIELD{name="Repository" title="Repository" value="https://github.com/foswiki/distro"}%
%META:FIELD{name="Copyright" title="Copyright" value="&copy; Foswiki Contributors 2011-2014"}%
%META:FIELD{name="Copyright" title="Copyright" value="&copy; Foswiki Contributors 2011-2017"}%
%META:FIELD{name="License" title="License" value="[[http://www.gnu.org/licenses/gpl.html][GPL (Gnu General Public License)]]"}%
%META:FIELD{name="Home" title="Home" value="http://foswiki.org/Extensions/%25$ROOTMODULE%25"}%
%META:FIELD{name="Support" title="Support" value="Foswiki:Support/%25$ROOTMODULE%25"}%
%META:FILEATTACHMENT{name="logo.png" attr="h" comment="" date="1437761267" size="53676" user="ProjectContributor" version="1"}%
%META:FILEATTACHMENT{name="jquery.updates.js" attr="h" comment="" date="1437761267" size="2322" user="ProjectContributor" version="1"}%
%META:FILEATTACHMENT{name="jquery.updates.js.gz" attr="h" comment="" date="1437761267" size="786" user="ProjectContributor" version="1"}%
%META:FILEATTACHMENT{name="jquery.updates.uncompressed.js" attr="h" comment="" date="1437761267" size="4313" user="ProjectContributor" version="1"}%
%META:FILEATTACHMENT{name="Makefile" attr="h" comment="" date="1437761267" size="127" user="ProjectContributor" version="1"}%
%META:FILEATTACHMENT{name="logo.png" attr="h" comment="" date="1485184197" size="53676" user="ProjectContributor" version="1"}%
%META:FILEATTACHMENT{name="jquery.updates.js" attr="h" comment="" date="1485184197" size="2322" user="ProjectContributor" version="1"}%
%META:FILEATTACHMENT{name="jquery.updates.js.gz" attr="h" comment="" date="1485184197" size="786" user="ProjectContributor" version="1"}%
%META:FILEATTACHMENT{name="jquery.updates.uncompressed.js" attr="h" comment="" date="1485184197" size="4313" user="ProjectContributor" version="1"}%
%META:FILEATTACHMENT{name="Makefile" attr="h" comment="" date="1485184197" size="127" user="ProjectContributor" version="1"}%
6 changes: 3 additions & 3 deletions UpdatesPlugin/lib/Foswiki/Plugins/UpdatesPlugin.pm
@@ -1,6 +1,6 @@
# Plugin for Foswiki - The Free and Open Source Wiki, http://foswiki.org/
#
# UpdatesPlugin is Copyright (C) 2011-2015 Foswiki Contributors
# UpdatesPlugin is Copyright (C) 2011-2017 Foswiki Contributors
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
Expand All @@ -20,8 +20,8 @@ use warnings;

use Foswiki::Func ();

our $VERSION = '1.01';
our $RELEASE = '1.01';
our $VERSION = '1.02';
our $RELEASE = '23 Jan 2017';
our $SHORTDESCRIPTION = 'Checks Foswiki.org for updates';
our $NO_PREFS_IN_TOPIC = 1;
our $core;
Expand Down
Expand Up @@ -16,7 +16,10 @@
delay: 1000, // number of seconds to delay contacting f.o.
timeout: 5000, // number of seconds a jsonp call is considered failure
cookieName: "FOSWIKI_UPDATESPLUGIN", // name of the cookie
cookieExpires: 7 // number of days the cookie takes to expire
cookieExpires: 7, // number of days the cookie takes to expire
cookieSecure: '0', // If secure cookies are needed (https)
cookieDomain: '' // Override domain if requested.

}, foswikiUpdates; // singleton

// class constructor
Expand Down Expand Up @@ -47,6 +50,9 @@
self.options.endpointUrl = foswiki.getScriptUrl("rest", "UpdatesPlugin", "check");
}

self.options.cookieDomain = foswiki.getPreference('COOKIEREALM'); // Allow domain override
self.options.cookieSecure = foswiki.getPreference('URLHOST').startsWith('https://');

// events
$(document).bind("refresh.foswikiUpdates", function() {
//console.log("BIND refresh.foswikiUpdates calling loadPluginInfo.");
Expand All @@ -55,7 +61,12 @@

$(document).bind("forceRefresh.foswikiUpdates", function() {
//console.log("BIND forceRefresh.foswikiUpdates calling loadPluginInfo.");
$.cookie(self.options.cookieName, null, {expires: -1, path:'/'});
$.cookie(self.options.cookieName, null, {
expires: -1,
path:'/',
domain:self.options.cookieDomain,
secure:self.options.cookieSecure
});
self.loadPluginInfo(1);
});

Expand All @@ -69,7 +80,9 @@
//console.log("BIND click entered ");
$.cookie(self.options.cookieName, 0, {
expires: self.options.cookieExpires,
path: "/"
path: "/",
domain:self.options.cookieDomain,
secure:self.options.cookieSecure
});
$(".foswikiUpdatesMessage").fadeOut();
return false;
Expand Down Expand Up @@ -100,7 +113,9 @@
// zero explicitly can either mean: everything up-to-date or ignore pending updates
$.cookie(self.options.cookieName, self.numberOutdatedPlugins, {
expires: self.options.cookieExpires,
path: "/"
path: "/",
domain:self.options.cookieDomain,
secure:self.options.cookieSecure
});

//console.log("Forced: " + forced);
Expand All @@ -113,7 +128,9 @@
// remember the error state
$.cookie(self.options.cookieName, -1, {
expires: self.options.cookieExpires,
path: "/"
path: "/",
domain:self.options.cookieDomain,
secure:self.options.cookieSecure
});
}
});
Expand Down
8 changes: 7 additions & 1 deletion core/data/System/ReleaseNotes02x01.txt
@@ -1,4 +1,4 @@
%META:TOPICINFO{author="ProjectContributor" date="1482554511" format="1.1" version="1"}%
%META:TOPICINFO{author="ProjectContributor" date="1485184197" format="1.1" version="1"}%
%META:TOPICPARENT{name="ReleaseHistory"}%
---+!! Foswiki Release 2.1.3

Expand Down Expand Up @@ -103,6 +103,12 @@ would need to be changed to

See [[%BUGS%/Item14256][Item14256]] for more details.

---+++ Cookie changes

The optional configuration parameter ={Sessions}{CookieRealm}= now applies to all cookies generated by the Foswiki core. In addition, if your site is accessed
over HTTPS, all cooikes will now have the "Secure" flag set. In prior releases, only the Foswiki session cookie was covered. After upgrade to 2.1.3, users may
lose saved preferences if the cookie domain changes.

---+++ User Registration

The stored format of pending registrations has been changed to perl "Storable" in order to better support Unicode user names and other registration fields.
Expand Down
3 changes: 2 additions & 1 deletion core/lib/Foswiki/Request.pm
Expand Up @@ -533,7 +533,8 @@ sub cookie {
-value => $value,
-path => $path || '/',
-secure => $secure || $this->secure,
-expires => $expires || abs( $Foswiki::cfg{Sessions}{ExpireAfter} )
-expires => $expires || abs( $Foswiki::cfg{Sessions}{ExpireAfter} ),
-domain => $Foswiki::cfg{Sessions}{CookieRealm} || '',
);
}

Expand Down
2 changes: 2 additions & 0 deletions core/lib/Foswiki/Validation.pm
Expand Up @@ -203,6 +203,8 @@ sub getCookie {
-value => $secret,
-path => '/',
-httponly => 0, # we *want* JS to be able to read it!
-domain => $Foswiki::cfg{Sessions}{CookieRealm} || '',
-secure => $Foswiki::Plugins::SESSION->{request}->secure,
);

return $cookie;
Expand Down

0 comments on commit b5be818

Please sign in to comment.