diff options
author | Jan Pazdziora <jpazdziora@redhat.com> | 2014-01-17 14:41:19 +0800 |
---|---|---|
committer | Jan Pazdziora <jpazdziora@redhat.com> | 2016-01-20 09:03:10 +0100 |
commit | 5a869128a4371445471bcd86392680c096240d2c (patch) | |
tree | 56a8d2f7eaa16478070880e0ccb5d22b3e145b01 /app.cgi | |
parent | cdaaa88a4c9b516080555aa8b9f9df65ad0b5b90 (diff) | |
download | CGI-sessions-5a869128a4371445471bcd86392680c096240d2c.tar.gz CGI-sessions-5a869128a4371445471bcd86392680c096240d2c.tar.xz CGI-sessions-5a869128a4371445471bcd86392680c096240d2c.zip |
Process incoming HTTP headers in application on backend.proxy-setup
Caution: make sure the application is only accessible via a proxy
which will properly clear and set these headers, so that the end user
cannot gain extra privileges.
Diffstat (limited to 'app.cgi')
-rwxr-xr-x | app.cgi | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -22,6 +22,14 @@ my $LOGIN = '/login'; my $LOGOUT = '/logout'; my $AUTH_COOKIE = 'the-test-cookie'; +if (defined $ENV{FRONTEND_SCRIPT_NAME}) { + $ENV{SCRIPT_NAME} = $ENV{FRONTEND_SCRIPT_NAME}; + + for my $x (map { /^HTTP_(REMOTE_USER.*)/ ? ($1) : () } keys %ENV) { + $ENV{$x} = $ENV{"HTTP_$x"}; + } +} + my $q = new CGI; my $cookie = $q->cookie($AUTH_COOKIE); my ($user, $name); |