[login] don't redirect to http url if we allow anonymous on https

Closes #2583913

authorJulien Cristau <julien.cristau@logilab.fr>
changesete362054d9701
branchdefault
phasepublic
hiddenno
parent revision#5b3e17a63fad Correct typo in example
child revision#28cbd267e96b [sources] fix classes that inherit from AbstractSource (closes #2718669)
files modified by this revision
web/views/basetemplates.py
# HG changeset patch
# User Julien Cristau <julien.cristau@logilab.fr>
# Date 1359019729 -3600
# Thu Jan 24 10:28:49 2013 +0100
# Node ID e362054d9701587fced7a99b30a86647c4b09c55
# Parent 5b3e17a63fad9cb67b2fba2b81855731eb00b954
[login] don't redirect to http url if we allow anonymous on https

Closes #2583913

diff --git a/web/views/basetemplates.py b/web/views/basetemplates.py
@@ -496,11 +496,11 @@
1              w(u'<div class="loginMessage">%s</div>\n' % self._cw.message)
2          config = self._cw.vreg.config
3          if config['auth-mode'] != 'http':
4              self.login_form(id) # Cookie authentication
5          w(u'</div>')
6 -        if self._cw.https and config.anonymous_user()[0]:
7 +        if self._cw.https and config.anonymous_user()[0] and config['https-deny-anonymous']:
8              path = xml_escape(config['base-url'] + self._cw.relative_path())
9              w(u'<div class="loginMessage"><a href="%s">%s</a></div>\n'
10                % (path, self._cw._('No account? Try public access at %s') % path))
11          w(u'</div>\n')
12